Air force center for research on gig nces challenges af trust gnc
This presentation is the property of its rightful owner.
Sponsored Links
1 / 16

Air Force Center for Research on GIG/NCES Challenges (AF-TRUST-GNC) PowerPoint PPT Presentation


  • 40 Views
  • Uploaded on
  • Presentation posted in: General

Air Force Center for Research on GIG/NCES Challenges (AF-TRUST-GNC). Ken Birman. Context. TRUST mission includes commitment to create significant dialog with stakeholder communities (e.g. in medicine, financial community, power systems) 2005 saw substantial progress with Air Force

Download Presentation

Air Force Center for Research on GIG/NCES Challenges (AF-TRUST-GNC)

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Air force center for research on gig nces challenges af trust gnc

Air Force Center for Research on GIG/NCES Challenges (AF-TRUST-GNC)

Ken Birman


Context

Context

  • TRUST mission includes commitment to create significant dialog with stakeholder communities (e.g. in medicine, financial community, power systems)

  • 2005 saw substantial progress with Air Force

    • Dialog builds on a longer history of collaboration between Air Force and our participants. For example, Air Force Information Assurance Institute at Cornell

    • TRUST members assisted in two major studies of GIG/NCES impact on Air Force research priorities in 2005

      • AFRL/IF (JBI) Prometheus study

      • Info Sharing 2010 study requested by SAF-XCX: a pair of TLAs that includes CIO office of the Secretary of the Air Force (SAF)).

  • AF-TRUST proposal reflects priorities identified in these studies

"TRUST and the Global Information Grid", Ken Birman


Advantage information

Advantage: Information

“The natural formation of the country is the soldier's best ally; but a power of estimating the adversary, of controlling the forces of victory, and of shrewdly calculating difficulties, dangers and distances, constitutes the test of a great general. He who knows these things, and in fighting puts his knowledge into practice, will win his battles. ”

- General Sun-Tzu Wu, 512BC

Challenge? Finding it!

"TRUST and the Global Information Grid", Ken Birman


The proposed nces gig architecture

Basis is Web Services standard, although CORBA is likely to be used on server clusters

Primary application platform will be Microsoft Windows

NSA and DISA are playing key roles in mapping these components to military needs

The proposed NCES/GIG architecture?

"TRUST and the Global Information Grid", Ken Birman


Steps to gig nces

Steps to GIG/NCES

  • Today

    • AF runs three side-by-side operational networks and many dedicated subnetworks, i.e. to control autonomous vehicles

    • Connects to Internet and other services through various DISA-operated gateways.

  • Tomorrow

    • Single Dark Core: A vision of a unified network with a small high-security core and a substantial audited but medium-security region.

    • XML browsers and email throughout, posing a recognized security risk but offering needed information accessibility

    • Legacy/stovepipe applications ported and wrapped for accessibility within this common operating environment

"TRUST and the Global Information Grid", Ken Birman


Missing pieces to the story

Missing pieces to the story?

  • There are many

    • At a “superficial” level, just using the proposed platform to solve the kinds of problems being posed is challenging

      • For example, imagine an application that needs mapping data for Falluja. Which servers have this data? Are some more up to date, or less loaded, or experiencing faults? Which one is best? What security policies should apply?

    • At a more technical level, Web Services lack properties one would normally expect for mission-critical military systems

"TRUST and the Global Information Grid", Ken Birman


The prometheus project

The Prometheus Project

Real-time, Scalable, & Secure Information Management for the GIG

Ken Birman

[email protected]

Cornell University

Mike Reiter

[email protected]

Carnegie Mellon University

Douglas C. Schmidt

[email protected]

Vanderbilt University

Tuesday, January 10, 2006


Prometheus emphasis meeting demands for qos enabled information management

Prometheus Emphasis: Meeting Demands for QoS-enabled Information Management

  • Key solution space challenges

    • Enormous accidental & inherent complexities

    • Continuous technology evolution & change

    • Highly diverse network, platform, language, & tool environments

  • Key problem space challenges

    • Network-centric, dynamic, very large-scale systems of systems (SoS)

    • Stringent simultaneous quality of service (QoS) demands

      • e.g. real-time, scalability, security

    • Demand for QoS-enabled operational & tactical Global Information Grid (GIG)

