Version 20 (modified by 14 years ago) (diff) | ,
---|
Project Number
1632
Project Title
GENI Security Architecture Toolkit
a.k.a. SECARCH
Technical Contacts
PI: Stephen Schwab Stephen Schwab (located in Columbia, MD SPARTA office)
Sandy Murphy (located in Columbia, MD SPARTA office)
Alefiya Hussain alefiya.hussain@sparta.com (located in El Segundo, CA SPARTA office)
Former Project Member: Jim Horning (located in Palo Alto SPARTA office)
Participating Organizations
Scope
This effort will define a GENI Security Architecture, in support of the broad goals for GENI Spirals 1-3, including (a) working with teams prototyping multiple control frameworks and (b) demonstrating end-to-end slicing across a range of technologies, including Ethernet VLANs as an initial universal service offered by GENI. By interacting continuously with testbed prototyping efforts, we will jointly refine the security requirements, reflect those requirements within the security architecture, and validate through feedback gleaned from our collaborator’s rapid deployment cycles that our security architecture concepts are indeed aligned and addressing the needs of the GENI testbed community.
Task 1. Develop security designs for each of the three major integration spirals, working in close collaboration with the funded projects for each spiral. Also work with the GENI operations team (one of the funded projects) and the GPO on designs for sharing operational, measurement, and end-user data between projects in a way that fits into the overall security design for the spiral.
Task 2. Collaborate with the GENI control framework architects, the GPO, and other interested GENI participants (such as campus CIOs) to develop a security architecture for GENI.
Task 3. Through activities in appropriate GENI working groups, produce draft GENI Security Architecture and Policy documents that encompass the longer-term GENI design that the GENI Community expects to put in place after the first 3 spiral integrations are complete.
Milestones
Spiral 1
- MilestoneDate(SECARCH: S1.a Draft Security Design Report)?
- MilestoneDate(SECARCH: S1.b Security Contributions to GMOC documents)?
- MilestoneDate(SECARCH: S1.c Revised Security Design Report)?
Spiral 2
- MilestoneDate(SECARCH: S2.a draft S2 Security Design report)?
- MilestoneDate(SECARCH: S2.b Release Spiral 2 Security Design Report)?
- MilestoneDate(SECARCH: S2.c Produce draft detailed outline of revised Spiral 2 Security Design Report)?
- MilestoneDate(SECARCH: S2.d Release revised Spiral 2 Security Design Report)?
- MilestoneDate(SECARCH: S2.e Review GMOC design documents and contribute to security designs for GMOC Spiral 2)?
Project Technical Documents
A useful GENI Planning Group Security document (for reference only).
Spiral 1 Draft Security Design Report Comments and feedback eagerly solicited. Please send comments to Stephen Schwab.
Spiral 2 Draft Security Design Report Comments and feedback eagerly solicited. Please send comments to Stephen Schwab.
Spiral 3
MilestoneDate(SECARCH: S3.a Draft Spiral 3 Security Design Reports)?
MilestoneDate(SECARCH: S3.b Release Spiral 3 Security Design Report (GEC9 based))?
MilestoneDate(SECARCH: S3.c Draft Spiral 3 Security Design Reports (GEC10 based))?
MilestoneDate(SECARCH: S3.d Release Spiral 3 Security Design Report (GEC11 based))?
MilestoneDate(SECARCH: S3.e Review GMOC design documents and contribute to security designs for GMOC Spiral 3)?
Quarterly Status Reports
- 4Q09 Status Report
- 1Q10 Status Report
- 2Q10 Status Report
- GEC9 2010 Status Report
- GEC10 2010 Status Report
Spiral 1 Connectivity
There are no special connectivity requirements for this project. The PI already has sufficient IP access to all projects from his office (Rosslyn, VA) and home.
The security staff on this project will need accounts with all control frameworks and the GMOC in order to familiiarize themselves with details of using these frameworks. The PI may also need access to the virtual ethernet configuration/control interfaces, if they are not controlled directly by the clearinghouses in the first prototypes. The PI already has access to Emulab and PlanetLab.
