Presentation is loading. Please wait.

Presentation is loading. Please wait.

NOVI: Networking innovations Over Virtualized Infrastructures

Published byHilda Gregory Modified over 5 years ago

Similar presentations

Presentation on theme: "NOVI: Networking innovations Over Virtualized Infrastructures"— Presentation transcript:

1 NOVI: Networking innovations Over Virtualized Infrastructures
STREP Project No , Call 5 – FIRE Policy Framework Leonidas Lymberopoulos NOVI Workshop Barcelona, March 15th 2012

2 Policy types Authorization Policies to specify which actors have access to which virtual resources Event-Condition-Action Policies that enforce control & management actions upon certain events within the managed environment. Role-Based-Access Control Policies to specify which classes of actors have access to which virtual resources. Mission Policies that define the obligations of a domain in respect to the other domains within a NOVI federation. Duties are specified as sets of Authorization and Event-Condition-Action policies. NOVI Workshop March 2012

3 Policy Service within NOVI's C&M plane
NOVI Workshop March 2012

4 Example PlanetLab policy objects
NOVI Workshop March 2012

5 Example FEDERICA policy objects
NOVI Workshop March 2012

6 Slice reconfiguration example using an event-condition-action policy
An event is generated by the Monitoring Service indicating that a PlanetLab virtual resource in a NOVI slice (topology in the NOVI IM) is no longer available. This event (vnodefailure) triggers an event-condition-action policy rule (virtualnodefailure) within the Policy Service. Policy Service calls the “updateSlice” method of Intelligent Resource Mapping Service to find a new solution to fulfill the needs of the user’s request. NOVI Workshop March 2012

7 Example authorization policy configuration file
newauthpol := root load: "AuthorisationPolicy". root/factory at: "newauthpol" put: newauthpol. root/authdom at: "a1" put: (newauthpol subject: root/Usersdomain/User1 action: "access:" target: root/Resources/planetlab2-novi focus: "t"). root/authdom/a1 reqneg. // set the policy negative, auth - root/authdom/a1 active: true //activate this policy NOVI Workshop March 2012

8 Future Work Inter-domain relationships as missions
A mission defines the requirements of one domain for interacting with another. A mission is a group of policies which defines the duties of the remote domain as a set of obligation policies it must enforce. Obligation policies are written according to the mission interfaces for each domain. Mission interfaces specify Events, Notifications, Local actions and Remote actions. Integration of the Policy Ontology in the NOVI Service Layer Definition of Roles, so that Role Based Access Control policies can be deployed NOVI Workshop March 2012

Download ppt "NOVI: Networking innovations Over Virtualized Infrastructures"

Similar presentations

An Adaptive Policy-Based Framework for Network Service Management Leonidas Lymberopoulos Emil Lupu Morris Sloman Department of Computing Imperial College.

An Adaptive Policy-Based Framework for Network Service Management Leonidas Lymberopoulos Emil Lupu Morris Sloman Department of Computing Imperial College.
TU/e Service Discovery Mechanisms: two case studies / IC2002 Service Discovery Mechanisms: Two case studies Control point Device UPnP Terminal Domain Host.

TU/e Service Discovery Mechanisms: two case studies / IC2002 Service Discovery Mechanisms: Two case studies Control point Device UPnP Terminal Domain Host.
TSpaces Services Suite: Automating the Development and Management of Web Services Presenter: Kevin McCurley IBM Almaden Research Center Contact: Marcus.

TSpaces Services Suite: Automating the Development and Management of Web Services Presenter: Kevin McCurley IBM Almaden Research Center Contact: Marcus.
Operating Systems 635-321 Operating system is the “executive manager” of all hardware and software.

Operating Systems Operating system is the “executive manager” of all hardware and software.
Virtualized Infrastructure Deployment Policies (Copper) 19 February 2015 Bryan Sullivan, AT&T.

Virtualized Infrastructure Deployment Policies (Copper) 19 February 2015 Bryan Sullivan, AT&T.
Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5 DISTRIBUTED SYSTEMS.

Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved DISTRIBUTED SYSTEMS.
SERC Security Systems Engineering Initiative Dr. Clifford Neuman, Director USC Center for Computer Systems Security Information Sciences Institute University.

SERC Security Systems Engineering Initiative Dr. Clifford Neuman, Director USC Center for Computer Systems Security Information Sciences Institute University.
A Heterogeneous Network Access Service based on PERMIS and SAML Gabriel López Millán University of Murcia EuroPKI Workshop 2005.

A Heterogeneous Network Access Service based on PERMIS and SAML Gabriel López Millán University of Murcia EuroPKI Workshop 2005.
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Ensure geographical redundancy.

© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Ensure geographical redundancy.
A Research Agenda for Accelerating Adoption of Emerging Technologies in Complex Edge-to-Enterprise Systems Jay Ramanathan Rajiv Ramnath Co-Directors,

A Research Agenda for Accelerating Adoption of Emerging Technologies in Complex Edge-to-Enterprise Systems Jay Ramanathan Rajiv Ramnath Co-Directors,
OnTimeMeasure Integration with Gush Prasad Calyam, Ph.D. (PI) Tony Zhu (Software Programmer) Alex Berryman (REU Student) GEC10 Selected.

OnTimeMeasure Integration with Gush Prasad Calyam, Ph.D. (PI) Tony Zhu (Software Programmer) Alex Berryman (REU Student) GEC10 Selected.
Kostas Giotis, Yiannos Kryftis, Vasilis Maglaris

Kostas Giotis, Yiannos Kryftis, Vasilis Maglaris
1 Secure Distributed Objects for Grid Applications Laurent Baduel, Arnaud Contes, Denis Caromel OASIS team ProActive

1 Secure Distributed Objects for Grid Applications Laurent Baduel, Arnaud Contes, Denis Caromel OASIS team ProActive
Unrestricted Connection manager MIF WG IETF 78, Maastricht 2010-07-29 Gaëtan Feige, Cisco (presenter) Pierrick Seïté, France Telecom -

Unrestricted Connection manager MIF WG IETF 78, Maastricht Gaëtan Feige, Cisco (presenter) Pierrick Seïté, France Telecom -
1 A pattern language for security models Eduardo B. Fernandez and Rouyi Pan Presented by Liping Cai 03/15/2006.

1 A pattern language for security models Eduardo B. Fernandez and Rouyi Pan Presented by Liping Cai 03/15/2006.
Integrated Management 2007, Munich, Germany LIUPPA – Self-* Université de Pau (FRANCE) Autonomic Management of Component-Based Embedded Software J.-M.

Integrated Management 2007, Munich, Germany LIUPPA – Self-* Université de Pau (FRANCE) Autonomic Management of Component-Based Embedded Software J.-M.
SWIM-SUIT Information Models & Services

SWIM-SUIT Information Models & Services
© DATAMAT S.p.A. – 2007 1 Giuseppe Avellino, Stefano Beco, Barbara Cantalupo, Andrea Cavallini A Semantic Workflow Authoring Tool for Programming Grids.

© DATAMAT S.p.A. – Giuseppe Avellino, Stefano Beco, Barbara Cantalupo, Andrea Cavallini A Semantic Workflow Authoring Tool for Programming Grids.
Copyright 2014 Open Networking User Group. All Rights Reserved Confidential Not For Distribution Six Steps To A Common Open Networking Ecosystem Common.

Copyright 2014 Open Networking User Group. All Rights Reserved Confidential Not For Distribution Six Steps To A Common Open Networking Ecosystem Common.
TOSCA Monitoring Reference Architecture Straw-man Roger Dev CA Technologies March 18, 2015 PRELIMINARY.

TOSCA Monitoring Reference Architecture Straw-man Roger Dev CA Technologies March 18, 2015 PRELIMINARY.

Similar presentations

Ads by Google