GEC3 – October 28-30, 2008www.geni.net1 Control Framework Working Group System Engineering Report October 29, 2008 Harry Mussman CF WG System Engineer.

Slides:



Advertisements
Similar presentations
Kilnam Chon Keio & KAIST GENI(Global Environment for Network Innovations) has been handled with good system engineering, NSF style.
Advertisements

1 Spiral 1 Requirements Demonstrate GENI Clearinghouse & control framework in Spiral 1 projects as a central GENI concept. Demonstrate End-to-end.
FIBRE-BR Meeting GENI I&M Marcelo Pinheiro. Agenda GENI Overview GENI User groups GENI I&M Use Cases GENI I&M Services.
GEC3 – October 28-30, 2008 groups.geni.net GENI working group wiki GENI Substrate Working Group Agenda and Deliverables Joseph B. Evans,
GEC3 – October 28-30, 2008www.geni.net1 Opt-in Working Group System Engineering Report October 29, 2008 Harry Mussman Opt-in WG System Engineer
Sponsored by the National Science Foundation 1 Activities this trimester 0.5 revision of Operational Security Plan Independently (from GPO) developing.
Collaborative and Technical Issues on Future Networks Myung-Ki SHIN 15 th CJK NGN WG Meeting Zhangjiajie, China 8-10 April
Sponsored by the National Science Foundation Campus Policies for the GENI Clearinghouse and Portal Sarah Edwards, GPO March 20, 2013.
GENI: Global Environment for Networking Innovations Larry Landweber Senior Advisor NSF:CISE Joint Techs Madison, WI July 17, 2006.
Sponsored by the National Science Foundation 1 August 30, 2010 INSTOOLS Spiral 2 Year-end Project Review University of Kentucky PIs: James Griffioen and.
Kansei Connectivity Requirements: Campus Deployment Case Study Anish Arora/Wenjie Zeng, GENI Kansei Project Prasad Calyam, Ohio Supercomputer Center/OARnet.
Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.
Edward Tsai – CS 239 – Spring 2003 Strong Security for Active Networks CS 239 – Network Security Edward Tsai Tuesday, May 13, 2003.
An Introduction to the Hennepin County Hennepin County GIS Technical Advisory Group (eGTAG) 10/20/2009.
Long-term Archive Service Requirements draft-ietf-ltans-reqs-00.txt.
GEC3 Oct www.geni.net1 Experiment Workflow and Services Working Group System Engineering Report Vicraj (Vic) Thomas, Ph.D. Working Group System.
Cardea Requirements, Authorization Model, Standards and Approach Globus World Security Workshop January 23, 2004 Rebekah Lepro Metz
OnTimeMeasure Integration with Gush Prasad Calyam, Ph.D. (PI) Tony Zhu (Software Programmer) Alex Berryman (REU Student) GEC10 Selected.
Overview of NIPP 2013: Partnering for Critical Infrastructure Security and Resilience October 2013 DRAFT.
Introduction to Secure Messaging The Open Group Messaging Forum April 30, 2003.
Digital Object Architecture
Demystifying the Business Analysis Body of Knowledge Central Iowa IIBA Chapter December 7, 2005.
Information Assurance The Coordinated Approach To Improving Enterprise Data Quality.
Sponsored by the National Science Foundation GENI-enabled Campuses Responsibilities, Requirements, & Coordination Bryan Lyles, NSF Mark Berman & Chip Elliott,
1 Supporting the development of distributed systems CS606, Xiaoyan Hong University of Alabama.
Sponsored by the National Science Foundation GENI Meta-Operations Center Spiral 2 Year-end Project Review GlobalNOC at Indiana University PI: Jon-Paul.
Dr. Bhavani Thuraisingham October 2006 Trustworthy Semantic Webs Lecture #16: Web Services and Security.
Grid Security Issues Shelestov Andrii Space Research Institute NASU-NSAU, Ukraine.
GEC3 – October 28-30, 20081www.geni.net1 Substrate WORKING GROUP System Engineering Report John Jacob SWG System Engineer groups.geni.net GENI working.
Data Plane Measurements Deniz Gurkan Roopa Krishnappa October 28 th, 2008.
GEC3www.geni.net1 GENI Spiral 1 Control Frameworks Global Environment for Network Innovations Aaron Falk Clearing.
Sponsored by the National Science Foundation GENI Registry Services, a.k.a. Digital Object Registry Spiral 2 Year-end Project Review CNRI PI: Larry Lannom.
OOI CI LCA REVIEW August 2010 Ocean Observatories Initiative OOI Cyberinfrastructure Architecture Overview Michael Meisinger Life Cycle Architecture Review.