GPO Liaison System Engineer
Heidi Picher Dempsey hdempsey@geni.net
Related Projects
none listed currently
Attachments (22)
- GDD-06-23.pdf (175.0 KB) - added by 16 years ago.
-
GENI-SEC-ARCH-0.4.pdf (401.6 KB) - added by 16 years ago.
This is the spiral 1 draft offered as a starting point for the GENI Security Architecture. This is a living document, expected to be revised and expanded significantly over the next 2.5 years. Comments and feedback are eagerly solicited.
-
SPARTA-GSAT-Dec2008.doc (29.5 KB) - added by 16 years ago.
Q42008 SPARTA quarterly report
-
GMOC-SECARCH.pdf (204.4 KB) - added by 15 years ago.
GMOC and GENI Security Architecture Collaboration Report
-
GENI-SEC-ARCH-0.5.pdf (1.1 MB) - added by 15 years ago.
The revised security architecture includes the security mechansim implementations in the five control frameworks
-
SPARTA-GSAT-Mar2009.doc (39.0 KB) - added by 15 years ago.
second quarterly report
-
SPARTA-GSAT-Jun2009.doc (31.0 KB) - added by 15 years ago.
third quarterly report
-
GENI-SEC-ARCH-0.55.pdf (1.8 MB) - added by 15 years ago.
Spiral One Security Architecture Report
-
GENI-SEC-ARCH-Draft-Outline-spiral2.doc (26.5 KB) - added by 15 years ago.
GENI Security Architecture DRAFT Outline and POCs for Spiral 2 -- bolded names indicate individuals on specific projects that GSAT intends to consult with regarding security issues and input for Spiral 2 Security Architecuture (slated for Jan 31, 2010)
-
GENI-SEC-ARCH-Draft-spiral2-0.5.pdf (1.8 MB) - added by 15 years ago.
GENI Security Architecture Report - Spiral 2 Draft 0.5
-
GENI-SEC-ARCH-Draft-Outline2-spiral2.doc (27.5 KB) - added by 14 years ago.
GENI Security Architecture DRAFT Outline2 and POCs for Spiral 2 -- bolded names indicate individuals on specific projects that GSAT intends to consult with regarding security issues and input for final Spiral 2 Security Architecuture (slated for Aug 15, 2010)
-
GMOC-Meeting-July-28-2010.docx (14.9 KB) - added by 14 years ago.
Notes on Collaboration/Coordination with GMOC project
-
GMOC-Meeting-July-28-2010.doc (32.0 KB) - added by 14 years ago.
Notes on Collaboration/Coordination with GMOC project
-
GENI-SEC-ARCH-Draft-spiral2-0.9.doc (2.6 MB) - added by 14 years ago.
GENI Security Architecture - Spiral 2 - Draft 0.9
-
SecArch-review.ppt (548.5 KB) - added by 14 years ago.
Spiral 2 review presentation.
-
Authorization-plan-rev0.4.pdf (82.2 KB) - added by 14 years ago.
Plan for including ABAC Authorization within GENI Control Framework APIs
-
Authorization-Plan.pdf (254.7 KB) - added by 14 years ago.
Authorization Plan talk by Steve Schwab from Software Track of GEC-10
-
GENI-Spiral3-DRAFT-Outline-Security-Design-Report.doc (27.5 KB) - added by 13 years ago.
GENI Spiral 3 Draft Outline Security Design Report
-
GENI-Spiral3-Security-Design-Report.doc (56.0 KB) - added by 13 years ago.
GENI Spiral 3 Security Design Report
-
Security-BestPractices-DRAFT-0.2-1.doc (81.5 KB) - added by 13 years ago.
DRAFT Security Best Practices
-
experimenters-code-of-ethics-draft-0.9.pdf (40.2 KB) - added by 13 years ago.
GENI Experimenter's Code of Ethics
-
experimenters-code-of-ethics-draft-0.9.docx (151.4 KB) - added by 13 years ago.
GENI Experimenter's Code of Ethics (MSWord docx)