аЯрЁБс>ўџ 79ўџџџ8џџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџьЅСq` №П>bjbjqPqP .(::$џџџџџџЄxxxxxxxцФnnn8ІКЊЇжкоєєєєєє&(((((($}hхLxVєєVVLxxєєaТТТV|xєxє&ТV&ТТxxТєЮ  ђЂxšЪnвXТ&w0ЇТu*|uТuxТdєvjTТОDTєєєLLІєєєЇVVVVЊЊЊФnЊЊЊnŒ4Р"тxxxxxxџџџџ  Quarterly Status Report GENI Security Architecture (GSAT) Project Stephen Schwab SPARTA, Inc June 30, 2009 1. Major Accomplishments Revision of the GENI Security Architecture document to reflect the spiral 1 implementations of four of the five cluster control frameworks in a common structure. The common structure is derived from the GPO system engineering view of the control frameworks, to help place understanding of security within the system engineering context. 2. Milestones Achieved Posting of a report describing our plans for coordinating security of operational data collected and provided by the GMOC. 3. Deliverables No deliverables in this period. 4. Activities and Findings Our work over the past quarter has continued to review the progress and development of the control frameworks, focusing on the details of the actual security approach being taken in spiral 1. As written material has been produced by each of the control frameworks as part of their design activities, we have reviewed those designs, and tried to extract our understanding of the security mechanisms being used. There is a wide-range of maturity and degree of detail available for each control framework, so our approach has been to write-up a first description of our understanding, and then interact with a specific individual working within each control framework cluster to update our write-up and to clarify the description of that control framework’s security design. As each control framework is pursuing their work according to their own individual contract and schedule, this is necessarily an imprecise characterization or snapshot of the current design. Moreover, each control framework is taking their own interpretation on how to fulfill the broad mandate of functionality required by the GPO requirements documents and the slice-based facility architecture document that pre-dated the more complete system engineering documents. Our aim is to represent each control framework’s security mechanisms in a form that highlights the similarities and differences of each control framework, and puts the choices within the context of the GPO system engineering specifications and requirements documents and our GENI Security Architecture. The next revision of the GENI Security Architecture document is slated to be posted before the next GEC5 meeting, so that it can serve as a point of discussion with all the GENI projects regarding their security approach. We also expect to make one more update to the GENI Security Architecture based on clarifications and other new information we learn from face-to-face meetings at GEC5. This is especially true for projects that are part of a cluster but have separate distinct security mechanisms that should be documented, or for those projects that are offering alternate security mechanisms as candidates for use in GENI control frameworks. 