NOVI: Networking innovations Over Virtualized Infrastructures

Slides:

Advertisements

Similar presentations

An Adaptive Policy-Based Framework for Network Service Management Leonidas Lymberopoulos Emil Lupu Morris Sloman Department of Computing Imperial College.

Advertisements

TU/e Service Discovery Mechanisms: two case studies / IC2002 Service Discovery Mechanisms: Two case studies Control point Device UPnP Terminal Domain Host.

TSpaces Services Suite: Automating the Development and Management of Web Services Presenter: Kevin McCurley IBM Almaden Research Center Contact: Marcus.

Operating Systems Operating system is the “executive manager” of all hardware and software.

Virtualized Infrastructure Deployment Policies (Copper) 19 February 2015 Bryan Sullivan, AT&T.

Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved DISTRIBUTED SYSTEMS.

SERC Security Systems Engineering Initiative Dr. Clifford Neuman, Director USC Center for Computer Systems Security Information Sciences Institute University.

A Heterogeneous Network Access Service based on PERMIS and SAML Gabriel López Millán University of Murcia EuroPKI Workshop 2005.

© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Ensure geographical redundancy.

A Research Agenda for Accelerating Adoption of Emerging Technologies in Complex Edge-to-Enterprise Systems Jay Ramanathan Rajiv Ramnath Co-Directors,

OnTimeMeasure Integration with Gush Prasad Calyam, Ph.D. (PI) Tony Zhu (Software Programmer) Alex Berryman (REU Student) GEC10 Selected.

Kostas Giotis, Yiannos Kryftis, Vasilis Maglaris

1 Secure Distributed Objects for Grid Applications Laurent Baduel, Arnaud Contes, Denis Caromel OASIS team ProActive

Unrestricted Connection manager MIF WG IETF 78, Maastricht Gaëtan Feige, Cisco (presenter) Pierrick Seïté, France Telecom -

1 A pattern language for security models Eduardo B. Fernandez and Rouyi Pan Presented by Liping Cai 03/15/2006.

Integrated Management 2007, Munich, Germany LIUPPA – Self-* Université de Pau (FRANCE) Autonomic Management of Component-Based Embedded Software J.-M.

SWIM-SUIT Information Models & Services

© DATAMAT S.p.A. – Giuseppe Avellino, Stefano Beco, Barbara Cantalupo, Andrea Cavallini A Semantic Workflow Authoring Tool for Programming Grids.

Copyright 2014 Open Networking User Group. All Rights Reserved Confidential Not For Distribution Six Steps To A Common Open Networking Ecosystem Common.

TOSCA Monitoring Reference Architecture Straw-man Roger Dev CA Technologies March 18, 2015 PRELIMINARY.

Page 1 Accounting Management in a TINA- Based Service and Network Environment Patrick Hellemans, Cliff Redmond, Koen Daenen, Dave Lewis IS&N 99 - Barcelona.

CSIIR Workshop March 14-15, Privilege and Policy Management for Cyber Infrastructures Dennis Kafura Markus Lorch Support provided by: Commonwealth.

A Standards-Based Approach for Supporting Dynamic Access Policies for a Federated Digital Library K. Bhoopalam, K. Maly, F. McCown, R. Mukkamala, M. Zubair.

Independent Insight for Service Oriented Practice Summary: Service Reference Architecture and Planning David Sprott.

Recording Actor Provenance in Scientific Workflows Ian Wootten, Shrija Rajbhandari, Omer Rana Cardiff University, UK.

Ceilometer + Gnocchi + Aodh Architecture

GRID ANATOMY Advanced Computing Concepts – Dr. Emmanuel Pilli.

D. Stiliadis F. Balus W. Henderickx N. Bitar M. Pisica Software Driven Networks: Use Cases and Framework draft-stiliadis-sdnp-framework-use-cases-01.txt.

Sponsored by the National Science Foundation 1 March 15, 2011 GENI I&M Update: I&M Service Types, Arrangements, Assembling Goals Architecture Overview.

1 Prototype for the interoperability between FEDERICA slices and other IP domains by means of the IPsphere Framework Josep Pons Camps i2Cat.

Project Cumulus Overview March 15, End Goal Unified Public & Private PaaS for GlassFish/Java EE Simplify deployment of Java EE Apps on top of.

