Title :
Applications drive secure lightpath creation across heterogeneous domains
Author :
Gommans, Leon ; Dijkstra, Freek ; de Laat, Cees ; Taal, Arie ; Wan, Andrew ; Monga, Inder
Author_Institution :
Finalist IT Group, Univ. van Amsterdam, Netherlands
fDate :
3/1/2006 12:00:00 AM
Abstract :
We realize an open, programmable paradigm for application-driven network control by way of a novel network plane - the "service plane" - layered above legacy networks. The service plane bridges domains, establishes trust, and exposes control to credited users/applications while preventing unauthorized access and resource theft. The authentication, authorization, and accounting subsystem and the dynamic resource allocation controller are the two defining building blocks of our service plane. In concert, they act upon an interconnection request or a restoration request according to application requirements, security credentials, and domain-resident policy. We have experimented with such service plane in an optical, large-scale testbed featuring two hubs (NetherLight in Amsterdam, StarLight in Chicago) and attached network clouds, each representing an independent domain. The dynamic interconnection of the heterogeneous domains occurred at Layer 1. The interconnections ultimately resulted in an optical end-to-end path (lightpath) for use by the requesting grid application.
Keywords :
authorisation; optical fibre networks; resource allocation; telecommunication control; telecommunication security; application-driven network control; applications drive secure lightpath; authentication authorization and accounting subsystem; dynamic resource allocation controller; heterogeneous domains; optical end-to-end path; service plane; Authentication; Authorization; Clouds; Computer architecture; Optical control; Optical interconnections; Protocols; Software agents; Telecommunication network management; Testing;
Journal_Title :
Communications Magazine, IEEE
DOI :
10.1109/MCOM.2006.1607872
