By Topic

A Network Access Control Approach for QoS Support Based on the AAA Architecture

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$33 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

2 Author(s)
Shujuan Wang ; Inst. of Inf. Sci., Beijing Jiaotong Univ., Beijing, China ; Mangui Liang

The primary role of network access control is to decide on the validity of user's identity accepted into the networks and authorization accessed to the particular resource so that users conforming to their established access polices achieve predefined services. This paper presents a specific scenario which supports quality of service (QoS) in network domain. The QoS access rules are based not only on the identity of end users but also authorization policies related to those users. To achieving that goal, it is necessary to add new functions as QoS authentication and QoS Authorization to the traditional access control schemes, and also some entities able to administrate the information relevant to QoS requirement, identity and decisions. The proposed approach is based on the 802.1X framework and the Authentication, Authorization and Accounting (AAA) architecture owing to the fact that they are the most widely accepted and deployed standards for network access control. XACML (eXtensible Access Control Markup Language) is used to express QoS resource assignment and authorization policies, and SAML (Security Assertion Markup Language) is selected to exchange and transport related messages. The proposed approach supports QoS provision by ensuring that only validated user with appropriate QoS requirement which satisfies the QoS access policies can get resource reserved, then the user can use the resource exclusively during the corresponding QoS session. This approach provides QoS support effectively cooperating with resource reservation technology.

Published in:

Intelligence Information Processing and Trusted Computing (IPTC), 2010 International Symposium on

Date of Conference:

28-29 Oct. 2010