Virtual Private Grid (VPG) : A Command Shell for Utilizing Remote Machines Efficiently Kenji Kaneda, Kenjiro Taura, Akinori Yonezawa Department of Computer.

Slides:

Advertisements

Similar presentations

Encrypting Wireless Data with VPN Techniques

Advertisements

Firewalls By Tahaei Fall What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.

SALSA HPC Group School of Informatics and Computing Indiana University.

Securing Remote PC Access to UNIX/Linux Hosts with VPN or SSH Charles T. Moetului WRQ, Inc. (206)

FIREWALLS. What is a Firewall? A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets.

FIREWALLS The function of a strong position is to make the forces holding it practically unassailable —On War, Carl Von Clausewitz On the day that you.

Nassau Community College

Module 5: Configuring Access for Remote Clients and Networks.

Job submission architectures in GRID environment Masamichi Ando M1 Student Taura Lab. Department of Information Science and Technology.

Module 1: Microsoft Windows 2000 Networking Services Infrastructure Overview.

Authored by: Rachit Rastogi Computer Science & Engineering Deptt., College of Technology, G.B.P.U.A. & T., Pantnagar.

1 Distributed Computing Algorithms CSCI Distributed Computing: everything not centralized many processors.

Lesson 17 – UNDERSTANDING OTHER NETWARE SERVICES.

Lesson 20 – OTHER WINDOWS 2000 SERVER SERVICES. DHCP server DNS RAS and RRAS Internet Information Server Cluster services Windows terminal services OVERVIEW.

Hands-On Microsoft Windows Server 2003 Administration Chapter 1 Windows Server 2003 Network Administration.

CCNA Guide to Cisco Networking Fundamentals Fourth Edition Chapter 9 Network Services.

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 8 Introduction to Printers in a Windows Server 2008 Network.

Firewalls CS591 Topics in Internet Security November Steve Miskovitz, Steve Peckham, Kan Hayashi.

© 2010 VMware Inc. All rights reserved VMware ESX and ESXi Module 3.

Chapter 11: Dial-Up Connectivity in Remote Access Designs

Hands-On Microsoft Windows Server 2008 Chapter 8 Managing Windows Server 2008 Network Services.

Module 7: Configuring TCP/IP Addressing and Name Resolution.

Intranet, Extranet, Firewall. Intranet and Extranet.

1 October 20-24, 2014 Georgian Technical University PhD Zaza Tsiramua Head of computer network management center of GTU South-Caucasus Grid.

Introduction to Networking Concepts. Introducing TCP/IP Addressing Network address – common portion of the IP address shared by all hosts on a subnet/network.

Enforcing Concurrent Logon Policies with UserLock.

Chapter 9: Novell NetWare

Research Achievements Kenji Kaneda. Agenda Research background and goal Research background and goal Overview of my research achievements Overview of.

The Glidein Service Gideon Juve What are glideins? A technique for creating temporary, user- controlled Condor pools using resources from.

Remote Access Chapter 4. Learning Objectives Understand implications of IEEE 802.1x and how it is used Understand VPN technology and its uses for securing.

Remote Access Chapter 4. Learning Objectives Understand implications of IEEE 802.1x and how it is used Understand VPN technology and its uses for securing.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Application Layer Functionality and Protocols.

Objectives Configure routing in Windows Server 2008 Configure Routing and Remote Access Services in Windows Server 2008 Network Address Translation 1.

1 Chapter Overview Installing the TCP/IP Protocols Configuring TCP/IP.

1 Chapter Overview Using the New Connection Wizard to configure network and Internet connections Using the New Connection Wizard to configure outbound.

Module 3: Designing IP Addressing. Module Overview Designing an IPv4 Addressing Scheme Designing DHCP Implementation Designing DHCP Configuration Options.

1 Chapter 12: VPN Connectivity in Remote Access Designs Designs That Include VPN Remote Access Essential VPN Remote Access Design Concepts Data Protection.

Module 11: Remote Access Fundamentals

A Virtual Machine Monitor for Utilizing Non-dedicated Clusters Kenji Kaneda Yoshihiro Oyama Akinori Yonezawa (University of Tokyo)

Connecting to a Network Lesson 5. Objectives Understand the OSI Reference Model and its relationship to Windows 7 networking Install and configure networking.

1 Chapter 7: NAT in Internet and Intranet Designs Designs That Include NAT Essential NAT Design Concepts Data Protection in NAT Designs NAT Design Optimization.

Module 5: Configuring Access for Remote Clients and Networks.

Module 11: Implementing ISA Server 2004 Enterprise Edition.

1 Windows 2008 Configuring Server Roles and Services.

Click to edit Master subtitle style Chapter 1:Introduction to Networks Instructor:Thomas W Bell.

2  Supervisor : MENG Sreymom  SNA 2012_Group4  Group Member  CHAN SaratYUN Sinot  PRING SithaPOV Sopheap  CHUT MattaTHAN Vibol  LON SichoeumBEN.

1 An Adaptive File Distribution Algorithm for Wide Area Network Takashi Hoshino, Kenjiro Taura, Takashi Chikayama University of Tokyo.

REMOTE LOGIN. TEAM MEMBERS AMULYA GURURAJ 1MS07IS006 AMULYA GURURAJ 1MS07IS006 BHARGAVI C.S 1MS07IS013 BHARGAVI C.S 1MS07IS013 MEGHANA N. 1MS07IS050 MEGHANA.

