DTN Network Management CCSDS Green Book Approach Ed Birrane

Slides:



Advertisements
Similar presentations
Steve Lewis J.D. Edwards & Company
Advertisements

Distributed Systems Major Design Issues Presented by: Christopher Hector CS8320 – Advanced Operating Systems Spring 2007 – Section 2.6 Presentation Dr.
Using Asterisk to Implement Intelligent Call Center Solutions James Kleckner AMTELCO.
Chapter 19: Network Management Business Data Communications, 5e.
Validata Release Coordinator Accelerated application delivery through automated end-to-end release management.
DTN Network Management Ed Birrane
System Center Configuration Manager Push Software By, Teresa Behm.
1 IP Security Outline of the session –IP Security Overview –IP Security Architecture –Key Management Based on slides by Dr. Lawrie Brown of the Australian.
1 ITC242 – Introduction to Data Communications Week 12 Topic 18 Chapter 19 Network Management.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.
1 Network Management and SNMP  What is Network Management?  ISO Network Management Model (FCAPS)  Network Management Architecture  SNMPv1 and SNMPv2.
SNMP & MIME Rizwan Rehman, CCS, DU. Basic tasks that fall under this category are: What is Network Management? Fault Management Dealing with problems.
Abstraction and Control of Transport Networks (ACTN) BoF
SNMP ( Simple Network Management Protocol ) based Network Management.
S New Security Developments in DICOM Lawrence Tarbox, Ph.D Chair, DICOM WG 14 (Security) Siemens Corporate Research.
Presentation on Osi & TCP/IP MODEL
1. 2 Purpose of This Presentation ◆ To explain how spacecraft can be virtualized by using a standard modeling method; ◆ To introduce the basic concept.
Basic tasks that fall under this category are: What is Network Management? Fault Management Dealing with problems and emergencies in the network (router.
DTN Network Management Will Ivancic Ed Birrane
Lec 3: Infrastructure of Network Management Part2 Organized by: Nada Alhirabi NET 311.
1 Network Management: SNMP The roots of education are bitter, but the fruit is sweet. - Aristotle.
SIS-DTN WG Meeting Thursday Afternoon
PS Security By Deviprasad. Agenda Components of PS Security Security Model User Profiles Roles Permission List. Dynamic Roles Static Roles Building Roles/Rules.
Advanced Computer Networks Topic 2: Characterization of Distributed Systems.
Practical Distributed Authorization for GARA Andy Adamson and Olga Kornievskaia Center for Information Technology Integration University of Michigan, USA.
NASA Space DTN Program Keith Scott SIS-DTN WG Wednesday Afternoon 28 October 2009SIS-DTN 1.
Mobile IPv6 with IKEv2 and revised IPsec architecture IETF 61
Space DTN Readiness Project Network Management APL BBN GRC GSFC JPL OU UMBC Ed Birrane
Asynchronous Management Architecture (AMA) Edward Birrane
Lec 3: Infrastructure of Network Management Part2 Organized by: Nada Alhirabi NET 311.
Towards a High Performance Extensible Grid Architecture Klaus Krauter Muthucumaru Maheswaran {krauter,
Firewalls Definition: Device that interconnects two or more networks and manages the network traffic between those interfaces. Maybe used to: Protect a.
Computer and Information Security
The OSI Model Prof. Choong Seon HONG.
Chapter 19: Network Management
Deterministic Communication with SpaceWire
DTN Network Management
JAXA CCSDS Secretary Office
NASA AES DTN Status Keith Scott CCSDS Meetings, Spring 2016
Key Distribution in DTNs
Lec 5: SNMP Network Management
Updated SBSP draft-birrane-dtn-sbsp-01.txt Edward Birrane
Self Healing and Dynamic Construction Framework:
ETR-NASA DTN Phase-1 Test Results
SECURING NETWORK TRAFFIC WITH IPSEC
NETWORK SECURITY Cryptography By: Abdulmalik Kohaji.
SIS-DTN WG Wednesday Afternoon
Securing the Network Perimeter with ISA 2004
ISS Institutional DTN Overview for CCSDS
Understand Networking Services
Top-Down Network Design Chapter Nine Developing Network Management Strategies Copyright 2010 Cisco Press & Priscilla Oppenheimer.
DTN Network Management
Integrating CCSDS Electronic Data Sheets into Flight Software
Brief Introduction to IEEE P802.1CF
Chapter 3: Open Systems Interconnection (OSI) Model
draft-ipdvb-sec-01.txt ULE Security Requirements
Lec 5: SNMP Network Management
Distributed Databases
Chapter 2: Operating-System Structures
SNMP (Simple Network Management Protocol) based Network Management
Abstract: Relationship between and
AAA: A Survey and a Policy- Based Architecture and Framework
Introduction to Network Security
Chapter 5 SNMP Management
Chapter 5 SNMP Management
Design.
draft-ietf-dtn-bpsec-06
Network Management Security
Top-Down Network Design Chapter Nine Developing Network Management Strategies Copyright 2010 Cisco Press & Priscilla Oppenheimer.
Presentation transcript:

