Version 16 (modified by, 15 years ago) (diff)

Under Technical Documents: added pointer to and description of TIED/DETER federation architecture website

Project Number


Project Title

TIED: Trial Integration Environment in DETER

a.k.a. DETER

Technical Contacts

Principal Investigator: John Wroclawski

Co-Principal Investigator: Terry Benzel

Ted Faber faber@ISI.EDU

Participating Organizations

University of Southern California Information Sciences Institute, Marina del Rey

University of California, Berkeley


The scope of work on this project is to develop and evangelize a control framework that particularly emphasizes usability across different communities, through federation, rich trust/security models, and similar enabling mechanisms.


MilestoneDate(TIED:Identify specific year 1 outreach communities.)?
MilestoneDate(TIED:Initial component and clearinghouse documentation.)?
MilestoneDate(TIED:Release v 0.1 of component manager and clearinghouse.)?
MilestoneDate(TIED:Begin prototype clearinghouse operation.)?
MilestoneDate(TIED:Provide user access to DETER via TIED.)?
MilestoneDate(TIED:Participate in NSF TRUST Science and Technology Center's teacher education program.)?
MilestoneDate(TIED:Demonstrate extended functionalities for outreach communities.)?
MilestoneDate(TIED:Provide direct VLAN interface to TIED resources)?
MilestoneDate(TIED:Support running federated experiments.)?

Project Technical Documents

TIED/DETER Federation Architecture Website

Information about the TIED/DETER federation system, including overview, detailed user and developer documentation, pointers to published papers, and released code.

DFA is a system that allows a researcher to construct experiments that span testbeds by dynamically acquiring resources from other testbeds and configuring them into a single experiment. As closely as possible that experiment will mimic a single DETER/Emulab experiment.

Though the experiment appears to be a cohesive whole, the testbeds that loan the resources retain control of those resources. Because testbeds retain this control, each testbed may issue credential necessary for manipulating the federated resources. For example, a testbed that has loaned nodes to an experiment may require the experimenter to present a credential issued by that testbed (e.g., an SSH key or SSL certificate) to reboot those nodes. The system acquires those credentials on behalf of experimenters and distributes them on behalf of testbeds.

Testbed administrators may use the system to establish regular policies between testbeds to share resources across many users of a testbed. Similarly, a single user with accounts on multiple testbeds can use the same interfaces to coordinate experiments that share his testbed resource, assuming sharing those resources does not violate the policy of any of the constituent testbeds.

Quarterly Status Reports

4Q08 Status Report

1Q09 Status Report

Spiral 1 Connectivity


GPO Liason System Engineer

Heidi Picher Dempsey

Related Projects

DETERlab Testbed (cyber-DEfense Technology Experimental Research laboratory Testbed)

Attachments (12)