Abstract
To allow user applications to securely make use of various lightpath resources distributed across multiple domains in a user-friendly and privacy-preserving way requires identity management functionality. Identity and attribute information has to be provided by the user to allow for authorized access to these resources. An identity management framework can facilitate such information exchange. We describe an architecture and prototype that allows the user to setup an end-to-end lightpath that spans multiple network domains while being in control of the personal credentials he has to provide for that purpose. The architecture combines the user-controlled lightpath paradigm with novel user-centric identity management technology. This combination allows the user transparent and non-intrusive access to multiple services that are required for reservation and utilization of network resources in order to setup an end-to-end lightpath.
Chapter PDF
Similar content being viewed by others
References
Nortel. Application Brief: Dynamic Resource Allocation Controller (DRAC) (2006)
OASIS Security Assertion Markup Language (SAML) 2.0 (March 2005), http://saml.xml.org/saml-specifications#samlv20
Shibboleth project website, http://shibboleth.internet2.edu/
Lockhart, H., et al.: WS-Federation Language, Version 1.1 (2006), http://www.ibm.com/developerworks/library/specification/ws-fed/
Hulsebosch, R.J., Bargh, M.S., Fennema, P.H., Zandbelt, J.F., Snijders, M., Eertink, E.H.: Using Identity Management and Secure DNS for Effective and Trusted User-controlled Lightpath Establishment. In: International Conference on Networking and Services, ICNS 2006, Silicon Valley, USA, Marriott Hotel, Santa Clara, July 16-19 (2006)
OpenID, http://openid.net/
MS Cardspace, http://msdn.microsoft.com/en-us/netframework/aa663320.aspx
Higgins, http://www.eclipse.org/higgins/
Bournez, C., Bichsel, P.: First Report on Standardisation and Interoperability - Overview and Analysis of Open Source Initiatives, Combined deliverable: Merger of D3.3.1 and D3.4.1, FP7 EU Primelife project, May 30 (2008)
Van der Pol, R., Dijkstra, F.: Network and Capacity Planning in SURFnet6. In: TNC 2009 (2009) (submitted)
Gommans, L., Dijkstra, F., de Laat, C., Tall, A., Wan, A., van Oudenaarde, B., Lavian, T., Monga, I., Travostino, F.: Applications Drive Secure Lightpath Creation across Heterogeneous Domains. IEEE Communications Magazine, Optical Control Planes for Grid Networks: Opportunities, Challenges and the Vision 44(3), 100–106 (2006)
Higgins Open Source Identity Framework (2008), http://www.eclipse.org/higgins
Truong, D.L., Cherkaoui, O., Elbiaze, H., Rico, N., Aboulhamid, M.: A Policy-based approach for user-controlled Lightpath Provisioning. In: IFIP/IEEE NOMS, April 2004, pp. 859–872 (2004)
Foster, I., Kesselman, C.: The Grid 2: Blueprint for a New Computing Infrastructure. Morgan Kaufmann Publishers, San Francisco (2003)
Brown, K., Mani, S.: Microsoft Code Name “Geneva” Framework Whitepaper for Developers (2008)
Harding, P., Johansson, L., Klingenstein, N.: Dynamic Security Assertion Markup Language: Simplifying Single Sign-On. IEEE Security & Privacy 6(2), 83–85 (2008)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 IFIP International Federation for Information Processing
About this paper
Cite this paper
Hulsebosch, B., de Groote, R., Snijders, M. (2009). Secure User-Controlled Lightpath Provisioning with User-Controlled Identity Management. In: Sadre, R., Pras, A. (eds) Scalability of Networks and Services. AIMS 2009. Lecture Notes in Computer Science, vol 5637. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-02627-0_1
Download citation
DOI: https://doi.org/10.1007/978-3-642-02627-0_1
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-02626-3
Online ISBN: 978-3-642-02627-0
eBook Packages: Computer ScienceComputer Science (R0)