DTN Network Management CCSDS Green Book Approach Ed Birrane

2 Topics  Purpose/Scope  Network Layers and Management Functions  Multi-tiered management models  Configuration, Performance Monitoring, Event Reaction  Architectures and Protocols  Computationally infeasible to re-create message with C < R chunks.  Concepts of Operation  Scenarios, Interfaces

3 Purpose and Scope  Provide justification and mechanisms for:  Autonomous network agents  Fault protection/recovery and quality of service.  Describe format and utilities for:  Configuration, Monitoring, and Control.  Achieving necessary emergent behavior from these primitives.  Illustrate:  When different NM approaches are required based on link characteristic.  How to interface different NM approaches.  Scope:  Network Management at the application layer.

4 Scope Focus is Management at the Application Layer

5 Networking Layers Application Layer Segmented into Three “Tiers”

6 Role of Network Management  Configuration  Synchronize Tier 1 and 2 configurations throughout the network  Tier-3 configurations are un-examined payloads passed as bundles.  Performance Monitoring  Provide “pull” mechanisms for data over low-latency links.  Provide “push” mechanisms for data over high-latency links.  Intelligent data push may change data sent based on circumstance.  Event Reaction  Network fault protection and self-configuration  Similar to safe modes on deep-space spacecraft  Superset of terrestrial network management

7 Implementation Architectures  Protocol Interface  Protocol decoding  Payloads and Extension Headers  Data Ingest  Format, Test Scripts, Rollback  Databases  ADMs (MIBs) by function  Rules/Actions  Autonomy  Evaluates rules, applies actions  Telemetry Collection  ADM (Page) definition, versioning  Data conditioning/sampling  Aggregation  Protocol encoding

8 Concepts of Operation Predicated on “Island” Model

9 Security Models  Investigating Identity-Based Encryption (IBE)  Working with CCSDS Security WG (Howie)  Less reliance on central key authority and key exchange  Fewer Key queries. Avoid Challenge/response systems  Support authentication, integrity, and confidentiality.  Multiple-Group Model  Composite Keys {AssetID, GroupID}  {Lander1, NASA}, {Lander1, ESA}, {Lander1, MartianNetwork}  Group membership may be dynamic  Interfaces naturally with terrestrial PKI schemes. Non-chatty, low-maintenance key negotiation

10 Policy Enforcement  Automated Policy Enforcement  Remote nodes support rule-based autonomy  Fault detection, enhanced reporting, maybe rate limiting  Manual Policy Enforcement  Fine-Grained security built into Tier 1 and 2 applications  Expansive group model. Can be extended to distinguish read and write.  Security authentication can be a significant policy enforcement method.  Support of modern crypto-suites enable cross-domain communication  Automated enhanced reporting greatly increases action time of operator  Less time to request more data over high-latency link. Tools Must Exist to Enforce Policy

11 Configuration Scenarios  Pushing New Contact Graphs  Synchronizing data across Tier-2 applications  Demonstrates application of policy: who update whose contacts?  Updating ADM and aggregation definitions  New version of telemetry pages, how to build them, or when to send them.  Demonstrates handling versioning issues in the network.  Work prototyped in RMON extensions  Security Key and Group Changes  Add new group, keys in the network  Demonstrate security model, including group-based access (ACL)  Work prototyped in IBE code in ION

12 Performance Monitoring Scenarios  Tracking bundle status through the network  Cache/batch report-to addresses through the network  Demonstrates reportability of bundles without saturating network links.  SNMPv3 Gateways  Construct “pull” repositories populated by “push” data.  Demonstrates terrestrial NM interface to high-delay/distruption systems.  Prototype work completed by GRC (DTN2) and OU (ION).  Producing verbose telemetry on failure  Rule/Action configurations define verbose tlm pages on fault  Demonstrate ability to get information to operator faster

13 Event Reaction Scenarios  Cancelling large file transfer  Multiple bundles form CFDP transfer  Demonstrate control of bundles at all nodes in the network.  Quality of Service Enforcement  Codified policy decisions on bandwidth, rate, or contact  Demonstrates ability to control traffic over links based on rule configurations at intermediate nodes.  Path Failure Reaction  Tier-2 application configuration in reaction to loss of node.  Likely update contact graph  Demonstrate ability to automate certain fault recovery.

14 Next Steps  By next CCSDS meeting  Add NM green book to SIS-DTN charter  Construct development schedule  Synchronize outline  Assemble technical stakeholders  JHU/APL will collect, organize, edit information  OU and UCB – ION  GRC – DTN2 applied lessons learned, MIBs  JPL and GSFC – network implementations lessons learned.

15 Thank you! Questions?