An emulation of GENI access control

Soner Sevinc; Larry Peterson; Trevor Jim; Mary Fernández

An emulation of GENI access control

Soner Sevinc, Larry Peterson, Trevor Jim, Mary Fernández

Research output: Contribution to conference › Paper › peer-review

Abstract

This paper describes an emulation of a distributed access control system proposed for use in the GENI network testbed. We use our trust management system, CERTDIST, to realize the system policy, and measure its performance by mapping PlanetLab’s centralized access control scheme to GENI’s distributed scheme and then replaying logs of PlanetLab access control activity. Our log analysis indicates that any such system must be resilient to both misconfigurations and attacks, and our emulation results show the effect of caching schemes and certificate expiration intervals in reducing load on servers and improving response time.

Original language	English (US)
State	Published - 2009
Externally published	Yes
Event	2nd Workshop on Cyber Security Experimentation and Test, CSET 2009 - Montreal, Canada Duration: Aug 10 2009 → …

Conference

Conference	2nd Workshop on Cyber Security Experimentation and Test, CSET 2009
Country/Territory	Canada
City	Montreal
Period	8/10/09 → …

ASJC Scopus subject areas

Safety, Risk, Reliability and Quality
Computer Networks and Communications

Cite this

@conference{e22ca89815214203967e4b92a1307a90,

title = "An emulation of GENI access control",

abstract = "This paper describes an emulation of a distributed access control system proposed for use in the GENI network testbed. We use our trust management system, CERTDIST, to realize the system policy, and measure its performance by mapping PlanetLab{\textquoteright}s centralized access control scheme to GENI{\textquoteright}s distributed scheme and then replaying logs of PlanetLab access control activity. Our log analysis indicates that any such system must be resilient to both misconfigurations and attacks, and our emulation results show the effect of caching schemes and certificate expiration intervals in reducing load on servers and improving response time.",

author = "Soner Sevinc and Larry Peterson and Trevor Jim and Mary Fern{\'a}ndez",

year = "2009",

language = "English (US)",

}

TY - CONF

T1 - An emulation of GENI access control

AU - Sevinc, Soner

AU - Peterson, Larry

AU - Jim, Trevor

AU - Fernández, Mary

PY - 2009

Y1 - 2009

N2 - This paper describes an emulation of a distributed access control system proposed for use in the GENI network testbed. We use our trust management system, CERTDIST, to realize the system policy, and measure its performance by mapping PlanetLab’s centralized access control scheme to GENI’s distributed scheme and then replaying logs of PlanetLab access control activity. Our log analysis indicates that any such system must be resilient to both misconfigurations and attacks, and our emulation results show the effect of caching schemes and certificate expiration intervals in reducing load on servers and improving response time.

AB - This paper describes an emulation of a distributed access control system proposed for use in the GENI network testbed. We use our trust management system, CERTDIST, to realize the system policy, and measure its performance by mapping PlanetLab’s centralized access control scheme to GENI’s distributed scheme and then replaying logs of PlanetLab access control activity. Our log analysis indicates that any such system must be resilient to both misconfigurations and attacks, and our emulation results show the effect of caching schemes and certificate expiration intervals in reducing load on servers and improving response time.

UR - http://www.scopus.com/inward/record.url?scp=85084162241&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85084162241&partnerID=8YFLogxK

M3 - Paper

AN - SCOPUS:85084162241

T2 - 2nd Workshop on Cyber Security Experimentation and Test, CSET 2009

Y2 - 10 August 2009

ER -

An emulation of GENI access control

Abstract

Conference

ASJC Scopus subject areas

Other files and links

Fingerprint

Cite this