Changes between Version 16 and Version 17 of TIED
- Timestamp:
- 07/14/09 14:38:04 (15 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
TIED
v16 v17 1 '''Project Number''' 1 = Project Number = 2 2 3 1609 [[BR]]3 1609 4 4 5 '''Project Title''' 5 = Project Title = 6 6 7 TIED: Trial Integration Environment in DETER [[BR]]7 TIED: Trial Integration Environment in DETER 8 8 9 9 a.k.a. DETER 10 10 11 '''Technical Contacts'''[[BR]] 11 = Technical Contacts = 12 12 13 13 Principal Investigator: John Wroclawski jtw@isi.edu … … 18 18 19 19 20 '''Participating Organizations'''[[BR]] 20 = Participating Organizations = 21 21 22 [http://www.isi.edu/index.php University of Southern California Information Sciences Institute], Marina del Rey[[BR]] 22 * [http://www.isi.edu/index.php University of Southern California Information Sciences Institute], Marina del Rey 23 * [http://www.eecs.berkeley.edu/ University of California, Berkeley] 23 24 24 [http://www.eecs.berkeley.edu/ University of California, Berkeley] 25 26 '''Scope''' 25 = Scope = 27 26 28 27 The scope of work on this project is to develop and evangelize a control framework that particularly emphasizes usability across different communities, through federation, rich trust/security models, and similar enabling mechanisms. 29 28 30 '''Milestones''' 29 TIED is based on the [http://fedd.isi.deterlab.net TIED/DETER federation system], which allows a researcher to construct experiments that span testbeds by dynamically acquiring resources from other testbeds and configuring them into a single experiment. As closely as possible that experiment will mimic a single DETER/Emulab experiment. 31 30 32 [[MilestoneDate(TIED:Identify specific year 1 outreach communities.)]] 33 [[BR]] 34 [[MilestoneDate(TIED:Initial component and clearinghouse documentation.)]] 35 [[BR]] 36 [[MilestoneDate(TIED:Release v 0.1 of component manager and clearinghouse.)]] 37 [[BR]] 38 [[MilestoneDate(TIED:Begin prototype clearinghouse operation.)]] 39 [[BR]] 40 [[MilestoneDate(TIED:Provide user access to DETER via TIED.)]]41 [[BR]]42 [[MilestoneDate(TIED:Participate in NSF TRUST Science and Technology Center's teacher education program.)]]43 [[BR]]44 [[MilestoneDate(TIED:Demonstrate extended functionalities for outreach communities.)]]45 [[BR]]46 [[MilestoneDate(TIED:Provide direct VLAN interface to TIED resources)]]47 [[BR]]48 [[MilestoneDate(TIED:Support running federated experiments.)]]31 This model fundamentally supports creation of cohesive experiments (slices) from independently administered resources (components/aggregates). Because resources are independently administered and serves different communities, the authorization system needs to support a rich delegation structure, formal semantics, efficient negotiation, and clear auditing. The [http://www.isso.sparta.com/research_projects/security_infrastructure/abac_overview.html ABAC] system meets those requirements; TIED is integrating this into the federation system. 32 33 To make use of widely distributed components it is helpful to establish guaranteed network connections between them. TIED is addressing this by federating with testbeds that represent dynamically allocatable wide-area network resources. The prototyping plan is to use DRAGON interfaces to configure these resources. 34 35 Finally, TIED is expressly reaching out to research and education communities that are not traditionally considered in GENI design. In particular we are interested in researchers outside networing and systems and students at K-12 schools or community colleges. 36 37 = Milestones = 38 39 * [[MilestoneDate(TIED:Identify specific year 1 outreach communities.)]] 40 * [[MilestoneDate(TIED:Initial component and clearinghouse documentation.)]] 41 * [[MilestoneDate(TIED:Release v 0.1 of component manager and clearinghouse.)]] 42 * [[MilestoneDate(TIED:Begin prototype clearinghouse operation.)]] 