sesa 15(5): e1

Research Article

Trust as the Foundation of Resource Exchange in GENI

Download247 downloads
  • @ARTICLE{10.4108/icst.tridentcom.2015.259683,
        author={Marshall Brinn and NIcholas Bastin and Andrew Bavier and Mark Berman and Jeffrey Chase and Robert Ricci},
        title={Trust as the Foundation of Resource Exchange in GENI},
        journal={EAI Endorsed Transactions on Security and Safety},
        volume={2},
        number={5},
        publisher={EAI},
        journal_a={SESA},
        year={2015},
        month={8},
        keywords={federation, trust, network, testbeds, cloud, authentication, authorization, policy},
        doi={10.4108/icst.tridentcom.2015.259683}
    }
    
  • Marshall Brinn
    NIcholas Bastin
    Andrew Bavier
    Mark Berman
    Jeffrey Chase
    Robert Ricci
    Year: 2015
    Trust as the Foundation of Resource Exchange in GENI
    SESA
    EAI
    DOI: 10.4108/icst.tridentcom.2015.259683
Marshall Brinn1,*, NIcholas Bastin2, Andrew Bavier3, Mark Berman1, Jeffrey Chase4, Robert Ricci5
  • 1: Raytheon BBN Technologies
  • 2: University of Houston
  • 3: Princeton University
  • 4: Duke University
  • 5: University of Utah
*Contact email: mbrinn@bbn.com

Abstract

Researchers and educators in computer science and other domains are increasingly turning to distributed test beds that offer access to a variety of resources, including networking, computation, storage, sensing, and actuation. The provisioning of resources from their owners to interested experimenters requires establishing sufficient mutual trust between these parties. Building such trust directly between researchers and resource owners will not scale as the number of experimenters and resource owners grows. The NSF GENI (Global Environment for Network Innovation) project has focused on establishing scalable mechanisms for maintaining such trust based on common approaches for authentication, authorization and accountability. Such trust reflects the actual trust relationships and agreements among humans or real-world organizations. We describe here GENI’s approaches for federated trust based on mutually trusted authorities, and implemented via cryptographically signed credentials and shared policies.