slide1 n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Control Framework Working Group System Engineering Report October 29, 2008 Harry Mussman PowerPoint Presentation
Download Presentation
Control Framework Working Group System Engineering Report October 29, 2008 Harry Mussman

Loading in 2 Seconds...

play fullscreen
1 / 27

Control Framework Working Group System Engineering Report October 29, 2008 Harry Mussman - PowerPoint PPT Presentation


  • 126 Views
  • Uploaded on

Control Framework Working Group System Engineering Report October 29, 2008 Harry Mussman CF WG System Engineer hmussman@bbn.com. groups.geni.net GENI working group wiki. What is the GENI control framework?.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Control Framework Working Group System Engineering Report October 29, 2008 Harry Mussman' - chaela


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
slide1

Control Framework Working Group

System Engineering Report

October 29, 2008

Harry Mussman

CF WG System Engineer

hmussman@bbn.com

groups.geni.net

GENI working group wiki

www.geni.net

what is the geni control framework
What is the GENI control framework?

Control framework includes: Clearinghouse Registries, each Aggregate Manager and users such as Researchers with their Experiment Control Tools, communicating via the Control Plane.

www.geni.net

agenda
Agenda
  • Goals
  • Introduction to WG SE and roles
  • Relevant Spiral 1 projects
  • Control Framework Architecture (CFA) document
  • Current CF issues
  • Planned CF documents
  • CF WG action items

www.geni.net

goals for this meeting
Goals(for this meeting)
  • Understand WG SE roles
  • Get overview of CF WG activities
  • Discuss work plan for coming year, and make suggestions
  • Recommend collaborators and authors

www.geni.net

who am i
Who am I?
  • Harry Mussman
    • Current: Senior Systems Engineer in the GPO at BBN
    • Last: Voice-over-IP architect at BridgePort Networks (a startup) and GTE Internetworking/Genuity
    • BSEE Univ Michigan, MSEE Northwestern Univ, PhD Stanford Univ
    • hmussman@bbn.com
  • GENI roles:
    • Control Framework WG SE
    • Opt-in WG SE
    • GPO coordinator for six Spiral 1 projects

www.geni.net

role of the control framework wg se
Role of the Control Framework WG SE
  • Frame technical issues from top-down
    • Collect issues from WG, compile and revise
    • Use to identify and structure WG documents
  • Synthesize input from bottom-up
    • Collect input from WG, and distribute
    • Look for and summarize consensus (or lack of it)
  • Draft WG documents…
    • Manage process to completion
  • Assist WG communications
    • Take and distribute notes
    • Maintain wiki

www.geni.net

how wg creates a document
How WG Creates a Document
  • SE drafts document
  • GPO does internal review
  • SE posts first draft
    • On wiki (to start); repository up RSN
  • WG discusses document on WG list
    • Possible one-on-one follow-ups
  • SE assembles changes, and revises
  • SE posts revision
  • (Repeat, until document completed)

www.geni.net

agenda1
Agenda
  • Goals
  • Introduction to WG SE and roles
  • Relevant Spiral 1 projects
  • Control Framework Architecture (CFA) document
  • Current CF issues
  • Planned CF documents
  • CF WG action items

www.geni.net

geni spiral 1 integration five control framework clusters
GENI Spiral 1 Integration: Five Control Framework Clusters

Cluster A

Cluster B

Cluster C

Cluster D

Cluster E

1609 DETER

Trial Integ

1600 PlanetLab

1579 ProtoGENI

1582 ORCA/BEN

1660 ORBIT Framework

1613 Enterprise GENI

1601 Virtual Tunnels

1599 Vehicular Mobile Network

1657

WIMAX

1621 GUSH Tools

1646 CMU Testbeds

1602 Sensor/Actuator Network

STUDY ALL

PICK ONE

1604 GENI Meta Operations

1643 Programmable Edge Node

1622 Provisioning Service

1642 Instrumentation Tools

1633 Kansei Sensor Network

1632 Security Architecture

1645 Million- Node GENI

1658

Mid-Atlantic Crossroads

1628 Measurement System

1631

Embedded Real-time Measurements

1650 Regional

Opt-In

1595 Great Plains Environment for Ntwk Innovation

1663

Digital Object Registry

1619

Optical Access Networks

1578 Overlay Hosting Nodes

Highlighted Spiral 1 projects are central or highly relevant to Control Framework