1 J. Keller, R. Naues: A Collaborative Virtual Computer Security Lab Amsterdam,Dec 4, 2006 Amsterdam, DEC 4, 2006 Jörg Keller FernUniversität in Hagen,

Networking in Linux. ♦ Introduction A computer network is defined as a number of systems that are connected to each other and exchange information across.

FTP File Transfer Protocol Graeme Strachan. Agenda  An Overview  A Demonstration  An Activity.

1 Microsoft Windows 2000 Network Infrastructure Administration Chapter 6 Resolving Network Host Names.

Computer Security Risks for Control Systems at CERN Denise Heagerty, CERN Computer Security Officer, 12 Feb 2003.

AMH001 (acmse03.ppt - 03/7/03) REMOTE++: A Script for Automatic Remote Distribution of Programs on Windows Computers Ashley Hopkins Department of Computer.

Linux Operations and Administration

1 Chapter 8: DHCP in IP Configuration Designs Designs That Include DHCP Essential DHCP Design Concepts Configuration Protection in DHCP Designs DHCP Design.

11 ROUTING IP Chapter 3. Chapter 3: ROUTING IP2 CHAPTER INTRODUCTION  Understand the function of a router.  Understand the structure of a routing table.

R. Krempaska, October, 2013 Wir schaffen Wissen – heute für morgen Controls Security at PSI Current Status R. Krempaska, A. Bertrand, C. Higgs, R. Kapeller,

1 Welcome to Designing a Microsoft Windows 2000 Network Infrastructure.

SSH. 2 SSH – Secure Shell SSH is a cryptographic protocol – Implemented in software originally for remote login applications – One most popular software.

Joe Knight’s Company VPN Policy. What is VPN? Virtual Private Network (VPN) will allow you all as users to remote into the network from home or anywhere.

Chapter 7: Using Network Clients The Complete Guide To Linux System Administration.

Network Overview. Protocol Protocol (network protocols) - a special set of rules that define communication between two or more devices on a network.

Virtual Private Network Access for Remote Networks

VMware ESX and ESXi Module 3.

Chapter 27: System Security

Distributed Computing:

AbbottLink™ - IP Address Overview

A Virtual Machine Monitor for Utilizing Non-dedicated Clusters

Presentation transcript:

Virtual Private Grid (VPG) : A Command Shell for Utilizing Remote Machines Efficiently Kenji Kaneda, Kenjiro Taura, Akinori Yonezawa Department of Computer Science, University of Tokyo Improvement of network technology Connection of clusters and super computers with high-speed network Many people has accounts on a large number of machines Across multiple subnets and geographically distributed places Background These machines are managed by different administrators Various restrictions are imposed Firewall (IP filtering) DHCP Private IP, etc. Working around these restrictions requires human intervention It is difficult to utilize all the remote machines efficiently Problem Utilize remote machines through a shell at the local host Design and implement Virtual Private Grid Working around the restrictions automatically Utilizing a large number of machines in multiple subnets securely and efficiently Virtual Private Grid : Goals Restrictions Bypass of firewall Submission of jobs to nameless hosts A Possible Solution Keeping connections permanently between all the hosts Problem A large number of connections User involvement to minimize connections i. Nicknaming (= each host has a unique nickname) ii. Job submission to any nicknamed host iii. Redirection from/to a file at any nicknamed host iv. Network pipe between any nicknamed host Functions of VPG do not change administrative policy can combining existent programs with standard input/output through the network Job submission Redirection Pipe Syntax of @ Selection of hosts which have no DNS name with nickname Automatic detection of the route to hosts File | Local shellRemote Example : Difficulty of Job Submission Across Firewall Private IP It is cumbersome to implement remote job submission across multiple subnets

i. Daemons boot up at hosts ii. Each daemon creates and keeps necessary connections with SSH port forwarding DHCP clients create a connection to the outside Multiple subnets are connected iii. Finally, daemons finish creating connections Network becomes connected Using self stabilizing spanning tree algorithm iv. The daemon at home host keeps track of the topology of the whole network It detects the route to hosts for job submission Overview of Implementation Developing Virtual Private Grid Working around the restrictions automatically Utilizing remote machines securely and efficiently Easier and more efficient utilization of remote machines Automatic and parallel resource selection  Simple scheduler  Control of dependency relation of files  Automatic generation of executables  File sharing/sync, etc. Summary and Future Work Globus[I.Foster et al. Providing basic services for global computing RMF[Y.Tanaka et al. IWCC ’ 99] Utilizing resources inside the firewall Ufo[Albert D. Alexandrov et al. USENIX ’ 87] Providing global file system Secure Shell Providing secure access to remote machines Virtual Private Network Constructing a private network on the Internet Related Work Methods to utilize a large number of machines with SSH Giving a shell window to each host  It requires a large number of windows Creating connections whenever submitting a job  It entails high overhead Using SSH port forwarding  It requires an user involvement Advantages of VPG Minimum connections for all the hosts to communicate with each other Easy and efficient network pipe and redirection Job submission to nameless hosts Difference between VPG and SSH Host C (DHCP client) Host D (Private IP) Host B Subnet X Subnet Y Subnet Z Host A (Home host) Host C (DHCP client) Host D (Private IP) Host B Subnet X Subnet Y Subnet Z Host A (Home host) Host C (DHCP client) Host D (Private IP) Host B Subnet Y Subnet Z Subnet X Host A (Home host) Live Connection Dead Connection > File | Live Host Dead Host the host which the user initially logins VPG constructs a private network at the user level VPG places major emphasis on remote job submission Difference between VPG and VPN