The GENI Architecture is composed of two fundamental pieces, each seeking to address different issues: * Network Architecture: How can we establish topologies of computation and network resources in an isolated deeply programmable context? * Federation Architecture: How can we establish trust among broad sets of users and contributors of independently owned and operated resources? == Network Architecture == The GENI Network Architecture was designed around three fundamentals principles of GENI: 1. GENI is a '''sliceable testbed''' that can support multiple concurrent experiments running in isolation. 2. GENI is '''deeply programmable''', and allows experiments to control packet forwarding within the network. 3. GENI is a '''federation''' that is comprised of several autonomous organizations providing resources to GENI. From the point of view of the user GENI appears like a unified testbed. Figure 1, shows a high level overview of the GENI Network Architecture: [[BR]] [[Image(geni-network-architecture.png, 30%, nolink)]] == Federation Architecture == GENI is composed of a broad set of heterogeneous resources, each owned and operated by different entities. They wish these entities to participate in GENI and allow these resources to be made available to researches. But they want to maintain a degree of control and trust that these resources will be used in a responsible and secure manner. In addition to these resource owners, GENI has a broad community of experimenters and researchers who wish to build topologies from these resources on which to perform reseach and experimentation. The question of trust becomes critical for establishing this exchange of resources. There are simply too many resource providers and potential customers to allow everyone to know everyone and approve of every resource-related translation. What is needed is a trusted third party who can vouch for the proper operations of resources (for the experimenters) and for the credentials of the experimenters (for the resource owners). This trusted third party is the GENI Federation. It establishes common notions of identity, authentication, authorization and accountability to allow all participations in the GENI federation to enter into resource exchange in a trusted manner. Resource owners and experimenters and federations are real people or groups: GENI establishes software services to represent their interests in these transactions. The following figure shows these real-world entities and their virtual representatives in the GENI Federation Architecture. [[Image(GENI Architecture Entities.pdf)]]