GEC5 Security Summary Stephen Schwab Cobham Analytical Services July 21, 2009.
Sponsored by the National Science Foundation GEC16 Plenary Session: GENI Solicitation 4 Tool Context Marshall Brinn, GPO March 20, 2013.
Sponsored by the National Science Foundation GENI I&M Update: Architecture Overview and Current Status GENI Engineering Conference 10 San Juan, PR GPO.
Sponsored by the National Science Foundation GENI Exploring Networks of the Future
Identity Management: A Technical Perspective Richard Cissée DAI-Labor; Technische Universität Berlin
Notes of Rational Related cyt. 2 Outline 3 Capturing business requirements using use cases Practical principles  Find the right boundaries for your.
Sponsored by the National Science Foundation GENI Security Architecture What’s Up Next? GENI Engineering Conference 7 Durham, NC Stephen Schwab SPARTA/Cobham.
Sponsored by the National Science Foundation Substrate Working Group GENI Engineering Conference 4 Miami, FL Peter O’Neil April 1,
Sponsored by the National Science Foundation Distributed Identity & Authorization Mechanisms Spiral 2 Year-end Project Review SPARTA, Inc. PI: Stephen.
Recent Developments in CLARIN-NL Jan Odijk P11 LREC, Istanbul, May 23,
Sponsored by the National Science Foundation Cluster D Working Meetings GENI Engineering Conference 5 Seattle, WA July ,
State of e-Authentication in Higher Education August 20, 2004.
D u k e S y s t e m s GENI Federation Basics Jeff Chase Duke University.
Sponsored by the National Science Foundation 1 Nov 4, 2010 Inst & Meas WG Meeting at GEC9 Thur, Nov 4, 9am – 10:30am Introductions (9am) Topic 2: Meas.
Sponsored by the National Science Foundation Meeting Introduction: Integrating GENI Networks with Control Frameworks Aaron Falk GENI Project Office June.
Sponsored by the National Science Foundation GENI Aggregate Manager API Tom Mitchell March 16, 2010.
Sponsored by the National Science Foundation 1 Nov 4, 2010 Cluster-D Mtg at GEC9 Tue, Nov 2, 12noon – 4:30pm Meeting Chair: Ilia Baldine (RENCI) –System.
JRA1.4 Models for implementing Attribute Providers and Token Translation Services Andrea Biancini.
GEC3 – October 28-30, 2008www.geni.net1 Opt-in Working Group System Engineering Report October 29, 2008 Harry Mussman Opt-in WG System Engineer
E-Authentication & Authorization Presentation to the EA2 Task Force March 6, 2007.
Sponsored by the National Science Foundation Stitching Slices GEC7 Control Framework WG Aaron Falk GENI Project Office.
GRID ANATOMY Advanced Computing Concepts – Dr. Emmanuel Pilli.
Sponsored by the National Science Foundation GENI Cloud Security GENI Engineering Conference 12 Kansas City, MO Stephen Schwab University of Southern California.
Andrew J. Hewatt, Gayatri Swamynathan and Michael T. Wen Department of Computer Science, UC-Santa Barbara A Case Study of the WS-Security Framework.
Security API discussion Group Name: SEC Source: Shingo Fujimoto, FUJITSU Meeting Date: Agenda Item: Security API.
Sponsored by the National Science Foundation 1 March 15, 2011 GENI I&M Update: I&M Service Types, Arrangements, Assembling Goals Architecture Overview.
GEC3 – October 28-30, 2008www.geni.net1 Control Framework Working Group System Engineering Report October 29, 2008 Harry Mussman CF WG System Engineer.
Slide 1 Eurostat Unit B3 – Statistical Information Technology ITDG on October 2004 IDAbc Eurostat’s proposal for a statistical project in the European.
Clearing house for all GENI news and documents GENI Architecture Concepts Global Environment for Network Innovations The GENI Project Office.
Project Management Methodology Project Closing. Project closing stage Must be performed for all projects, successfully completed or shut off by management.
Designing a Federated Testbed as a Distributed System Robert Ricci, Jonathon Duerig, Gary Wong, Leigh Stoller, Srikanth Chikkulapelly, Woojin Seok 1.
Sponsored by the National Science Foundation GEC17 Plenary Session: Architecture Marshall Brinn, GPO July 22, 2013.
Session 4A: Federated Catalogs and GEOSS Clearinghouse
HingX Project Overview
GENI Exploring Networks of the Future
Presentation transcript:

