Changes between Version 3 and Version 4 of TIEDQ12011


Ignore:
Timestamp:
04/04/11 18:57:07 (8 years ago)
Author:
faber@isi.edu
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • TIEDQ12011

    v3 v4  
    4545One of the important trial integrations was with the GENIAPI AM code, the purpose of which was showing that exising implementations of both the AM and ABAC were mature enough to work together.  Though most of the coding was undertaken last quarter, the code (and more importantly the documentation) was made available early this quarter.  This proceeded as expected, showing that the code functions and interoperates correctly, and in the process important contacts and informational exchanges were accomplished between TIED staff and GPO staff.
    4646
     47We both encoded GENI policy into ABAC credentials and produced an explanatory document describing both the GENI policy and the ABAC encoding of it that has proven powerful in explaining the problem and ABAC's role in its solution.  In preparing the integrated AM code, we technically demonstrated this capability, so we took advantage of the second milestone to both provide a more comprehensive encoding of GENI policy and to provide a comprehensive documentation of that encoding.  That document has been the basis for many ongoing discussions among GENI implementers and was part of the basis for the agreement reached at GEC10.
     48
     49Finally, in conjunction with GPO staff and Steve Schwab, the GENI security architect, TIED staff were instrumental in forging an agreement to integrate ABAC with an GENI CF - ProtoGENI - this year.  This entailed several discussions and presentations at GEC10.
     50
     51== ABAC Developement ==
     52
     53ABAC is a multi-platform implementation of our authorization system that is missing a system for administrators to interpret and create credentials encoding a policy or proof.  This quarter we extended our existing credential browser significantly to display policies and proofs in clearer ways as well as to provide the crytpographic representations of those credentials.  That browser was demonstrated at GEC10.
     54
     55As a side effect of that broswer development, which was carried out in Java, we now have an interoperable implementation in Java.  Our initial plan was to use our existing multi-platform tool - swig - to produce a Java implementation, but swig-generated code proved too unstable.  A native-java implementation was developed and is integrated into the most recent ABAC release (0.1.3).  Orca developers who work in java are currently taking that code up.
     56
     57In addition, the ABAC libraries with Java support are being integrated into the GENI Integration release 3.1.
     58
     59== Interface Discussions ==
     60
     61This quarter saw circulation of a document discussing missing pieces of the GENIAPI interface, primarily concerned with missing interfaces that impede interoperability between control frameworks.  We identified these problems when designing plug-ins to allocate resources across control frameworks using TIED's federation system.  This document describes our suggestions for steps forward to improve the situation.
     62
     63We have circulated the document privately among the key GENI and GPO developers and then released it to the control framework mailing list.  It continues to generate discussion and debate.
     64
     65== International Collaboration ==
     66
     67As we have reported earler, TIED is collaborating with several Japanese research agencies on federating testbeds using TIED and GENI technologies.The organizations are the Nara Institute of Science and Technology ([http://www.naist.jp/index_j.html NAIST]) working with Prof. Suguru Yamaguchi, the Japan Advanced Institute of Science and Technology ([http://www.jaist.ac.jp/ JAIST]), working with Yoichi Shinoda and Prof. Tetsuo Wasano, and the [http://www.j.u-tokyo.ac.jp/ Univeristy of Tokyo], working with Prof. Yuji Sekiya. The [http://www.isi.edu ISI] investigators are John Wroclawski (PI) and Bill Manning.
     68
     69There are four goals of this collaboration:
     70
     71 * Prototyping a TIED plug-in for access to the Japanese [http://www.starbed.org StarBed] facility
     72 * Demonstrating two cooperative seed research projects
     73 * Demonstrating research enabled by federation
     74   * One group plans to access the BGPMUX in ProtoGENI from !StarBed using the TIED plug-in developed above
     75 * Student Exchanges
     76
     77We advanced the first and last of these goals this quarter by sending TIED staffer Mike Ryan to Japan for several weeks.  Mike took part in WIDE camp and spent time learning the details of the StarBed model as well as educating his Japanese counterparts in the TIED model of federation.  Though Mike's stay was interrupted, the collaboration and co-development is continuing.
     78
     79== Project participants ==
     80 * Individuals directly supported by TIED award:
     81   * John Wroclawski, PI
     82   * Ted Faber, Research Computer Scientist
     83   * Tom Lehman, Research Computer Scientist
     84
     85 * Individuals contributing to the project with outside support:
     86   * Jelena Mirkovic, ISI Research Computer Scientist
     87   * Mike Ryan, ISI Systems Programmer
     88   * Jay Jacobs, Cobham Systems Programmer
     89   * Brett Wilson, Cobham Systems Programmer
     90   * Bill Manning, Research Staff Member
     91
     92 * International Collaborators
     93   * Prof. Suguru Yamaguchi, Graduate School of Information Science, Nara Institute of Science and Technology (NIAST)
     94   * Yoichi Shinoda, Internet Research Center, Japan Advanced Institute of Science and Technology (JAIST) and Horuriku Research Center, National Institute of Incormation and Communications Technology (NICT)
     95   * Prof. Tetsuo Wasano, Internet Research Center, Japan Advanced Institute of Science and Technology (JAIST)
     96   * Prof. Yuji Sekiya, University of Tokyo