Extending the Inter-Domain PCE Framework for Authentication and Authorization in GMPLS Networks

IETF is working on the design of new architectures and signaling solutions to support inter-AS (autonomous system) GMPLS-TE (generalized multi protocol label switching with traffic engineering) for multi-domain, multi-carrier connection setup with guaranteed quality of service (QoS). In addition, the path computation element (PCE) working group is developing the framework for inter-domain path computation. However, many issues are still open regarding the joint path computation and path setup signaling solutions for inter-carrier authentication and authorization (AA). In this paper, we propose the first security solution which integrates inter-domain AA features in the PCE path computation framework. Specifically, we define a new architecture for inter-domain QoS path provisioning based on an extension of the PCE framework to include features that allow domains interested in inter-domain resources to get AA for end-to-end path provisioning over multiple domains belonging to different carriers. In addition, we introduce a mechanism to tie policies controlling path setup with the AA mechanisms introduced in the PCE framework. While at present provisioning of inter-domain paths is based on rather static settlements between neighboring domains that make end-to-end QoS provisioning a challenge, we propose an AA framework that allows domains interested in setting an inter-domain QoS path to have guarantees about resource provided by each domain along the path from source to destination. Simulation results show the performance of the model proposed in networks having different size and connectivity.