Report of the TERENA Technical Advisory Council Zagreb Monday 19 May 2003

Similar documents
AA Developers Meeting

Federated E-infrastructure Dedicated to European Researchers Innovating in Computing network Architectures

RESEARCH NETWORKS & THEIR ROLE IN e-infrastructures

Results from the EARNEST Technical Study

3 rd TF-Netcast Meeting 14 May 2003 via H.323 video conference

GN2 JRA5: Roaming and Authorisation

FEDERICA Federated E-infrastructure Dedicated to European Researchers Innovating in Computing network Architectures

Unfortunately it was not possible to have people from GRID, so the scenario described in this reports is not complete.

Network. 3.1 Core Capacity on the network. TERENA Compendium of Research and Education Networks in Europe / Network. Page 27

NORDUnet GN3. Next Generation Network in Europe. Click to edit Master subtitle style. Lars Fischer SUNET TREFFpunkt

JRA5: Roaming and Authorisation

GN2 JRA5: Roaming and Authorisation - recent results

GN3 PROJECT. Karel Vietsch, TERENA GN3/NA3/T4 Campuses Best Practice meeting, Trondheim, May connect communicate collaborate

Network Virtualization for Future Internet Research

TF-VVC is not directly related with any of the GN2 JRA s, but in some activity areas the task force is collaborating with the GN2 JRA1 and JRA5.

The New Infrastructure Virtualization Paradigm, What Does it Mean for Campus?

TERENA, the NRENs, GÉANT & promoting Campus Best Practice

Introduction to FEDERICA

TI nine months old. Trusted Introducer Status report 1 June TI nine months old Slide 1

GN4-2 SA2 Kick-Off Meeting Amsterdam/NL 30/

Developing The Case for NRENs. (A BIT MORE) revised 08-October-2008

eduroam und andere Themen in GN2-JRA5

IPv6 Deployment in European National Research and Education Networks (NRENs)

TF-EMC2 Meeting March Florence, Italy

Mobility Workshop TERENA, Amsterdam March 06, Meeting report by: Licia FLORIO, TERENA March 12, Participants List

National R&E Networks: Engines for innovation in research

New trends in Identity Management

GÉANT Community Programme

Future Internet Experiments over National Research & Education Networks: The Use Cases of FEDERICA & NOVI over European NRENs - GÉANT

QoS and IP Premium service specification and implementation. Slide Show

Connect. Communicate. Collaborate. GN2 JRA5 update. Jürgen Rauschenbach (DFN), JRA5 team 04/02/08 Marseille. JRA5 Team

EUMETSAT EXPERIENCE WITH MULTICAST ACROSS GÉANT

TERENA TASK FORCE ON NEXT GENERATION NETWORKING

GÉANT perspective of Virtual Networks and Implementation

A Profile of European NREN s. Marko Bonač ARNES, Slovenia

Mapping of the CVD models in Europe

GÉANT Support for Research Within and Beyond Europe

Technical Sub-Study Areas

GN3plus External Advisory Committee. White Paper on the Structure of GÉANT Research & Development

TERENA TF-ECS Activity 2 Overview of national activities and deployments

3. Verbal report on the completion of the SIRCE Pilot

Friedrich Smaxwil CEN President. CEN European Committee for Standardization

Service withdrawal: Selected IBM ServicePac offerings

IST MUPBED: Multi-Partner European Test Network for Research Networking

The 6NET project. An IPv6 testbed for the European Research Community

From Digital Divide to Digital Inclusion Are we REDI?

education federation CUC 2005, Dubrovnik High-quality Internet for higher education and research

esignature Infrastructure Marketing Model

Analysis of the Interoperability Possibilities of Implemented Governmental e-services EU15

Cost Saving Measures for Broadband Roll-out

Presentation of the LHCONE Architecture document

ITS Action Plan Task 1.3 Digital Maps

Combating Pharmacrime AGENDA

e-infrastructures in FP7 INFO DAY - Paris

A collaboration overview: From TF-VSS to GN2 SA6

GN3 Plus NA3-T3 Greening of ICT Services. Andrew Mackarel GN3+ NA3 T3 15th September 2014 Workshop Budapest

AARC Overview. Licia Florio, David Groep. 21 Jan presented by David Groep, Nikhef.

Service Sharing at NORDUnet

nrenum.net An Update SIP.edu Call

Integrating Federations in the International Grid Trust Fabric

GÉANT : e-infrastructure connectivity for the data deluge

GÈANT3 Carbon Footprint Jørgen Moth, UNI-C.

IST ATRIUM. A testbed of terabit IP routers running MPLS over DWDM. TF-NGN meeting

INFORMATION SOCIETY TECHNOLOGIES (IST) PROGRAMME

European Standardization & Digital Transformation. Ashok GANESH Director Innovation ETICS Management Committee

Business internet start, Business internet comfort, Business internet max giga. Internet can also be purchased separately without voice.