CT-PPS DB Info (Preliminary) DB design will be the same as currently used for CMS Pixels, HCAL, GEM, HGCAL databases DB is Oracle based A DB for a sub-detector.

RESERVOIR Service Manager NickTsouroulas Head of Open-Source Reference Implementations Unit Juan Cáceres

Witold Staniszkis Empowering the Knowledge Worker End-User Software Engineering in Knowledge Management Witold Staniszkis

Introduction to DBMS Purpose of Database Systems View of Data

Access Control Model SAM-5.

Multi-layer software defined networking in GÉANT

Use Case for Distributed Data Center in SUPA

Understanding Android Security

GENUS Virtualisation Service for GÉANT and European NRENs

Doctor + OPenStack Congress

Cloud based linked data platform for Structural Engineering Experiment

IC Conceptual Data Model (CDM)

Integrated Management System and Certification

StratusLab Final Periodic Review

StratusLab Final Periodic Review

Location Information Services

World-Leading Research with Real-World Impact!

Grid Network Services: Lessons from SC04 draft-ggf-bas-sc04demo-0.doc

Integrated Management System and Certification

Enterprise vCPE use case requirement

Use Cases and Requirements for I2NSF_

Service requirements from 3GPP TS

Sharon Chisholm Netconf Phase 2 Musing Sharon Chisholm

Cisco’s Intelligent Automation for Cloud

Documenting ONAP components (functional)

2016 Primeur ©.

Chapter 9 Requirements Modeling: Scenario-Based Methods

Network side issues in WLAN Interworking

NAAS 2.0 Features and Enhancements

11. The future of SDMX Introducing the SDMX Roadmap 2020

Introduction to DBMS Purpose of Database Systems View of Data

The SDGs in Flanders November 27, 2018.

Group Policy Preferences

Understanding Android Security

Access Control What’s New?

Ponder policy toolkit Jovana Balkoski, Rashid Mijumbi

Qiong Sun (China Telecom, Presenter)

End-to-End Reconfigurability (E2R)

Standards, Models and Language

Presentation transcript:

NOVI: Networking innovations Over Virtualized Infrastructures STREP Project No. 257867, Call 5 – FIRE Policy Framework Leonidas Lymberopoulos NOVI Workshop Barcelona, March 15th 2012

Policy types Authorization Policies to specify which actors have access to which virtual resources Event-Condition-Action Policies that enforce control & management actions upon certain events within the managed environment. Role-Based-Access Control Policies to specify which classes of actors have access to which virtual resources. Mission Policies that define the obligations of a domain in respect to the other domains within a NOVI federation. Duties are specified as sets of Authorization and Event-Condition-Action policies. NOVI Workshop 15 March 2012

Policy Service within NOVI's C&M plane NOVI Workshop 15 March 2012

Example PlanetLab policy objects NOVI Workshop 15 March 2012

Example FEDERICA policy objects NOVI Workshop 15 March 2012

Slice reconfiguration example using an event-condition-action policy An event is generated by the Monitoring Service indicating that a PlanetLab virtual resource in a NOVI slice (topology in the NOVI IM) is no longer available. This event (vnodefailure) triggers an event-condition-action policy rule (virtualnodefailure) within the Policy Service. Policy Service calls the “updateSlice” method of Intelligent Resource Mapping Service to find a new solution to fulfill the needs of the user’s request. NOVI Workshop 15 March 2012

Example authorization policy configuration file newauthpol := root load: "AuthorisationPolicy". root/factory at: "newauthpol" put: newauthpol. root/authdom at: "a1" put: (newauthpol subject: root/Usersdomain/User1 action: "access:" target: root/Resources/planetlab2-novi focus: "t"). root/authdom/a1 reqneg. // set the policy negative, auth - root/authdom/a1 active: true //activate this policy NOVI Workshop 15 March 2012

Future Work Inter-domain relationships as missions A mission defines the requirements of one domain for interacting with another. A mission is a group of policies which defines the duties of the remote domain as a set of obligation policies it must enforce. Obligation policies are written according to the mission interfaces for each domain. Mission interfaces specify Events, Notifications, Local actions and Remote actions. Integration of the Policy Ontology in the NOVI Service Layer Definition of Roles, so that Role Based Access Control policies can be deployed NOVI Workshop 15 March 2012