Abstract
Advance reservation systems allow users to reserve dedicated bandwidth connection resources from an advanced high-speed network. A common use case for such systems is data transfers in distributed science environments in which a user wants exclusive access to the reservation. However, current advance network reservation methods cannot ensure exclusive access of a network reservation to the specific flow for which the user made the reservation. We present here a novel network architecture that addresses this limitation and ensures that a reservation is used only by the intended flow. We achieve this by leveraging software-defined networking (SDN) and token-based authorization. We use SDN to orchestrate and automate the reservation of networking resources, end-to-end and across multiple administrativedomains, and tokens to create a strong binding between the user or application that requested the reservation and the flows provisioned by SDN.