"TRUST and the Global Information Grid", Ken Birman


Summary of results from prometheus study

Summary of Results from Prometheus Study

  • We decided to drill down on four primary questions

  • QoS-enabled Publish/Subscribe Technologies for Tactical Information Management

  • Scalable Fault- & Intrusion-Tolerance for Critical GIG Services

  • Scalable Enterprise Service-Oriented Architectures

  • Investigating a Unified Framework for Demonstrating Policy Compliance

Results include a mix of prototypes, experiments, & analyses

"TRUST and the Global Information Grid", Ken Birman


Air force center for research on gig nces challenges af trust gnc

Focus Area 1: QoS-enabled Publish/Subscribe Technologies for Tactical Information Management

Feedback &

Control

Coordination

Of Multiple UAVs

Dynamic Mission

Replanning

Image Processing

& Tracking

DARPA PCES Capstone demo, April 14, ‘05, White Sands Missile Range

"TRUST and the Global Information Grid", Ken Birman


Focus area 2 scalable fault intrusion tolerance for critical gig services

Critical GIG services must survive failures & attacks

An intrusion-tolerant service is one that continues to operate correctly despite the corruption of some of its components

“Intrusions” modeled as Byzantine faults (arbitrary behavior)

In this focus area, we have studied how to build fault- & intrusion-tolerant services to be fault-scalable

i.e., service performance scales as number of faults tolerated grows

Focus Area 2: Scalable Fault- & Intrusion- Tolerance for Critical GIG Services

Application

Application

Application

Application

Pub/Sub

Service

Application

Application

Application

Application

"TRUST and the Global Information Grid", Ken Birman


Focus area 3 scalable enterprise service oriented architectures

Focus Area 3: Scalable Enterprise Service-Oriented Architectures

Red LAN

Access Functions

Access Functions

Red LAN

COI level Connectivity, Bandwidth, Priority Enforcement

Access Functions

Access Functions

Satellite

Network

Tactical

Network

IA Policy-based Routing

Terrestrial IP

Network

Protection of Data-in-Transit

Service Allocation & Prioritization

Terrestrial

Circuit Network

GIG

SERVICE

  • Goals

  • Enhance SOA platforms to support policy-driven enforcement of access to GIG resources integrated across information, service, & transport

  • Enable ability to dynamically adjust SOA resource allocation mechanisms in response to changing mission priorities, failures, attacks,etc.

"TRUST and the Global Information Grid", Ken Birman


Af trust gnc

AF-TRUST-GNC

  • Proposal focuses on three areas, roughly corresponding to the ones identified by Prometheus

    • Develop algorithms and software for scalable, real-time and fault-tolerance QoS

    • Investigate issues associated with very large scale information assurance and security policy management

    • Develop new technologies for scalable and secure discovery, information architectures and mediation

"TRUST and the Global Information Grid", Ken Birman


Example questions

Example questions

  • Can we bring build a new generation of time-critical web service cluster solutions that combine time-critical update algorithms with mechanisms for handling faults and load surges?

  • Suppose that a vast collection of firewalls and audit mechanisms are controlled from an enormous distributed database of policies. How can we administer and update the policy databases without accidental error?

  • Is it possible to somehow isolate legacy applications while still enjoying the benefits of universal connectivity and access available in Web Services?

"TRUST and the Global Information Grid", Ken Birman


Proposal

Proposal?

  • We are proposing to create a TRUST Center focused on the needs of Air Force and other military vendors as the GIG/NCES rollout occurs

  • We have the breadth of talent and resources to make this work and can exploit a “dream team” that unites the top research groups in the country and focuses them on AFRL priorities. AF-TRUST-GNC includes some TRUST researchers but also some new faces

  • We suggest a structure parallel to that used by NSF in the basic TRUST framework

"TRUST and the Global Information Grid", Ken Birman


Possible goal for 2006

Possible goal for 2006?

  • One option is to explore a similar structure with Dept. of Treasury

    • Very likely to build on their eCavern project

    • Wide range of very exciting issues in areas such as identity-theft, data mining to enforce risk-management, regulatory and security policies, data replication and associated policy enforcement

    • Could exploit facilities right on Wall Street, where both Cornell and CMU have offices in shared bldg

"TRUST and the Global Information Grid", Ken Birman


  • Login