Identity-based cryptosystems and signature schemes
Proceedings of CRYPTO 84 on Advances in cryptology
Customer-managed end-to-end lightpath provisioning
International Journal of Network Management
G-lambda: coordination of a grid scheduler and lambda path service over GMPLS
Future Generation Computer Systems - IGrid 2005: The global lambda integrated facility
Seamless live migration of virtual machines over the MAN/WAN
Future Generation Computer Systems - IGrid 2005: The global lambda integrated facility
Token based networking: experiment NL-101
Future Generation Computer Systems - IGrid 2005: The global lambda integrated facility
Using SAML and XACML for Complex Resource Provisioning in Grid Based Applications
POLICY '07 Proceedings of the Eighth IEEE International Workshop on Policies for Distributed Systems and Networks
Elastic reservations for efficient bandwidth utilization in LambdaGrids
Future Generation Computer Systems - Special section: Data mining in grid computing environments
Authorisation infrastructure for on-demand network resource provisioning
GRID '08 Proceedings of the 2008 9th IEEE/ACM International Conference on Grid Computing
Integration of grid cost model into ISS/VIOLA meta-scheduler environment
Euro-Par'06 Proceedings of the CoreGRID 2006, UNICORE Summit 2006, Petascale Computational Biology and Bioinformatics conference on Parallel processing
The token based switch: per-packet access authorisation to optical shortcuts
NETWORKING'07 Proceedings of the 6th international IFIP-TC6 conference on Ad Hoc and sensor networks, wireless networks, next generation internet
DRAGON: a framework for service provisioning in heterogeneous grid networks
IEEE Communications Magazine
Editorial: Special section: OptIPlanet - The OptIPuter global collaboratory
Future Generation Computer Systems
A Token-Based Mutual Exclusion Approach to Improve Collaboration in Distributed Environments
ICCCI '09 Proceedings of the 1st International Conference on Computational Collective Intelligence. Semantic Web, Social Networks and Multiagent Systems
| Hi-index | 0.00 |
This paper highlights the concepts and results of our research, leading to demonstrations during the period 2005-2007 to develop a flexible and simple access control model, and corresponding support tools to provision multi-domain optical network resources on demand. We introduce the general network resources provisioning model that extends the Generic AAA Authorisation sequences for multi-domain scenarios, and explain how token based access control and policy enforcement can be used during the provisioned resource access. To build a solid conceptual foundation for the proposed token, based access control, the paper revisits existing token definition and proposes a new definition in the context of our research. We subsequently show the use of tokens during different stages of the lightpath provisioning process. The paper identifies and describes two major scenarios in multidomain lightpath provisioning: the chain and tree approaches. The proposed token concept allows a simple combination of access control enforcement at different networking layers: the packet layer, the path layer, and the service layer. We end with a brief description of a few demonstrations that proves the proposed concepts and illustrates its acceptance by a wider networking community.