GEC3 – October 28-30, 2008www.geni.net1 Control Framework Working Group System Engineering Report October 29, 2008 Harry Mussman CF WG System Engineer groups.geni.net GENI working group wiki

What is the GENI control framework? October 29, 2008www.geni.net2 Control framework includes: Clearinghouse Registries, each Aggregate Manager and users such as Researchers with their Experiment Control Tools, communicating via the Control Plane.

Agenda Goals Introduction to WG SE and roles Relevant Spiral 1 projects Control Framework Architecture (CFA) document Current CF issues Planned CF documents CF WG action items October 29, 2008www.geni.net3

Goals (for this meeting) Understand WG SE roles Get overview of CF WG activities Discuss work plan for coming year, and make suggestions Recommend collaborators and authors October 29, 2008www.geni.net4

Who am I? Harry Mussman –Current: Senior Systems Engineer in the GPO at BBN –Last: Voice-over-IP architect at BridgePort Networks (a startup) and GTE Internetworking/Genuity –BSEE Univ Michigan, MSEE Northwestern Univ, PhD Stanford Univ GENI roles: –Control Framework WG SE –Opt-in WG SE –GPO coordinator for six Spiral 1 projects October 29, 2008www.geni.net5

Role of the Control Framework WG SE Frame technical issues from top-down –Collect issues from WG, compile and revise –Use to identify and structure WG documents Synthesize input from bottom-up –Collect input from WG, and distribute –Look for and summarize consensus (or lack of it) Draft WG documents… –Manage process to completion Assist WG communications –Take and distribute notes –Maintain wiki October 29, 2008www.geni.net6

How WG Creates a Document SE drafts document GPO does internal review SE posts first draft –On wiki (to start); repository up RSN WG discusses document on WG list –Possible one-on-one follow-ups SE assembles changes, and revises SE posts revision (Repeat, until document completed) October 29, 2008www.geni.net7

Agenda Goals Introduction to WG SE and roles Relevant Spiral 1 projects Control Framework Architecture (CFA) document Current CF issues Planned CF documents CF WG action items October 29, 2008www.geni.net8

9 GENI Spiral 1 Integration: Five Control Framework Clusters 1578 Overlay Hosting Nodes 1579 ProtoGENI 1595 Great Plains Environment for Ntwk Innovation 1646 CMU Testbeds 1609 DETER Trial Integ 1609 DETER Trial Integ 1642 Instrumentation Tools 1613 Enterprise GENI 1600 PlanetLab 1658 Mid-Atlantic Crossroads 1658 Mid-Atlantic Crossroads 1602 Sensor/Actuat or Network 1582 ORCA/BEN 1599 Vehicular Mobile Network 1660 ORBIT Framework 1601 Virtual Tunnels 1657 WIMAX 1657 WIMAX 1663 Digital Object Registry 1663 Digital Object Registry 1633 Kansei Sensor Network 1628 Measurement System 1604 GENI Meta Operations 1643 Programmable Edge Node 1621 GUSH Tools 1622 Provisioning Service 1650 Regional Opt-In 1650 Regional Opt-In 1632 Security Architecture 1645 Million- Node GENI 1610 GENI at 4-Year Colleges 1610 GENI at 4-Year Colleges Cluster A Cluster ECluster D Cluster CCluster B Key: Projects with active Spiral 1 clearinghouse interfaces STUDY ALL PICK ONE 1619 Optical Access Networks 1619 Optical Access Networks Column labels show common control framework Highlighted Spiral 1 projects are central or highly relevant to Control Framework 1653 Data Plane Measurements 1631 Embedded Real-time Measurements 1631 Embedded Real-time Measurements

Spiral 1 Projects Five Spiral 1 projects are focused on control frameworks for different clusters of projects: –1609 DETER (Cluster A) –1600 Planetlab (Cluster B) –1579 ProtoGENI (Cluster C) –1582 ORCA (Cluster D) –1660 ORBIT (Cluster E) Each is implementing Clearinghouse Registries, and reference software for an Aggregate Manager. Three Spiral 1 projects are highly relevant to the CFs: –1621 GUSH tools –1632 Security Architecture –1663 Digital Object Registry October 29, 2008www.geni.net10

continued (2) CF is highest risk item for Spiral 1. Having five CFs: –Will mitigate risks. –Will bring unique contributions to the table. –Allows strengths to be identified, for inclusion in final CF. –Prevents the loss of good ideas. Expect consolidation over time, but no “sudden death”. How do we: –Clearly describe each CF, with a common vocabulary? –Understand similarities and differences? –Identify common issues, and get them resolved? –Work towards defining a “final” CF? October 29, 2008www.geni.net11

Agenda Goals Introduction to WG SE and roles Relevant Spiral 1 projects Control Framework Architecture (CFA) document Current CF issues Planned CF documents CF WG action items October 29, 2008www.geni.net12

