Advance reservation access control using software-defined networking and tokens
- Georgia Inst. of Technology, Atlanta, GA (United States)
- Hongik Univ., Seoul (Korea, Republic of)
- Argonne National Lab. (ANL), Argonne, IL (United States)
- Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States)
Advance reservation systems allow users to reserve dedicated bandwidth connection resources from advanced high-speed networks. A common use case for such systems is data transfers in distributed science environments in which a user wants exclusive access to the reservation. However, current advance network reservation methods cannot ensure exclusive access of a network reservation to the specific flow for which the user made the reservation. We present here a novel network architecture that addresses this limitation and ensures that a reservation is used only by the intended flow. We achieve this by leveraging software-defined networking (SDN) and token-based authorization. We use SDN to orchestrate and automate the reservation of networking resources, end-to-end and across multiple administrative domains, and tokens to create a strong binding between the user or application that requested the reservation and the flows provisioned by SDN. We conducted experiments on the ESNet 100G SDN testbed, and demonstrated that our system effectively protects authorized flows from competing traffic in the network.
- Research Organization:
- Oak Ridge National Laboratory (ORNL), Oak Ridge, TN (United States); Argonne National Laboratory (ANL), Argonne, IL (United States)
- Sponsoring Organization:
- USDOE Office of Science (SC), Advanced Scientific Computing Research (ASCR); National Science Foundation (NSF)
- Grant/Contract Number:
- AC05-00OR22725; AC02-06CH11357; ACI-1440761; DEAC02-06CH11357
- OSTI ID:
- 1394409
- Alternate ID(s):
- OSTI ID: 1421947; OSTI ID: 1435193; OSTI ID: 1550544
- Journal Information:
- Future Generations Computer Systems, Vol. 79; ISSN 0167-739X
- Publisher:
- ElsevierCopyright Statement
- Country of Publication:
- United States
- Language:
- English
Web of Science
Graph-Based Policy Change Detection and Implementation in SDN
|
journal | October 2019 |
Similar Records
Advance Reservation Access Control Using Software-Defined Networking and Tokens
SDN for End-to-end Networked Science at the Exascale (SENSE) - Final Technical Report