Presentation is loading. Please wait.

Presentation is loading. Please wait.

Operating Framework of Connection Networks

Published byAubrey Marsh Modified over 6 years ago

Similar presentations

Presentation on theme: "Operating Framework of Connection Networks"— Presentation transcript:

1 Operating Framework of Connection Networks
OGF/NSI Working Group Chicago Oct. 10, 2012 John Vollbrecht Leon Gommans

2 Quick Introduction This presentation is intended to help provide a basis for defining AA requirements for NSI We would like feedback about whether this helps promote NSI AA and what could be improved or explained better This presentation uses the Network Provider Group [NPG] Framework to describe the organization of a group of provider networks collaborating to create connections between edgepoints of the networks NPG is an instance of Service Provider Group [SPG] Framework which has been developed by examining services provided by groups of autonomous organizations The NPG Framework describes how a group of network organizations can collaborate to provide connections between edge points

3 Network Provider Group Basics
NPG is a group of network providers organized to offer connections to users NPG has two dimensions User view Provider view Three functional levels + oversight Enterprise (managerial) Policy operational

4 NPG Dimensions User view – Provider view User gets connedtion from NPG
Includes provider nets, service providers such as topology, pathfinding, monitoring. Policy

5 NPG User Dimension

6 NPG Provider View NPG is overlay on set of Providers
NPG coordinates agents to provide service Provider org may be part of more than one NPG Mapping to NSI terms Admin – provider org Policy – NSA NOC – NRM Actions may be human or automated or combination

7 NPG Provider Dimension Mapping to NSI
Conn. Service Topology Service Discover Service Monitor Service NPG Service NSI Framework NSA CS State Mach. TS State Mach. MS State Mach. NPG State Mach NPG Policies TSDB Blue is addition to Inder’s slide NSA NRM Modified from Inder’s slides from Delft Blue boxes show NPG services – Green services coordinated by NPG

8 NPG Levels Enterprise level - management Policy level – NSA level
Defines, builds and monitors business architecture of collaborating providers Includes managers of each network and service providers as well as NPG manager Each enterprise actor reports to the principal of its organization Policy level – NSA level executes policy using infrastructure and rules defined at Enterprise level Monitors Policy level for compliance with Enterprise rules Each policy actor reports to its enterprise owner Policy actors specify connections to participating operation level Operation control level – NRM level Provides connection specified by Policy level using infrastructure defined by Enterprise Level Operates using infrastructure and rules defined at Enterprise level Instantiates Connections specified by Policy level Monitors and reports on connection compliance with policy and enterprise rules Infrastructure could be all computerized, all human or some combination

9 NPG Assumptions Provider preconditions Organization of NPG
A set of interconnected networks- potential provider networks Each provider net has an operation level NOC/ NRM Each provider network has a Policy Agent / NSA Each network has a business manager agent at enterprise level NPG coordinates a group of networks and service providers Each organization, including NPG, has a principal and associated Directorate which is accountable for its activities NPG has agents that enable and monitor functions at all levels NPG uses Service providers [e.g. topology server] are used by NPG to enable NPG functions

10 Principal/Directorate and Accountability
Every organization has a principal that is accountable to other principals The Principal may have a “Directorate” that acts at an executive level for the Principal A principal may act alone, or may have an organization to whom it delegates functional responsibility Principals of organizations are ultimately responsible for defining and executing policy and are accountable for the results of policy. Principals of organizations participating in an NPG delegate authority to enterprise agents who in turn delegate some of their authority to policy and operation agents When acting for a principal, an agent must be demonstrate that it has been delegated the authority from the principal. Principal is the head of the authority chain for the organization NPG Agents report on performance of functional activity so that Principal can take corrective action as needed Is this slide needed?

11 Mutiple Networks and Multiple NPGs
NPGs can be created using the same Provider networks Having a number of networks with standard agents means they are able to join different NPGs as appropriate

12 NPG Principal/Directorate
An NPG Principal is created when an NPG is created An NPG Principal is ultimately accountable for commitments the NPG makes to users and for enforcing agreements among members NPG Principal could be a corporation operating the way MasterCard and Visa coordinates CC services for banks Could be an executive group formed by a set of networks – perhaps formed by GLIF Could an executive from a group of National networks who interconnect to provide service to other nets NPG Principal creates NPG Directorate with agents NPG delegates authority to its agents Raci matrix – responsible, accountable, consulted, informed See wikipedia

13 Service Agreements Principals risk/reward
The Principal of each organization is responsible for service performance, and accepts risks with associated rewards and penalties. In a small business it might be the owner In a corporation it is the board of directors The principal delegates responsibility to agents, is accountable for agent actions Service agreements are between principals Service agreements define how costs and benefits are allocated An agent must be able to prove it is acting for (authorized by) a particular principal to participate in protocol between agents Principal of group is accountable to the group use to lead into what the principal of NPG does

