Version 19 (modified by, 13 years ago) (diff)


Project Number


Project Title

GENI Security Architecture Toolkit

a.k.a. SECARCH

Technical Contacts

PI: Stephen Schwab Stephen Schwab (located in Columbia, MD SPARTA office)
Sandy Murphy (located in Columbia, MD SPARTA office)
Alefiya Hussain (located in El Segundo, CA SPARTA office)
Former Project Member: Jim Horning (located in Palo Alto SPARTA office)

Participating Organizations



This effort will define a GENI Security Architecture, in support of the broad goals for GENI Spirals 1-3, including (a) working with teams prototyping multiple control frameworks and (b) demonstrating end-to-end slicing across a range of technologies, including Ethernet VLANs as an initial universal service offered by GENI. By interacting continuously with testbed prototyping efforts, we will jointly refine the security requirements, reflect those requirements within the security architecture, and validate through feedback gleaned from our collaborator’s rapid deployment cycles that our security architecture concepts are indeed aligned and addressing the needs of the GENI testbed community.

Task 1. Develop security designs for each of the three major integration spirals, working in close collaboration with the funded projects for each spiral. Also work with the GENI operations team (one of the funded projects) and the GPO on designs for sharing operational, measurement, and end-user data between projects in a way that fits into the overall security design for the spiral.

Task 2. Collaborate with the GENI control framework architects, the GPO, and other interested GENI participants (such as campus CIOs) to develop a security architecture for GENI.

Task 3. Through activities in appropriate GENI working groups, produce draft GENI Security Architecture and Policy documents that encompass the longer-term GENI design that the GENI Community expects to put in place after the first 3 spiral integrations are complete.


Spiral 1

Spiral 2

Project Technical Documents

A useful GENI Planning Group Security document (for reference only).

Spiral 1 Draft Security Design Report Comments and feedback eagerly solicited. Please send comments to Stephen Schwab.

Spiral 2 Draft Security Design Report Comments and feedback eagerly solicited. Please send comments to Stephen Schwab.

Spiral 3

MilestoneDate(SECARCH: S3.a Draft Spiral 3 Security Design Reports)?
MilestoneDate(SECARCH: S3.b Release Spiral 3 Security Design Report (GEC9 based))?
MilestoneDate(SECARCH: S3.c Draft Spiral 3 Security Design Reports (GEC10 based))?
MilestoneDate(SECARCH: S3.d Release Spiral 3 Security Design Report (GEC11 based))?
MilestoneDate(SECARCH: S3.e Review GMOC design documents and contribute to security designs for GMOC Spiral 3)?

Quarterly Status Reports

Spiral 1 Connectivity

There are no special connectivity requirements for this project. The PI already has sufficient IP access to all projects from his office (Rosslyn, VA) and home.

The security staff on this project will need accounts with all control frameworks and the GMOC in order to familiiarize themselves with details of using these frameworks. The PI may also need access to the virtual ethernet configuration/control interfaces, if they are not controlled directly by the clearinghouses in the first prototypes. The PI already has access to Emulab and PlanetLab.

GPO Liaison System Engineer

Heidi Picher Dempsey

Related Projects

none listed currently

Attachments (22)