1610

GENI at 4-Year Colleges

Key:

Column labels show

common control framework

1653 Data Plane Measurements

Projects with active Spiral 1

clearinghouse interfaces

www.geni.net

spiral 1 projects
Spiral 1 Projects
  • Five Spiral 1 projects are focused on control frameworks for different clusters of projects:
    • 1609 DETER (Cluster A)
    • 1600 Planetlab (Cluster B)
    • 1579 ProtoGENI (Cluster C)
    • 1582 ORCA (Cluster D)
    • 1660 ORBIT (Cluster E)
  • Each is implementing Clearinghouse Registries, and reference software for an Aggregate Manager.
  • Three Spiral 1 projects are highly relevant to the CFs:
    • 1621 GUSH tools
    • 1632 Security Architecture
    • 1663 Digital Object Registry

www.geni.net

continued 2
continued (2)
  • CF is highest risk item for Spiral 1.
  • Having five CFs:
    • Will mitigate risks.
    • Will bring unique contributions to the table.
    • Allows strengths to be identified, for inclusion in final CF.
    • Prevents the loss of good ideas.
  • Expect consolidation over time, but no “sudden death”.
  • How do we:
    • Clearly describe each CF, with a common vocabulary?
    • Understand similarities and differences?
    • Identify common issues, and get them resolved?
    • Work towards defining a “final” CF?

www.geni.net

agenda2
Agenda
  • Goals
  • Introduction to WG SE and roles
  • Relevant Spiral 1 projects
  • Control Framework Architecture (CFA) document
  • Current CF issues
  • Planned CF documents
  • CF WG action items

www.geni.net

control framework architecture document
Control Framework Architecture Document
  • Drafted, and now ready for review by CF WG: http://groups.geni.net/geni/attachment/wiki/GeniControlFrameworkArchitecture/102008_GENI-ARCH-CP-01.4.pdf
  • Intent:
    • Clearly describe each CF, with a common vocabulary.
    • Understand similarities and differences.
    • Identify common issues.
    • A way towards defining a “final” CFA
  • Approach:
    • Separate the CFA into parts, indicating architectural options and current choices.
    • Provide multiple “worked examples”.
    • Provide a “linear” structure, to decompose the CFA, and be able to understand structure/features of each current CF implementation.

www.geni.net

continued 21
continued (2)
  • Structure of document:
    • Start with system design overview to understand structure and concepts. (Section 3)
    • List features and functions that must be included. (Section 4)
    • Present control framework structure, including entities, interfaces, principals, services and objects. (Section 5)
    • Consider each interface, plus major concepts, and present examples of usage that walks through key scenarios. (Sections 6 – 11)
    • Include sections to summarize five current control frameworks being implemented for Spiral 1. (Sections 12 – 16)

www.geni.net

continued 3
continued (3)
  • Shows current architecture choices:
    • Generally common to current implementations.
    • Control interfaces include APIs that follow a web services model, using SOAP and https (for a secure channel).
    • Principals (and services) have global identities, and are identified and authenticated with certificates from a PKI
    • Authorization is handled with signed tokens (certificates) that are passed from registry, to researcher, to aggregate, etc., based on an underlying trust management system.
  • Has allowed several architectural issues to be identified.