14 Authorization and Responsibility

15 Risks and Rewards For the principal of an NPG two basic types of risk exist - it is accountable to user for both, allocates partial responsibility and liability to providers Business Risk e.g. Use may not be as high as expected or may use some feature more than expect This is a Risk evaluated at Enterprise level Operational Risk e.g Infrastructure may refuse valid requests or may not be able to handle the volume of requests or may accept fraudulent requests This is a risk of infrastructure and protocol Infrastructure and protocol can limit cost of risk Enforcement of operational requirements can limit cost of risk

16 Summary Multiple networks collaborating to provide connections to users - need an NPG to define and oversee how they collaborate NPG agents are in all three levels NPG Principal is accountable for connections provided by NPG NPG functional infrastructure is protocol based, but may be all human, all automated or some combination evolving

17 Thanks for listening Questions?
Some that might be good to discuss Is it really necessary for NPG to have its own principal Can the same topology service be used by multiple NPGs? is it possible to define authority chain needed in Policy level messages in PKI terminology? What does the above mean? What does the Enterprise level really do?

Download ppt "Operating Framework of Connection Networks"

Similar presentations

Authentication Authorization Accounting and Auditing

Authentication Authorization Accounting and Auditing
© 2006 Open Grid Forum Network Services Interface OGF30: Connection Services Guy Roberts, 27 th Oct 2010.

© 2006 Open Grid Forum Network Services Interface OGF30: Connection Services Guy Roberts, 27 th Oct 2010.
© 2006 Open Grid Forum Network Services Interface Introduction to NSI Guy Roberts.

© 2006 Open Grid Forum Network Services Interface Introduction to NSI Guy Roberts.
NSI/NML Resource and Topology Issues OGF Munich March 2010.

NSI/NML Resource and Topology Issues OGF Munich March 2010.
NSI wg Architecture Elements John Vollbrecht Internet2.

NSI wg Architecture Elements John Vollbrecht Internet2.
Organizational Governance

Organizational Governance
Internal Control–Integrated Framework

Internal Control–Integrated Framework
Lawrence Berkeley National LaboratoryU.S. Department of Energy | Office of Science Network Service Interface (NSI) Inder Monga Co-chair, Network Services.

Lawrence Berkeley National LaboratoryU.S. Department of Energy | Office of Science Network Service Interface (NSI) Inder Monga Co-chair, Network Services.
Chapter 14 Fraud Risk Assessment.

Chapter 14 Fraud Risk Assessment.
© 2006 Open Grid Forum Network Service Interface in a Nut Shell GEC 19, Atlanta, GA Presenter: Chin Guok (ESnet) Contributors: Tomohiro Kudoh (AIST), John.

© 2006 Open Grid Forum Network Service Interface in a Nut Shell GEC 19, Atlanta, GA Presenter: Chin Guok (ESnet) Contributors: Tomohiro Kudoh (AIST), John.
ARCH-05 Application Prophecy UML 101 Peter Varhol Principal Product Manager.

ARCH-05 Application Prophecy UML 101 Peter Varhol Principal Product Manager.
Unit 1: Introductions and Course Overview Administrative Information  Daily schedule  Restroom locations  Breaks and lunch  Emergency exit routes 

Unit 1: Introductions and Course Overview Administrative Information  Daily schedule  Restroom locations  Breaks and lunch  Emergency exit routes 
<<replace with Customer Logo>>

<<replace with Customer Logo>>
Public Private Partnerships MUNICIPAL PPP CONFERENCE Date: 18 February 2010.

Public Private Partnerships MUNICIPAL PPP CONFERENCE Date: 18 February 2010.
OASIS Reference Model for Service Oriented Architecture 1.0

OASIS Reference Model for Service Oriented Architecture 1.0
A credit union authority to invest in derivatives is limited to and has been granted exclusively for the purpose of reducing interest rate risk exposure.

A credit union authority to invest in derivatives is limited to and has been granted exclusively for the purpose of reducing interest rate risk exposure.
Trust Framework for Multi-Domain Authorization Internet2 Spring Meeting Arlington April 25 th 2012 Leon Gommans:

Trust Framework for Multi-Domain Authorization Internet2 Spring Meeting Arlington April 25 th 2012 Leon Gommans:
Chapter 20 20-1 © 2012 Pearson Education, Inc. Publishing as Prentice Hall.

Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.
Organize to improve Data Quality Data Quality?. © 2012 GS1 To fully exploit and utilize the data available, a strategic approach to data governance at.

Organize to improve Data Quality Data Quality?. © 2012 GS1 To fully exploit and utilize the data available, a strategic approach to data governance at.
Introduction to Internal Control Systems

Introduction to Internal Control Systems

Similar presentations

Ads by Google