43 * [[MilestoneDate(TIED:Provide user access to DETER via TIED.)]] 44 * [[MilestoneDate(TIED:Participate in NSF TRUST Science and Technology Center's teacher education program.)]] 45 * [[MilestoneDate(TIED:Demonstrate extended functionalities for outreach communities.)]] 46 * [[MilestoneDate(TIED:Provide direct VLAN interface to TIED resources)]] 47 * [[MilestoneDate(TIED:Support running federated experiments.)]] 49 48 50 49 51 '''Project Technical Documents''' 50 = Project Technical Documents = 52 51 53 [http://fedd.isi.deterlab.net TIED/DETER Federation Architecture Website] [[BR]] 52 [http://fedd.isi.deterlab.net The TIED/DETER Federation architecture and implementation]:: 53 Information about the TIED/DETER federation system, including overview, detailed user and developer documentation, pointers to published papers, and released code. 54 54 55 Information about the TIED/DETER federation system, including overview, detailed user and developer documentation, pointers to published papers, and released code. 55 [wiki:TIEDClearinghouse The TIED Clearinghouse]:: 56 Description of how the TIED stsyem provides GENI clearinghouse functionality, including how to join 56 57 57 DFA is a system that allows a researcher to construct experiments that span testbeds by dynamically acquiring resources from other testbeds and configuring them into a single experiment. As closely as possible that experiment will mimic a single DETER/Emulab experiment. 58 [wiki:TIEDABACModel The ABAC model in TIED]:: 59 Discussion of ABAC concepts and how they relate to TIED implementation 58 60 59 Though the experiment appears to be a cohesive whole, the testbeds that loan the resources retain control of those resources. Because testbeds retain this control, each testbed may issue credential necessary for manipulating the federated resources. For example, a testbed that has loaned nodes to an experiment may require the experimenter to present a credential issued by that testbed (e.g., an SSH key or SSL certificate) to reboot those nodes. The system acquires those credentials on behalf of experimenters and distributes them on behalf of testbeds. 61 [wiki:TIEDABACDemo]:: 62 A worked example of ABAC applied to a GENI scenario. Also shows the TIED attribute explorer. 63 64 = [http://groups.geni.net/geni/wiki/TIED/QuarterlyStatus Quarterly Status Reports] = 60 65 61 Testbed administrators may use the system to establish regular policies between testbeds to share resources across many users of a testbed. Similarly, a single user with accounts on multiple testbeds can use the same interfaces to coordinate experiments that share his testbed resource, assuming sharing those resources does not violate the policy of any of the constituent testbeds. 66 * [http://groups.geni.net/geni/attachment/wiki/TIED/QuarterlyStatus/TIED%20QPR%2012-31-08.pdf 4Q08 Status Report] 67 * [http://groups.geni.net/geni/attachment/wiki/TIED/QuarterlyStatus/TIED%20QPR%2003-31-09.pdf 1Q09 Status Report] 62 68 63 '''[http://groups.geni.net/geni/wiki/TIED/QuarterlyStatus Quarterly Status Reports]'''[[BR]] 64 65 [http://groups.geni.net/geni/attachment/wiki/TIED/QuarterlyStatus/TIED%20QPR%2012-31-08.pdf 4Q08 Status Report] [[BR]] 66 67 [http://groups.geni.net/geni/attachment/wiki/TIED/QuarterlyStatus/TIED%20QPR%2003-31-09.pdf 1Q09 Status Report] [[BR]] 68 69 '''Spiral 1 Connectivity''' 69 = Spiral 1 Connectivity = 70 70 71 71 TBD 72 72 73 '''GPO Liason System Engineer''' 73 = GPO Liason System Engineer = 74 74 75 75 Heidi Picher Dempsey hdempsey@geni.net 76 76 77 '''Related Projects''' 77 = Related Projects = 78 78 79 [http://www.isi.edu/deter/ DETERlab Testbed (cyber-DEfense Technology Experimental Research laboratory Testbed) ] 79 * [http://www.isi.edu/deter/ DETERlab Testbed (cyber-DEfense Technology Experimental Research laboratory Testbed) ] 80 * [http://fedd.isi.deterlab.net TIED/DETER Federation Architecture Website]