1. 15/06/1999HP OVUA Workshop - Bologna - Italy1 An Integrated Environment for the Management of Network Resources and Services Paolo Bellavista, Antonio Corradi, Rebecca Montanari {pbellavista, acorradi, rmontanari}@deis.unibo.it University of Bologna - Italy Cesare Stefanelli cstefanelli@ing.unife.it University of Ferrara - Italy Software & Docs available at http://www-lia.deis.unibo.it/Research/SOMA/

2. 15/06/1999HP OVUA Workshop - Bologna - Italy2 Novel Management Solutions (1) Traditional management tools are based on the Client/Server model (SNMP, CMIP) Good design examples, but C/S shows its limits under certain conditions (e.g. micro-management problem) Novel Management solutions: CORBA as integration technology with legacy management components TMN & TINA as solution frameworks at the architecture level Code Mobility:Management by Delegation Active Networks Intelligent Networks Mobile Agents

3. 15/06/1999HP OVUA Workshop - Bologna - Italy3 Modern Management Environments should be: flexible, to dynamically introduce new protocols and services adaptive, to tune systems behaviour without suspending service provision capable of supporting service design, deployment and control together with managing more traditional network resources interoperable, to integrate with legacy systems and services (CORBA) secure, to permit differentiated security levels for service provision in untrusted environments Following these guidelines, we have designed MESIS (Management Environment for Secure and Interoperable Services) Novel Management Solutions (2)

4. 15/06/1999HP OVUA Workshop - Bologna - Italy4 The MESIS Architecture for Management Applications

5. 15/06/1999HP OVUA Workshop - Bologna - Italy5 MESIS is built on top of the SOMA Mobile Agent DPE Mobile Agent Technology: Mobile Agents are programs that act on behalf of a principal and can autonomously migrate at runtime and continue their operations on the new host Our Goal: to provide an integrated programming framework for the design of distributed services in global, open and untrusted environments

6. 15/06/1999HP OVUA Workshop - Bologna - Italy6 The MESIS Organization: Locality Abstractions

7. 15/06/1999HP OVUA Workshop - Bologna - Italy7 Agent Identification Facility: dynamically assigns GUIDs to any system entity Agent Migration Facility: permits reallocation of network resources and service components (native protocol, CORBA IIOP, MASIF) Agent Communication Facility: - local comm. by shared objects (blackboards, tuple spaces) - remote comm. by message exchange Agent Naming Facility: permits to trace and search any system entity (by accommodating different naming systems: DNS, Directory Service,...) Agent Interoperability Facility Agent Security Facility MESIS Facilities dealt in the following...

8. 15/06/1999HP OVUA Workshop - Bologna - Italy8 Why Security and Interoperability in MESIS? Untrusted environments call for Security at any system layer - Mechanisms (authentication, authorization and access control, secrecy, integrity) - Policies (enforced at domain/place locality) - Infrastructures (for certificate administration) Open and heterogeneous environments require Interoperability - with other DPE layers via CORBA - with other MA DPE implementations via OMG MASIF Interoperability-related Security Issues - CORBA Security Services, SECIOP

9. 15/06/1999HP OVUA Workshop - Bologna - Italy9 MESIS Interoperability via CORBA and MASIF compliance (1) 1 2 3 MESISas CORBAclient MESISasCORBA server MASIFinteroperability 2 3 1 MA DPE CORBA DPE CORBA Bridge MASIF Bridge CORBA Server CORBA Client MESIS DPE MESISService Layer Remote Monitoring Videoon Demand Remote Configuration

10. 15/06/1999HP OVUA Workshop - Bologna - Italy10 CORBA ORB CMIP legacy systems SNMP legacy systems CMIPgatewaySNMPgateway CORBA-based Management System Systems Management Common Facilities Place M A S I F MESIS M A S I F Place Security Services MESIS Interoperability via CORBA and MASIF compliance (2) MASIF-compliant Manag. System Place

11. 15/06/1999HP OVUA Workshop - Bologna - Italy11 MESIS Security: Mechanisms, Policies and Infrastructures IAIK Cryptographic Mechanisms JDK1.2 Security Policies Entrust PKI Flexibility for application designers in the selection of the proper security level

12. 15/06/1999HP OVUA Workshop - Bologna - Italy12 We are using the MESIS environment for managing resources and services in the areas of: Network and Systems Management Multimedia Distribution Management Personal Communications Support & Management for Mobile Computing Services We have already implemented…. Management Tools & Network Services in MESIS

13. 15/06/1999HP OVUA Workshop - Bologna - Italy13 Network and Systems Management: Remote Installation

14. 15/06/1999HP OVUA Workshop - Bologna - Italy14 PCS for Mobile Computing: the Mobility Support Module

15. 15/06/1999HP OVUA Workshop - Bologna - Italy15 Place1 Home Place DomainA Mobile Place 1 Creation of a MobilePlace Agents delivered to a MobilePlace Place1 Home Place DomainA Mobile Place 1 Place1 Default Place DomainB Mobile Place 1 Place2 AgentA B Agent A reaches immediately the mobile place. Agent B tries to reach the mobile place that has already moved; the agent is tunneled via the home place. 1 2 1 3 PCS for Mobile Computing: Terminal Mobility Mobile Place Abstraction

16. 15/06/1999HP OVUA Workshop - Bologna - Italy16 Conclusions and Current Work The MESIS environment is demonstrating: to be extremely flexible in the management of existing components and services to allow rapid prototyping of new services We currently work on From the point of view of the support: Full integration with the Entrust PKI Full compliance with CORBA Security Services and SECIOP User Authentication via JavaCard and JavaButton From the point of view of the implementation of new services: QoS-aware Multimedia Stream Management Intelligent Information Retrieval for Distributed Virtual Museums Software & Docs about MESIS and SOMA are available on the Web: http://www-lia.deis.unibo.it/Research/SOMA/