wiki:GENISecurity

Version 2 (modified by Stephen Schwab, 16 years ago) (diff)

--

Project Number

1632

Project Title

GENI Security Architecture Toolkit

a.k.a. SECARCH

Technical Contacts

PI: Stephen Schwab Stephen Schwab
Jim Horning (located in Palo Alto SPARTA office)
Sandy Murphy (located in Columbia, MD SPARTA office)
Alefiya Hussain (not currently on this project, but will probably join later)

Participating Organizations

SPARTA

Scope

This effort will define a GENI Security Architecture, in support of the broad goals for GENI Spirals 1-3, including (a) working with teams prototyping multiple control frameworks and (b) demonstrating end-to-end slicing across a range of technologies, including Ethernet VLANs as an initial universal service offered by the GENI facility. By interacting continuously with testbed prototyping efforts, we will jointly refine the security requirements, reflect those requirements within the security architecture, and validate through feedback gleaned from our collaborator’s rapid deployment cycles that our security architecture concepts are indeed aligned and addressing the needs of the GENI testbed community.

Task 1. Develop security designs for each of the three major integration spirals, working in close collaboration with the funded projects for each spiral. Also work with the GENI operations team (one of the funded projects) and the GPO on designs for sharing operational, measurement, and end-user data between projects in a way that fits into the overall security design for the spiral.

Task 2. Collaborate with the GENI control framework architects, the GPO, and other interested GENI participants (such as campus CIOs) to develop a security architecture for GENI.

Task 3. Through activities in appropriate GENI working groups, produce draft GENI Security Architecture and Policy documents that encompass the longer-term GENI design that the GENI Community expects to put in place after the first 3 spiral integrations are complete.

Milestones

SECARCH:Spiral 1 Draft Security Design Report
SECARCH:Security Contributions to GMOC documents
SECARCH:Revised Spiral 1 Security Design Report

Project Technical Documents

A useful GENI Planning Group Security document (for reference only).

http://groups.geni.net/geni/attachment/wiki/GENISecurity/GENI-SEC-ARCH-0.3.doc Spiral 1 Draft Security Design Report.

Spiral 1 Connectivity

There are no special connectivity requirements for this project. The PI already has sufficient IP access to all projects from his office (Rosslyn, VA) and home.

The security staff on this project will need accounts with all control frameworks and the GMOC in order to familiiarize themselves with details of using these frameworks. The PI may also need access to the virtual ethernet configuration/control interfaces, if they are not controlled directly by the clearinghouses in the first prototypes. The PI already has access to Emulab and PlanetLab.

GPO Liason System Engineer

Heidi Picher Dempsey hdempsey@geni.net

Related Projects

none listed currently

Attachments (22)