A History of the Next Five Years: (the rise of indoor plumbing)

Slides:



Advertisements
Similar presentations
Unified Communications Bill Palmer ADNET Technologies, Inc.
Advertisements

Polycom Unified Collaboration for IBM Lotus Sametime and IBM Lotus Notes January 2010.
The Access Grid Ivan R. Judson 5/25/2004.
GT 4 Security Goals & Plans Sam Meder
ASCR Data Science Centers Infrastructure Demonstration S. Canon, N. Desai, M. Ernst, K. Kleese-Van Dam, G. Shipman, B. Tierney.
Federated Digital Rights Management Mairéad Martin The University of Tennessee TERENA General Assembly Meeting Prague, CZ October 24, 2002.
Data Grid: Storage Resource Broker Mike Smorul. SRB Overview Developed at San Diego Supercomputing Center. Provides the abstraction mechanisms needed.
High Performance Computing Course Notes Grid Computing.
Internet2 and other US WMD Update. Topics Update on non-merger, Newnet (and the control plane), InCommon and other feds “Product” update – Shib, Grouper,
1 Software & Grid Middleware for Tier 2 Centers Rob Gardner Indiana University DOE/NSF Review of U.S. ATLAS and CMS Computing Projects Brookhaven National.
Technology Steering Group January 31, 2007 Academic Affairs Technology Steering Group February 13, 2008.
Grids and Grid Technologies for Wide-Area Distributed Computing Mark Baker, Rajkumar Buyya and Domenico Laforenza.
Presenter’s Name InCommon Approximately 80 members and growing steadily More than two million “users” Most of the major research institutions (MIT joining.
Understanding Active Directory
Welcome to CAMP Identity Management Integration Workshop Ann West NMI-EDIT EDUCAUSE/Internet2.
Intro to Identity for Developers Tom Barton, U Chicago Scott Cantor, Ohio State Patrick Michaud, U Washington.
CI Days: Planning Your Campus Cyberinfrastructure Strategy Russ Hobby, Internet2 Internet2 Member Meeting 9 October 2007.
1 School of Computer, National University of Defense Technology A Profile on the Grid Data Engine (GridDaEn) Xiao Nong
What is Cyberinfrastructure? Russ Hobby, Internet2 Clemson University CI Days 20 May 2008.
Middleware Support for Virtual Organizations Internet 2 Fall 2006 Member Meeting Chicago, Illinois Stephen Langella Department of.
NSF Middleware Initiative Renee Woodten Frost Assistant Director, Middleware Initiatives Internet2 NSF Middleware Initiative.
Internet2 Middleware Initiative. Discussion Outline  What is Middleware why is it important why is it hard  What are the major components of middleware.
1 4/23/2007 Introduction to Grid computing Sunil Avutu Graduate Student Dept.of Computer Science.
Collaborative Platforms. Collaborations and Virtual Organizations IdM is a critical dimension of collaboration, crossing many applications.
Intro to Shibboleth and Federation… Ken Klingenstein Director, Internet2 Middleware and Security.
Scared Straight… if you want to go outside… Authenticate Locally, Act Globally.
NA-MIC National Alliance for Medical Image Computing UCSD: Engineering Core 2 Portal and Grid Infrastructure.
GRID Overview Internet2 Member Meeting Spring 2003 Sandra Redman Information Technology and Systems Center and Information Technology Research Center National.
Ruth Pordes November 2004TeraGrid GIG Site Review1 TeraGrid and Open Science Grid Ruth Pordes, Fermilab representing the Open Science.
| Copyright© 2011 Microsoft Corporation 1 journey to the cloud KOEN VAN TOLHUYZEN TSP OFFICE 365 MICROSOFT CORPORATION.
Introduction to Grids By: Fetahi Z. Wuhib [CSD2004-Team19]
Advanced CAMP: BoF Summaries. 2 Role-based Access Control (RBAC)
Internet2 AdvCollab Apps 1 Access Grid Vision To create virtual spaces where distributed people can work together. Challenges:
Globus and PlanetLab Resource Management Solutions Compared M. Ripeanu, M. Bowman, J. Chase, I. Foster, M. Milenkovic Presented by Dionysis Logothetis.
Cyberinfrastructure Overview Russ Hobby, Internet2 ECSU CI Days 4 January 2008.
Welcome to Base CAMP: Enterprise Directory Deployment Ken Klingenstein, Director, Internet2 Middleware Initiative Copyright Ken Klingenstein This.
GRID ANATOMY Advanced Computing Concepts – Dr. Emmanuel Pilli.
University of Washington Collaboration: Identity and Access Management Lori Stevens University of Washington October 2007.
© Copyright AARNet Pty Ltd PRAGMA Update & some personal observations James Sankar Network Engineer - Middleware.
NSF Middleware Initiative and Enterprise Middleware: What Can It Do for My Campus? Renee Woodten Frost Internet2/University of Michigan.
Back to Basics A Tour of Microsoft SharePoint. Who am I? Kenny Duenke Lead Systems Analyst RGA
Welcome to CAMP Directory Workshop Ken Klingenstein, Internet2 and University of Colorado-Boulder.
Active Directory Domain Services (AD DS). Identity and Access (IDA) – An IDA infrastructure should: Store information about users, groups, computers and.
NSF Middleware Initiative and Enterprise Middleware: What Can It Do for My Campus? Mark Luker, EDUCAUSE Copyright Mark Luker, This work is the intellectual.
THE CAMPUS IDENTITY SYSTEM Lucy Lynch, NSRC. Learning Objectives Discovering the key role campus networks play in trusted identities for R&E Authoritative.
Data Grids, Digital Libraries and Persistent Archives: An Integrated Approach to Publishing, Sharing and Archiving Data. Written By: R. Moore, A. Rajasekar,
Collaboration and Federated Identity Two powerful forces being leveraged – the rise of federated identity – the bloom in collaboration tools, most particularly.
Bob Jones EGEE Technical Director
LIGO Identity and Access Management
Regional Operations Centres Core infrastructure Centres
Clouds , Grids and Clusters
Building Distributed Educational Applications using P2P
Federated IdM Across Heterogeneous Clouding Environment
Marketplace & service catalog concepts, first design analysis
Objectives Differentiate between the different editions of Windows Server 2003 Explain Windows Server 2003 network models and server roles Identify concepts.
Grid Computing.
Introduction How to combine and use services in different security domains? How to take into account privacy aspects? How to enable single sign on (SSO)
Grid Computing B.Ramamurthy 9/22/2018 B.Ramamurthy.
Virtual organization support services:
Virtual organization support services:
Context, Gaps and Challenges
Grid Services B.Ramamurthy 12/28/2018 B.Ramamurthy.
Implementing Production Grids
Common Solutions to Common Problems
HingX Project Overview
Introduction to Grid Technology
Extending the Measurement Infrastructure of Pipes beyond Abilene
The Anatomy and The Physiology of the Grid
The Anatomy and The Physiology of the Grid
Presentation transcript:

