An emulation of GENI access control

Authors:
Soner Sevinc;Larry Peterson;Trevor Jim;Mary Fernández
Affiliations:
Princeton University, Princeton, NJ;Princeton University, Princeton, NJ;AT&T Labs Research, Florham Park, NJ;AT&T Labs Research, Florham Park, NJ
Venue:
CSET'09 Proceedings of the 2nd conference on Cyber security experimentation and test
Year:
2009

Citing 4
Cited 1

Revised Papers from the First International Workshop on Peer-to-Peer Systems

IPTPS '01 Revised Papers from the First International Workshop on Peer-to-Peer Systems
Kademlia: A Peer-to-Peer Information System Based on the XOR Metric

IPTPS '01 Revised Papers from the First International Workshop on Peer-to-Peer Systems
On SDSI's Linked Local Name Spaces

CSFW '97 Proceedings of the 10th IEEE workshop on Computer Security Foundations
SD3: A Trust Management System with Certified Evaluation

SP '01 Proceedings of the 2001 IEEE Symposium on Security and Privacy

A review of GENI authentication and access control mechanisms

International Journal of Security and Networks

Quantified Score

Hi-index	0.01

Visualization

Abstract

This paper describes an emulation of a distributed access control system proposed for use in the GENI network testbed. We use our trust management system, CERTDIST, to realize the system policy, and measure its performance by mapping PlanetLab's centralized access control scheme to GENI's distributed scheme and then replaying logs of PlanetLab access control activity. Our log analysis indicates that any such system must be resilient to both misconfigurations and attacks, and our emulation results show the effect of caching schemes and certificate expiration intervals in reducing load on servers and improving response time.