Presentation is loading. Please wait.

Presentation is loading. Please wait.

CONTRAIL Security Open Computing Infrastructures for Elastic Services Call FP7-ICT-2009-5 Proposal Number FP7-257438 Dr Jens Jensen jens.jensen.at.stfc.ac.uk.

Published byEmmeline Bell Modified over 9 years ago

Similar presentations

Presentation on theme: "CONTRAIL Security Open Computing Infrastructures for Elastic Services Call FP7-ICT-2009-5 Proposal Number FP7-257438 Dr Jens Jensen jens.jensen.at.stfc.ac.uk."— Presentation transcript:

1 CONTRAIL Security Open Computing Infrastructures for Elastic Services Call FP7-ICT-2009-5 Proposal Number FP7-257438 Dr Jens Jensen jens.jensen.at.stfc.ac.uk STFC e-Science Centre, Oct 2010

2 contrail-project.eu CONTRAIL project - background EU funded “Internet of Services” programme Three year project Started 01 Oct 2010 Goals: Open Source PaaS and IaaS Workflow, MapReduce, Federation: flexible provider/consumer boundaries 2

3 contrail-project.eu CONTRAIL partners France: INRIA – Lead Edge-IT Germany ZIB Italy CNR HP Italy Tiscali 3 Netherlands Genias VUA Slovenia XLAB UK Constellation Tech STFC

4 contrail-project.eu 4  Enhanced platform scalability, performance and security  Complete software stack for IaaS  Scalable fault-tolerant storage for Clouds  Self-optimizing, self-healing properties  Secure private network  QoS integrated within infrastructure (storage, network, VMs)  Efficiency through vertical integration of PaaS and IaaS  e.g. Map/Reduce on GAFS file system  Seamless integration of (external) user resources  European, Open approach to Cloud Federation  Federations as an evolving market for IaaS  Contribute to the standardization process Main Innovations and Contributions

5 CONTRAIL Subprojects and Partners 5 INRIA XLAB STFC ZIB VUA TISC INRIA CNR VUA STFC GENIAS ZIB HP-IIC CONST CNRTISC HP-IICTISC STFC EDGE

6 contrail-project.eu Contrail Output: IaaS Cloud Buzzword: PaaS, IaaS, (DaaS) Network: VIN – Virtual Infrastructure Networks Virtualisation: Hardware (Xen, KVM,…) Process (OpenVZ, chroot) – sort of like pilot jobs Booting images Storage: Global Autonomous File System (GAFS) Built on XtreemFS “Open Source cloud storage not cloudy” – lack elasticity 6

7 contrail-project.eu Contrail Output: PaaS Structured data services Eg databases Distributed Key/Value store Runtime environments MapReduce Dynamic allocation of resources “Independent services scale differently” “Tightly coupled stack” “Increase performance and integration” 7

8 contrail-project.eu CONTRAIL Security Security Work package Lead: STFC Main collaborators: INRIA, XLAB, CNR Minor collaborators: Tiscali, HP, EDGE-IT Use of formal methods verify architecture and implementation Cf. B, Z, Event-B Learning from other EU-funded projects such as DEPLOY Accounting SLAs QoS – Quality of Service QoP – Quality of Protection 8

9 contrail-project.eu CONTRAIL – Security Loose Ends Role of security in federation Managing policies and resource sharing Authentication Planned to use XtreemOS (X.509 sans GSI) Also compare RESERVOIR (also X.509 but non-IGTF currently) QoS is also security Eg availability QoP is security Eg integrity Securing (virtual) networks Securing VM images 9

10 contrail-project.eu CONTRAIL – Security Loose Ends Does “traditional” security apply to clouds Understand and mitigate risks Users and trust Cf CSA threats Moving data outside trusted boundary Legal issues with moving data Security of VM images Cf. current work from HEPiX, JSPG, JSPG++ 10

11 contrail-project.eu Service Provider – DDoS RESERVOIR: “DDoS is greatest risk” Methods for dealing with attack Compare scaling existing services “Cloud bursting” Risk of billing user However, most “attacks” we see are “unintentional” Neither malicious, nor needing scaling Dodgy scientist code Users who don’t understand pitfalls of dist’d comp 11

12 contrail-project.eu CONTRAIL - Standards Recognise OCCI as the “most promising” Did not consider CDMI (not available when proposal was written) Commitment to standardisation Not clear what, yet Need to aim up-front, though Need to liaise/collaborate with EGI and EMI? SLAs from SLA@SOI and others Not standardised “Can standardise underlying model” “Concertation”proposed standards bodies ETSI, W3C, OASIS, OGF, OMG 12

13 contrail-project.eu CONTRAIL – Use Cases 1.Distributed Provision of Geo-Referenced Data o Tourist data on digital globe 2.Multimedia Processing Service Marketplace o Content provider, licences 3.Clouds for High Performance Real-Time Data Analysis o Analysis of beamline data, fitting models 4.Large Scale Code Analysis o doc4.mandriva.org 5.High Throughput Electronic Drug Discovery o Pharma use cases, genomics, NGS 13

14 contrail-project.eu More information http://www.contrail-project.eu/ jens.jensen.at.stfc.ac.uk

Download ppt "CONTRAIL Security Open Computing Infrastructures for Elastic Services Call FP7-ICT-2009-5 Proposal Number FP7-257438 Dr Jens Jensen jens.jensen.at.stfc.ac.uk."