A History of the Next Five Years: (the rise of indoor plumbing)

2/22/2019

Topics Hooking applications to the plumbing Role and rule based authorization Work flow Virtual organizations Privacy managers Global issues 2/22/2019

Hooking applications to the plumbing The importance of presence in real time communications Externalizing from the application as more of the plumbing gets created E.g authentication, group management, privilege management Integration, integration, integration Fine-grain access control is attractive and dangerous; beware of complexity 2/22/2019

Role and rule based authorization Role-based is the only scalable approach Requires campus business process reengineering Roles have standard modifiers, such as limits, prerequisites, expiration dates, etc. Delegation of roles desirable but tricky Rule-based allows lots of real-time exceptions Doctors in the emergency room Visitors with laptops in the library When processor use drops below 10% 2/22/2019

Work Flow Closely related to authorization, in technology and practice Applies to a wide variety of situations, from business uses to job scheduling in grids to message handling. May be a common architecture across those use cases, and perhaps tools of relatively broad scope to build. 2/22/2019

Virtual Organizations (VO’s) Examples, differentiators, current challenges The common requirements Background on recent middleware work The virtual organization support space Role of enterprise and of federation Role of virtual organization support center Role of virtual organization The business case for/against the model How do we know if it is viable… 2/22/2019

Virtual Organizations Geographically distributed, enterprise distributed community that shares real resources as an organization. Examples include team science (NEESGrid, HEP, BIRN, NEON), digital content managers (library cataloguers, curators, etc), a state-based life-long learning consortia, a group of researchers coordinating a launch vehicle payload, etc. On a continuum from interrealm groups (no real resource management, few defined roles) to real organizations (primary identity/authentication providers) Want to leverage enterprise middleware and external trust fabrics, as well as support centers 2/22/2019

Virtual Organizations have… Real resources that they share and manage May be computational resources May be scientific instruments May be bandwidth May be shared data and content Economic data Museum materials Cultural and artistic works A relatively small set of users who tend to travel in common circles Often the need to have some accounting and regulatory compliance 2/22/2019

Not Virtual Organizations University of Colorado, Boulder. LBL. Fred Hutchinson Cancer Center. etc. – these are enterprises, doing primary identity management services for faculty, students and staff the Beverly PTA wiki, Alt.gerbils-in-leather – these are groups, a set of people with a common interest but not managing real resources AOL, MSN, IdentityCommons, etc. – these are commercial identity service providers 2/22/2019

