1 / 25

Users’ Authentication in the VRVS System

Users’ Authentication in the VRVS System. David Collados California Institute of Technology. November 20th, 2003. TERENA - Authentication & Authorization. What is VRVS?.

aolmo
Download Presentation

Users’ Authentication in the VRVS System

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Users’ Authentication in the VRVS System David Collados California Institute of Technology November 20th, 2003 TERENA - Authentication & Authorization

  2. What is VRVS? • TheVirtual Rooms Videoconferencing System has been developed by Caltech since1995to provide aworld widevideoconferencing service for education and research communities. • VRVS isa realtime distributed systemwhichprovide ascalable communication infrastructurefor large collaboration dispersed all over the world. • Different technologies and protocols are supported(and mixed) and allow users to connect their preferred videoconference. • SupportsMbone, H.323, SIP, QuickTime, Access Grid, JMFandMPEG2. • The system is composed of1 main serverandseveral reflectorsspread around the world.

  3. VRVS Web Service Design • Unified Web User Interfaceto schedule and join/leave a meeting independently of any application. • Multi-platform: Windows, Linux, MacOS and Unix • Easy to use: Everybody knows how to click on a web page today. • Virtual Room Concept, Scheduling: Create a virtual space were people can exchange real-time information • Join or Leavea Collaborative session at anytime. Noneed to know in advance how many participants and booked ports capacity. • FullDocumentation and Tutorial • Self service: No need for a technician or expert to organize and join you into a conference.

  4. VRVS Model Implementation done Partially done Continuously in development Work in progress VRVS Web User Interface Mbone Tools (vic, vat/rat,..) SIP H.323 QuickTime Player MPEG Minerva Collaborative Applications VRVS Reflectors (Unicast/Multicast) QoS Real Time Protocol (RTP/RTCP) Network Layer (TCP/IP)

  5. VRVS Deployment and Usage

  6. VRVS Reflectors Deployment 78 Reflectors deployed worlwide

  7. VRVS Reflector Implementation • Avoids Duplicationof Streams on a given Link • Can be set toUnicast or Multicastmode or both • Connectionpeer-to-peerwith neighbors network servers. Connectionless (more reliable to network breaks) • EnablesOptimized Routing • EnablesBandwidth Control • Providelow latency communication • Could be use forreal-time interactivityorbroadcast • Provide elegant solution to crossfirewall/NAT • RemoteManagementFeatures. • Compliant withIETF RTPv2 Protocol, ready for new applications.

  8. Monalisa: Real-Time Monitoring

  9. Registered users and current usageas of (16th November 2003) Number of Registered Users: 96 Countries & 6615 Users Slovakia, Chile, Poland, Russia, Taiwan, Greece, Netherlands, etc…

  10. Machines and OS • VRVS supports different • Operating Systems based • on the needs and • demands of final users: • 1st : Windows • 2nd: Linux • 3rd: Mac OS • 4th: Other UNIX • 19.461 machines • (16th November 2003)

  11. Some Examples

  12. VRVS on Mac OS X

  13. VRVS on Windows KEK (JP) Caltech (US) RAL (UK) Brazil CERN (CH) AMPATH (US) Pakistan SLAC (US) Canada AMPATH (US)

  14. Example 1: 20 participantsBRAZIL (3 sites) + SWITZERLAND (CERN) + USA (Caltech)

  15. Example 2: 17 participantsJAPAN + UK + SWITZERLAND + BRAZIL + USA (SLAC + FERMILAB)

  16. VRVS Virtual Setup 1 dual processor PC With special 4 outputs graphic card 6400 x 4800 pixels Most powerful VRVS End Node

  17. Authentication and Authorization - Present Status -

  18. Users’ Site (Apache) • Database Authentication module for browsing most of the site. • One single realm for the whole site. • Caching just for the current browser session.

  19. Authorization of Users 1/2 • Each VRVS user belongs to a Community. The responsible/s for that community will authorize (or not) bookings from that user in their community.

  20. Authorization of Users 2/2 • Other mechanism of authorization is implemented when joining a meeting (Virtual Room access protected with password).

  21. Administration Site (Tomcat) • Database Authentication for the whole site. • JDBC Realm implemented for MySQL DB. • Administrators database with MD5 digest algorithm for stored passwords.

  22. Authorization @ Admin Site • Different roles defined in the DB attached to the users. • The Call Detail Record example. Oriented to roles.

  23. Authentication and Authorization - Future -

  24. AA in the VRVS Future • AA independent of our system and distributed. • Internet2 initiative: Shibboleth. • RedIRIS initiative: PAPI. • Grid Security Infrastructure (GSI): public key encryption, X.509 certificates, SSL + extensions for delegation and single sign-on. • What do we integrate and how?

  25. WWW.VRVS.ORG Contact@VRVS.org Support@VRVS.org

More Related