5. Project Participants The following SPARTA staff are participating in the GSAT project: Stephen Schwab, Alefiya Hussain. In addition, we also consult with Jim Horning, Sandra Murphy, and Calvin Ko, although their participation is constrained by the limited amount of funding. 6. Publications None. 7. Outreach Activities None. 8. Collaborations We have been actively collaborating with Rob Ricci/Utah and other members of the projects collaborating under the ProtoGENI cluster umbrella. This collaboration includes periodic bi-weekly status telecons as well as additional frequent email and other interactions with Emulab staff at Utah. The aim of this effort is to track mechanisms being introduced within Emulab to support ProtoGENI multi-site deployment and prototyping, and to capture the security-relevant aspects of these mechanisms within our security abstractions. We also have been working closely with John Wroclawski and Ted Faber of USC/ISI under the DETER GENI cluster. In particular, we have progressed to integrating Attribute Based Access Control (ABAC) as a basis for prototyping the security abstractions underpinning the DETER Federation implementation. This implementation will evolve as we gain experience from the implementation and deployment of distributed authorization mechanisms within the federated environment to support broader GENI-specific goals. We have released the ABAC software to DETER/TIED project staff under terms of the GENI Public License, and have a request to similarly provide the ABAC software to the ORCA project to prototype and investigate integration within their framework. We aim to capture the security architecture impacts gleaned from this work within the GENI Security Architecture. We have also continued to interact with Larry Peterson and the PlanetLab control framework, as well as had discussions with Max Ott and others collaborating on the ORBIT testbed. Additional discussions with Jon-Paul Herron and the GMOC project at Indiana University have also taken place, with an aim of working out how to control access to measurement data collected and accessed via the GMOC. 9. Other Contributions We have had some email interactions and phone conversations with Giridhar ManePalli of the CNRI Digital Objects Repository project, and plan to review their security-relevant documents and provide guidance on how their technology can fit with, or serve a constructive role, in the GENI control frameworks and overall security architecture.      PAGE 1 BCD^_flmor‡ˆй к л о ё ђ l m n } ~  ž Ÿ Ђ Й К П Р RSjkŠ—Ья hiіъоъіъгЫУЛЫЗВЊВІЂ›ВЊВІЂ›ЊВ—ЂВЊВŒˆŒЊВЗ}ЗyЗyЗh' єh3 H hю(hю(hСhю( hж;h' єh Ч hж;hж;hж;hЋ8LhL\џhL\џ5 hL\џ5hL\џh' єCJaJhЋ8LCJaJhL\џCJaJhL\џhL\џCJaJhL\џh‰7№5CJ aJ hL\џhL\џ5CJ aJ hL\џ5CJ aJ -CDS_mnoˆк л ђ m n ~ ž Ÿ К Р С RSkijz€њђђђђђђњњњњњњњњњњњњњњњњњњњњњ$a$gdL\џgdL\џ$=§§ijmyz€—˜žŸАБ/0Jck™Ѕя˜ЂЊСуф•šО*ЕЖЗЮ!"