A Practical Distributed Authorization System for GARA

  • Authors:

  • William A. Adamson;Olga Kornievskaia

  • Affiliations:

  • -;-

  • Venue:
  • InfraSec '02 Proceedings of the International Conference on Infrastructure Security
  • Year:
  • 2002

Quantified Score

Hi-index 0.00

Visualization

Abstract

Although Quality of Service functionality has become a common feature of network hardware, configuration of QoS parameters is done by hand. There is a critical need for an automated network reservation system to provide reliable last mile networking for video, audio, and large data transfers. Security of all communications in the process of automating the network configuration is vital. What makes this security problem difficult is the allocation of end-to-end network resources across security realms and administrative domains.This paper introduces a practical system that shows a design and implementation of Globus General-purpose Architecture for Reservation and Allocation (GARA) services that offer automated network reservation services to users. The contributions of this paper are twofold. First, we provide a fine-grained cross-domain authorization for GARA that leverages existing institutional security and group services, with universal access for users. We identify and discuss issues involved. Second, we eliminate the need for long term public key credentials and associated overheads that are required by other systems. We describe the implementation of an easy and convenient Web interface for making reservation requests.