Presentation is loading. Please wait.

Presentation is loading. Please wait.

NOVI: Networking innovations Over Virtualized Infrastructures

Similar presentations


Presentation on theme: "NOVI: Networking innovations Over Virtualized Infrastructures"— Presentation transcript:

1 NOVI: Networking innovations Over Virtualized Infrastructures
STREP Project No , Call 5 – FIRE Policy Framework Leonidas Lymberopoulos NOVI Workshop Barcelona, March 15th 2012

2 Policy types Authorization Policies to specify which actors have access to which virtual resources Event-Condition-Action Policies that enforce control & management actions upon certain events within the managed environment. Role-Based-Access Control Policies to specify which classes of actors have access to which virtual resources. Mission Policies that define the obligations of a domain in respect to the other domains within a NOVI federation. Duties are specified as sets of Authorization and Event-Condition-Action policies. NOVI Workshop March 2012

3 Policy Service within NOVI's C&M plane
NOVI Workshop March 2012

4 Example PlanetLab policy objects
NOVI Workshop March 2012

5 Example FEDERICA policy objects
NOVI Workshop March 2012

6 Slice reconfiguration example using an event-condition-action policy
An event is generated by the Monitoring Service indicating that a PlanetLab virtual resource in a NOVI slice (topology in the NOVI IM) is no longer available. This event (vnodefailure) triggers an event-condition-action policy rule (virtualnodefailure) within the Policy Service. Policy Service calls the “updateSlice” method of Intelligent Resource Mapping Service to find a new solution to fulfill the needs of the user’s request. NOVI Workshop March 2012

7 Example authorization policy configuration file
newauthpol := root load: "AuthorisationPolicy". root/factory at: "newauthpol" put: newauthpol. root/authdom at: "a1" put: (newauthpol subject: root/Usersdomain/User1 action: "access:" target: root/Resources/planetlab2-novi focus: "t"). root/authdom/a1 reqneg. // set the policy negative, auth - root/authdom/a1 active: true //activate this policy NOVI Workshop March 2012

8 Future Work Inter-domain relationships as missions
A mission defines the requirements of one domain for interacting with another. A mission is a group of policies which defines the duties of the remote domain as a set of obligation policies it must enforce. Obligation policies are written according to the mission interfaces for each domain. Mission interfaces specify Events, Notifications, Local actions and Remote actions. Integration of the Policy Ontology in the NOVI Service Layer Definition of Roles, so that Role Based Access Control policies can be deployed NOVI Workshop March 2012


Download ppt "NOVI: Networking innovations Over Virtualized Infrastructures"

Similar presentations


Ads by Google