www.geni.net

agenda3
Agenda
  • Goals
  • Introduction to WG SE and roles
  • Relevant Spiral 1 projects
  • Control Framework Architecture (CFA) document
  • Current CF issues
  • Planned CF documents
  • CF WG action items

www.geni.net

identified control framework issues
Identified Control Framework Issues
  • Issue 1: CFA includes authentication and authorization techniques that are strongly dependent on security architecture.
    • Are current choices reasonable?
    • What changes will have to be made as security architecture is formulated?
    • 1632 Security Architecture project will address this issue.
    • Who in WG is interested in this issue?

www.geni.net

continued 22
continued (2)
  • Issue 2: Identity and authentication should include use of existing identity management systems, to permit easier federation
    • Which system(s)? InCommon? Others?
    • How can this best be done?
    • Who in WG is interested in this issue?

www.geni.net

continued 31
continued (3)
  • Issue 3: CFA includes authorization techniques that are based on signed tokens.
    • This is fundamental to current CFA.
    • What needs to be done to properly verify signed tokens?
    • What needs to be done to properly verify the identity of offering principal (service)?
    • Can we be sure that this will work securely in a large scale system?
    • Who in WG is interested in this issue?

www.geni.net

continued 4
continued (4)
  • Issue 4: CFA authorization mechanism is part of a larger trust management system.
    • Principals have “credential” (signed “trust assertion”).
    • Aggregate Manager accepts credential, and uses a local “policy checker” to decide whether (or not) to authorize resource assignment.
    • How does Policy Checker work?
    • Can it be extended to flexibly utilize new parameters and approaches?
    • How can trust management be established over diverse entities, to permit wide-ranging federation?
    • Who in WG is interested in this issue?

www.geni.net

continued 5
continued (5)
  • Issue 5: Current CF implementations have clearinghouse registries (and related authority services) that vary.
    • From centralized to distributed.
    • With different arrangements of registries and related authority services.
    • Can one CFA accommodate them all?
    • How?
    • Who in WG is interested in this issue?

www.geni.net

continued 6
continued (6)
  • Issue 6: Current CF implementations have different token flows for requesting resources, etc.
    • Can we identify and evaluate the differences?
    • Can we have a flexible arrangement for future extensions?
    • How does this interact with the resource description approach?
    • Is the current approach to an Rspec sufficient, or does it need to be extended?
    • Who in WG is interested in this issue?

www.geni.net

next steps for cfa document
Next Steps for CFA Document
  • Continue to identify and address issues.
    • Fold solutions back into CFA document.
  • Provide a “linear” structure for the CFA.
    • To be able to decompose the CFA.
    • And apply to understanding the structure/features of each current CF implementation.
  • Continue reviews of CFA document, revise, and repeat until complete.
      • Who in WG is interested in helping?
  • Work toward v2 of CFA document, as we learn from Spiral 1 implementations.

www.geni.net

agenda4
Agenda
  • Goals
  • Introduction to WG SE and roles
  • Relevant Spiral 1 projects
  • Control Framework Architecture (CFA) document
  • Current CF issues
  • Planned CF documents
  • CF WG action items

www.geni.net

planned control framework documents
Planned Control Framework Documents
  • Architecture:
    • CF Architecture, v1 DRAFT compete 10/17/08
    • CF Architecture, v2 DRAFT due 6/16/09
  • Subsystems:
    • Clearinghouse Subsystem Technical Description, v1 DRAFT due 2/15/09
    • Clearinghouse Subsystem Technical Description, v2 DRAFT due 7/16/09
    • Clearinghouse Subsystem Intfc Cntrl Doc, v1 DRAFT due 3/1/09
    • Clearinghouse Subsystem Intfc Cntrl Doc, v2 DRAFT due 8/1/09

www.geni.net

control framework action items
Control Framework Action Items
  • 1)
  • 2)
  • 3)
  • 4)
  • 5)

www.geni.net

follow up
Follow-up
  • Notes, slides, actions, etc will be sent to the working group mail list and posted on the wiki page: http://groups.geni.net/geni/wiki/GeniOptIn

www.geni.net