Similar presentations

© 2006 Open Grid Forum Federated Identity in the Cloud OGF 32, Salt Lake City.

© 2006 Open Grid Forum Federated Identity in the Cloud OGF 32, Salt Lake City.
© Copyright 2012 Hewlett-Packard Development Company, L.P. Contrail: SLAs for Cloud Federations Lorenzo Blasi, Hewlett Packard 1 contrail.

© Copyright 2012 Hewlett-Packard Development Company, L.P. Contrail: SLAs for Cloud Federations Lorenzo Blasi, Hewlett Packard 1 contrail.
Canada-EU Future Internet Workshop Waterloo, Canada March 24th, 2011 Ignacio M. Llorente DSA-Research.org Distributed Systems Architecture Research Group.

Canada-EU Future Internet Workshop Waterloo, Canada March 24th, 2011 Ignacio M. Llorente DSA-Research.org Distributed Systems Architecture Research Group.
Contrail and Federated Identity Management

Contrail and Federated Identity Management
SCD in Horizon 2020 Ian Collier RAL Tier 1 GridPP 33, Ambleside, August 22 nd 2014.

SCD in Horizon 2020 Ian Collier RAL Tier 1 GridPP 33, Ambleside, August 22 nd 2014.
Security Prospects through Cloud Computing by Adopting Multiple Clouds Meiko Jensen, Jorg Schwenk Jens-Matthias Bohli, Nils Gruschka Luigi Lo Iacono Presented.

Security Prospects through Cloud Computing by Adopting Multiple Clouds Meiko Jensen, Jorg Schwenk Jens-Matthias Bohli, Nils Gruschka Luigi Lo Iacono Presented.
CLOUD COMPUTING AN OVERVIEW & QUALITY OF SERVICE Hamzeh Khazaei University of Manitoba Department of Computer Science Jan 28, 2010.

CLOUD COMPUTING AN OVERVIEW & QUALITY OF SERVICE Hamzeh Khazaei University of Manitoba Department of Computer Science Jan 28, 2010.
FI-WARE – Future Internet Core Platform FI-WARE Cloud Hosting July 2011 High-level description.

FI-WARE – Future Internet Core Platform FI-WARE Cloud Hosting July 2011 High-level description.
Towards Cloud Federations: what we have; what we want OGF 31, Taipei Cloud security session Jens Jensen Science and Technology Facilities Council Rutherford.

Towards Cloud Federations: what we have; what we want OGF 31, Taipei Cloud security session Jens Jensen Science and Technology Facilities Council Rutherford.
Cloud Usability Framework

Cloud Usability Framework
N. GSU Slide 1 Chapter 04 Cloud Computing Systems N. Xiong Georgia State University.

N. GSU Slide 1 Chapter 04 Cloud Computing Systems N. Xiong Georgia State University.
Cloud Computing Stuart Dillon-Roberts. “In the simplest terms, cloud computing means storing & accessing data & programs over the Internet instead of.

Cloud Computing Stuart Dillon-Roberts. “In the simplest terms, cloud computing means storing & accessing data & programs over the Internet instead of.
INTRODUCTION TO CLOUD COMPUTING Cs 595 Lecture 5 2/11/2015.

INTRODUCTION TO CLOUD COMPUTING Cs 595 Lecture 5 2/11/2015.
SOFTWARE AS A SERVICE PLATFORM AS A SERVICE INFRASTRUCTURE AS A SERVICE.

SOFTWARE AS A SERVICE PLATFORM AS A SERVICE INFRASTRUCTURE AS A SERVICE.
Constellation Technologies Providing a support service to commercial users of gLite Nick Trigg.

Constellation Technologies Providing a support service to commercial users of gLite Nick Trigg.
Cisco and OpenStack Lew Tucker VP/CTO Cloud Computing Cisco Systems,

Cisco and OpenStack Lew Tucker VP/CTO Cloud Computing Cisco Systems,
Cloud Computing in Large Scale Projects George Bourmas Sales Consulting Manager Database & Options.

Cloud Computing in Large Scale Projects George Bourmas Sales Consulting Manager Database & Options.
CLOUD COMPUTING & COST MANAGEMENT S. Gurubalasubramaniyan, MSc IT, MTech Presented by.

CLOUD COMPUTING & COST MANAGEMENT S. Gurubalasubramaniyan, MSc IT, MTech Presented by.
Abstract Cloud data center management is a key problem due to the numerous and heterogeneous strategies that can be applied, ranging from the VM placement.

Abstract Cloud data center management is a key problem due to the numerous and heterogeneous strategies that can be applied, ranging from the VM placement.
MIGRATING INTO A CLOUD P. Sai Kiran. 2 Cloud Computing Definition “It is a techno-business disruptive model of using distributed large-scale data centers.

MIGRATING INTO A CLOUD P. Sai Kiran. 2 Cloud Computing Definition “It is a techno-business disruptive model of using distributed large-scale data centers.

Similar presentations

Ads by Google