#$%'(*+-.01789:<=>љєьєшсьєшсьєшншйшйшйшйшйшйшншненшншЮьЪЦЪљОеОеОеОеДЎДЃДеŸљhН}hю(0JmHnHu hG60JjhG60JUjhG6UhL\џhКNЮ h3 Hh' єhG6h Чh' є h3 Hhж;h3 HhL\џhL\џ5 hL\џ5 hL\џhL\џ9€˜žŸБУФ)*ЖЗЮ"#$&')*,-/0;<=>њњњњњњњњњњњњњњњјјјјјјјј№јјњ$a$gd&6%gdL\џ,1hАа/ Ар=!А"А# $ %ААаАа а†œ@@ёџ@ NormalCJ_HaJmH sH tH DA@ђџЁD Default Paragraph FontRiѓџГR  Table Normalі4ж l4жaі (kєџС(No List4@ђ4 &6%Header  ЦрР!4 @4 &6%Footer  ЦрР!.)@Ђ. &6% Page Number6U@Ђ!6  Hyperlink >*B*phџ> ( џџџџ!џџ z™ џџ z™ џџ z™] Ю>ѕTCDS_mnoˆклђmn~žŸКРСR S k i j z €  ˜ ž Ÿ Б УФ)*ЖЗЮ"#0?Р!МР!МР!МР!МР!ЅР!ЅР!ЅР!ЌР!ЌР!ЌР!ЌР!ЌР!ЌР!ЌР!ЌР!ЌР!ЌР!ЌР!Ќ Р!ЌР!ЌР!ЌР!ЌР!ЌР!ЌР!ЌР!ЌР!ЌР!ЌР!ЌР!ЌР!ЌР!ЌР!ЌР!Ќ Р!ЌР!ЌР!ЌР!ЌР!ЌР!ЌР!ЌР!ЌР!ЌCDS_mnoˆклђmn~žŸКРСR S k i j z €  ˜ ž Ÿ Б УФ)*ЖЗЮ"#$&')*,-/0;<?˜0€€˜0€€˜0€€˜0€€˜0€€˜0€€˜0€€˜0€€˜0€€˜0€€˜0€€˜0€€˜0€€˜0€€˜0€€˜0€€˜0€€˜0€€˜0€€˜0€€˜0€€˜0€€˜0€€˜0€€˜0€€˜0€€˜0€€˜0€€˜0€€˜0€€˜0€€˜0€€˜0€€˜0€€˜0€€˜0€€˜0€€˜0€€˜0€€˜0€€˜0€€˜0€€˜0€€IШ00ѓIˆ00ŸIШ00ѓIˆ00ŸIШ00€Iˆ00ŸIШ00€Iˆ00Ÿ0€€˜€€˜€€ i>€>=> !џ•€џџns УђxdЗы ls<Ц8%œŸ”9% ф(qys4х zs ќУ{sЄЋюy y № а а ""*?  ћ д д )44?=*€urn:schemas-microsoft-com:office:smarttags €PlaceType€Z*€urn:schemas-microsoft-com:office:smarttags €PlaceName€http://www.5iantlavalamp.com/i*€urn:schemas-microsoft-com:office:smarttags€State0€http://www.5iamas-microsoft-com:office:smarttagsh*€urn:schemas-microsoft-com:office:smarttags€City0€http://www.5iamas-microsoft-com:office:smarttagsV*€urn:schemas-microsoft-com:office:smarttags€place€http://www.5iantlavalamp.com/>*€urn:schemas-microsoft-com:office:smarttags €PersonName€ pй,F P # , v ~ Р Ц #/8irдл!$?КP R € ‰   z  ˜  $?:::::D^_oŸЙP Q S k z    Ÿ А $?F P $?хю(ж;Н}&6%ђZ-G6іe=3 HЋ8LMFNСMЏпCВМГ ЧКNЮ‰7№' єL\џџ@€Q Q  p,Q Q > @џџUnknownџџџџџџџџџџџџS‡z €џTimes New RomanTimes5€SymbolG& ‡z €џArialHelvetica"qˆ№аh[rзF№rзF‡'§ &'§ &!№ ДД24d3ƒQ№HP(№џ?фџџџџџџџџџџџџџџџџџџџџџL\џ2џџQuarterly Status ReportStephen SchwabStephen Schwabўџр…ŸђљOhЋ‘+'Гй0xˆАМдр№  4 @ LX`hpфQuarterly Status ReportStephen SchwabNormalStephen Schwab7Microsoft Office Word@ъљл@j\Ф†Ъ@јщvšЪ'§ўџеЭеœ.“—+,љЎ0  hpˆ˜  ЈАИР Ш ьфSPARTA, Inc.& ц Quarterly Status Report Title ўџџџ !ўџџџ#$%&'()ўџџџ+,-./01ўџџџ§џџџ4ўџџџўџџџўџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџRoot Entryџџџџџџџџ РFЌxšЪ6€1TableџџџџџџџџuWordDocumentџџџџџџџџ.(SummaryInformation(џџџџ"DocumentSummaryInformation8џџџџџџџџџџџџ*CompObjџџџџџџџџџџџџqџџџџџџџџџџџџџџџџџџџџџџџџўџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџўџ џџџџ РFMicrosoft Office Word Document MSWordDocWord.Document.8є9ВqRoot Entryџџџџџџџџ РFќ=ѕœЪ<@1TableџџџџџџџџuWordDocumentџџџџџџџџ.(SummaryInformation(џџџџ" ўџџџ !ўџџџ#$%&'()ўџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџ;§џџџўџџџўџџџўџџџ:џџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџўџџџўџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџџ DocumentSummaryInformation8џџџџџџџџџџџџ„CompObjџџџџџџџџџџџџqџџџџџџџџџџџџџџџџџџџџџџџџўџ џџџџ РFMicrosoft Office Word Document MSWordDocWord.Document.8є9ВqўџеЭеœ.“—+,љЎDеЭеœ.“—+,љЎP  hpˆ˜  ЈАИР Ш ьфSPARTA, Inc.& ц Quarterly Status Report Title4 $€,А