Looking at V.O.s from a plumber’s view 2/22/2019

National Science Digital Library Content Managers 2/22/2019

The TeraGrid 2/22/2019

The Hadron Collider cluster of experiments 2/22/2019

Virtual organizations vary… By lifetime of VO Some are relatively short-term, perhaps 1-2 years Some may persist for extended periods By size By cluster – at any one time, 15-20 experiments (virtual orgs) are active at Fermi Lab, CERN. A shuttle launch may need coordination among several vo’s that have equipment aboard. By type of domain-specific tools A number are using Grids A number subscribe to major scientific data streams Some have no domain-specific tools 2/22/2019

Being a VO is hard… There are new requirements for security There is the need for development of operational models that integrate requirements from sites with requirements from science Simplified end-user tools that are consistent with the rest of a user’s experience would be very helpful. Diagnostics across so many systems is difficult and getting significantly worse 2/22/2019

Being a VO is hard… Many resources use geographically-oriented access controls Regulatory requirements might span countries The local IT infrastructure of members of a VO may vary widely Tools are not designed to work together, present a common management infrastructure, etc. 2/22/2019

The Common Requirements Communications support Multiple options for real-time and asynchronous intraVO work Integrated into the rest of one’s “presence” Collaboration support Transparent web content access control Workflow Diagnostics Plumbing the control plane into the domain science systems and virtual organization software Plumbing the vo technologies into the local enviroment 2/22/2019

Support services VO Service Center Collaboration services Plumbing Into domain applications Collaboration services Communication services Enterprise based virtual organization shims Core middleware federation 2/22/2019

Communication support Add this address book to my desktop video client as a vo setup Shared calendar access: Grant the following roles in my vo permission to read my calendar at a campus-equivalent level A “transparently manageable” mail list for the vo. Provide and maintain an IM buddy list for the vo Diagnostics 2/22/2019

Collaboration support A transparent and managed wiki A transparent and managed set of web access controls Role based authorization Workflow A p2p trust fabric for vo use Data models Of the data Of the meta-data – what are the privileges, rights. Etc Management of international issues in privacy, copyright, etc. 2/22/2019

Plumbing the control plane Management of the management aspects of the domain tools Domain tools include Globus for Grids, Chemistry workbench, a historical data archive manager, etc. Management aspects deal largely with managing users and uses, but can have initial configuration components “2% of the science, 50% of the pain …” Providing a common user experience for both enterprise and vo systems Today, each app believes it is the only one in your life… Common models, terminology, controls, etc. Distinct privileges being managed Integration of vo and enterprise Students in class X can run vo experiment Y VO and enterprise requirements can be joined 2/22/2019

Example University financials 1 2/22/2019

Example University financials 2 2/22/2019

Example University financials 3 2/22/2019

VO authorization 1 2/22/2019

VO authorization 2 2/22/2019

VO authorization 3 2/22/2019

The Middleware Work… The Basic Approach Focus and manner of work The role of Mace The work at the enterprise level Directories Web SSO, namespace and basic authentication Signet The work at the federation level Shibboleth The work at the virtual organization level Bits and pieces 2/22/2019

The Model: Enterprises, Federations, VO’s Given the strong collaborations within the academic community, there is an urgent need to create inter-realm tools, so Build consistent campus and enterprise middleware infrastructure deployments, with outward facing objectclasses, service points, etc. and then Federate those enterprise deployments, using the outward facing campus infrastructure, with interrealm attribute transports, trust services, etc. and then Leverage that federation to enable a variety of applications from network authentication to instant messaging, from video to web services, and then, going forward Create tools and templates that support the management and collaboration of virtual organizations by building on the federated campus infrastructures. 2/22/2019

Middleware Axioms Work the core areas Focus on interrealm and collaborative needs Use federated administration as the lever; have the enterprise broker most services (authentication, authorization, resource discovery, etc.) in inter-realm interactions Develop a consistent directory infrastructure within R&E Provide security while not degrading privacy. Foster interrealm trust fabrics: federations and virtual organizations Leverage campus expertise and build rough consensus Support for heterogeneity and open standards Influence the marketplace; develop where necessary 2/22/2019

RL “Bob” and Keith 2/22/2019

The Virtual Organization Support Space Role of enterprise and of federation Role of virtual organization support center Role of virtual organization The business case for/against the model 2/22/2019

Enterprise and federation Collaboration and communications infrastructure Common plumbing interface Storage of VO attributes in enterprise object classes Hosting VO services for some VO Federation Trust fabric for enterprise assertions Dissemination of VO objectclasses International trust fabric 2/22/2019

VO Service Centers To provide infrastructure services for users whose enterprises can’t play To coordinate the dissemination of enterprise shims relative to the vo’s supported in the area To coordinate international efforts for multi-national vo’s To help train vo’s in the use of the tools and the organizational issues 2/22/2019

Virtual organization Data and metadata models Attribute and role definition Domain specific infrastructure 2/22/2019

Privacy Managers 2/22/2019

Global Issues Privacy Discrepancies Government trust peering And, sigh, time zone issues 2/22/2019

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.