Control Framework Architecture Document Drafted, and now ready for review by CF WG: GENI-ARCH-CP-01.4.pdf GENI-ARCH-CP-01.4.pdf Intent: –Clearly describe each CF, with a common vocabulary. –Understand similarities and differences. –Identify common issues. –A way towards defining a “final” CFA Approach: –Separate the CFA into parts, indicating architectural options and current choices. –Provide multiple “worked examples”. –Provide a “linear” structure, to decompose the CFA, and be able to understand structure/features of each current CF implementation. October 29, 2008www.geni.net13

continued (2) Structure of document: –Start with system design overview to understand structure and concepts. (Section 3) –List features and functions that must be included. (Section 4) –Present control framework structure, including entities, interfaces, principals, services and objects. (Section 5) –Consider each interface, plus major concepts, and present examples of usage that walks through key scenarios. (Sections 6 – 11) –Include sections to summarize five current control frameworks being implemented for Spiral 1. (Sections 12 – 16) October 29, 2008www.geni.net14

continued (3) Shows current architecture choices: –Generally common to current implementations. –Control interfaces include APIs that follow a web services model, using SOAP and https (for a secure channel). –Principals (and services) have global identities, and are identified and authenticated with certificates from a PKI –Authorization is handled with signed tokens (certificates) that are passed from registry, to researcher, to aggregate, etc., based on an underlying trust management system. Has allowed several architectural issues to be identified. October 29, 2008www.geni.net15

Agenda Goals Introduction to WG SE and roles Relevant Spiral 1 projects Control Framework Architecture (CFA) document Current CF issues Planned CF documents CF WG action items October 29, 2008www.geni.net16

Identified Control Framework Issues Issue 1: CFA includes authentication and authorization techniques that are strongly dependent on security architecture. –Are current choices reasonable? –What changes will have to be made as security architecture is formulated? –1632 Security Architecture project will address this issue. –Who in WG is interested in this issue? October 29, 2008www.geni.net17

continued (2) Issue 2: Identity and authentication should include use of existing identity management systems, to permit easier federation –Which system(s)? InCommon? Others? –How can this best be done? –Who in WG is interested in this issue? October 29, 2008www.geni.net18

continued (3) Issue 3: CFA includes authorization techniques that are based on signed tokens. –This is fundamental to current CFA. –What needs to be done to properly verify signed tokens? –What needs to be done to properly verify the identity of offering principal (service)? –Can we be sure that this will work securely in a large scale system? –Who in WG is interested in this issue? October 29, 2008www.geni.net19

continued (4) Issue 4: CFA authorization mechanism is part of a larger trust management system. –Principals have “credential” (signed “trust assertion”). –Aggregate Manager accepts credential, and uses a local “policy checker” to decide whether (or not) to authorize resource assignment. –How does Policy Checker work? –Can it be extended to flexibly utilize new parameters and approaches? –How can trust management be established over diverse entities, to permit wide-ranging federation? –Who in WG is interested in this issue? October 29, 2008www.geni.net20

continued (5) Issue 5: Current CF implementations have clearinghouse registries (and related authority services) that vary. –From centralized to distributed. –With different arrangements of registries and related authority services. –Can one CFA accommodate them all? –How? –Who in WG is interested in this issue? October 29, 2008www.geni.net21

continued (6) Issue 6: Current CF implementations have different token flows for requesting resources, etc. –Can we identify and evaluate the differences? –Can we have a flexible arrangement for future extensions? –How does this interact with the resource description approach? –Is the current approach to an Rspec sufficient, or does it need to be extended? –Who in WG is interested in this issue? October 29, 2008www.geni.net22

Next Steps for CFA Document Continue to identify and address issues. –Fold solutions back into CFA document. Provide a “linear” structure for the CFA. –To be able to decompose the CFA. –And apply to understanding the structure/features of each current CF implementation. Continue reviews of CFA document, revise, and repeat until complete. Who in WG is interested in helping? Work toward v2 of CFA document, as we learn from Spiral 1 implementations. October 29, 2008www.geni.net23

Agenda Goals Introduction to WG SE and roles Relevant Spiral 1 projects Control Framework Architecture (CFA) document Current CF issues Planned CF documents CF WG action items October 29, 2008www.geni.net24

Planned Control Framework Documents Architecture: –CF Architecture, v1DRAFT compete 10/17/08 –CF Architecture, v2DRAFT due 6/16/09 Subsystems: –Clearinghouse Subsystem Technical Description, v1 DRAFT due 2/15/09 –Clearinghouse Subsystem Technical Description, v2 DRAFT due 7/16/09 –Clearinghouse Subsystem Intfc Cntrl Doc, v1 DRAFT due 3/1/09 –Clearinghouse Subsystem Intfc Cntrl Doc, v2 DRAFT due 8/1/09 October 29, 2008www.geni.net25

Control Framework Action Items 1) 2) 3) 4) 5) October 29, 2008www.geni.net26

Follow-up Notes, slides, actions, etc will be sent to the working group mail list and posted on the wiki page: October 29, 2008www.geni.net27

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.