Harri Kuusisto welcomed everybody on behalf of Funet/CSC. The chairman thanked Harri and initiated a round of introductions.

This document is a preview generated by EVS

Manutan, a major player. in Europe s multichannel B to B retail sector

This document is a preview generated by EVS

TF-Netcast. Final Report. Dan Mønster

NEW JERSEY S HIGHER EDUCATION NETWORK (NJEDGE.NET), AN IP-VPN CASE STUDY

AutoBAHN Provisioning guaranteed capacity circuits across networks

Unlimited UK mobile calls and unlimited UK texts Bolt On: Unlimited landlines Poland Bundle (400 minutes to mobiles & landlines) 3.

Grid security and NREN CERTS in the Nordic Countries

BoR (11) 08. BEREC Report on Alternative Voice and SMS Retail Roaming Tariffs and Retail Data Roaming Tariffs

From The European Library to The European Digital Library. Jill Cousins Inforum, Prague, May 2007

Deploying Standards-based, Multi-domain, Bandwidth-on-Demand

Inclusive Minute Business Plan Terms 7 th Oct General

Abilene: An Internet2 Backbone Network

Victoriano Giralt welcomed the participants on behalf of the University of Malaga. Introduction and ECAM announcement (Diego Lopez)

Minutes of the 25th TF-Mobility & Network Middleware Meeting

D42 - Monitoring and Measurement Session at TNC 2004

BoR (10) 13. BEREC report on Alternative Retail Voice and SMS Roaming Tariffs and Retail Data Roaming Tariffs

EUREKA European Network in international R&D Cooperation

Net Edu Romanian Education Network

Preparing for High-Luminosity LHC. Bob Jones CERN Bob.Jones <at> cern.ch

HPC IN EUROPE. Organisation of public HPC resources

This document is a preview generated by EVS

1. Introduction. 2. Purpose of this paper and audience. Best Practices 1 for Cloud Provider Connectivity for R&E Users

Authenticated Wireless Roaming via Tunnels

Convention Espace Partenaires , Ecole Militaire, Paris. ENX European Network Exchange Lennart Oly, Directeur, ENX Association

This document is a preview generated by EVS

Goal. TeraGrid. Challenges. Federated Login to TeraGrid

Presentations currently online at wg.html

Joining forces to fight botnets. Dan Tofan Head of the Technical Division CERT-RO 17/02/2014

Solving End-to-End connectivity with GMPLS

Enabling Grids for E-sciencE. EGEE security pitch. Olle Mulmo. EGEE Chief Security Architect KTH, Sweden. INFSO-RI

TERENA ANNUAL REPORT 2009

Section 10: BT Mobile Section 10b: BT Business Mobile Portfolio

Transcription:

Report of the TERENA Technical Advisory Council Zagreb Monday 19 May 2003 Notes by John DYER TERENA Final Version: 4 June 2003 The meeting was chaired by Claudio Allocchio, VP Technical Programme who gave a presentation on the current status of the TERENA Technical Programme. He reminded members of the Technical Advisory Council that although the TAC meeting takes place once per year, continued interaction throughout the year using the email distribution list is anticipated. Claudio encouraged the TAC members to actively participate in the discussions. Claudio reported the TTC membership as of April 2003: Claudio Allocchio - VP Technical Programme Roberto Barbera - GRID David Chadwick - Directories Christoph Graf - Security Dimitrios Kalogeras - High Speed Networking Olav Kvittem - Diffserv and Quality of Service Ton Verschuren - Middleware John Dyer - Chief Technical Officer Karel Vietsch - Secretary General He pointed out that the statutes of TERENA allow for TTC members to serve for no more than 2 consecutive terms and that David Chadwick and Olav Kvittem had now reached that maximum period in office. He called on members of the TAC to make suggestions for new members bearing in mind the need to effectively cover the Special Interest Areas (SIAs) of the Technical Programme with expertise in the TTC. The Technical Programme SIA areas are: Lower Layers (IPv6, MPLS, VPNs etc.) Quality of Service (including DiffServ) Videoconferencing and Streaming (Including IP Telephony) Content Delivery, Indexing and Searching Middleware (security, AAA) Mobility With Grid and Campus coordination across all the SIAs This list of SIAs was formally agreed at the 2002 TAC and according to the statues should not be revised until 2004. The consensus was that the list of areas remains appropriate for the TERENA technical programme although some minor shift in emphasis is apparent.

Ton expressed his feeling that Content Delivery, Indexing and Searching could mostly be accommodated in the remit of TF-NETCAST. Similarly the SIA focussed on QoS could easily accommodate within the Lower Layers SIA. Andrew Cormack expressed his agreement with these ideas adding that content delivery should be specifically highlighted as a sub-topic of TF-NETCAST. In particular, although the QoS area has been fruitful, providing the basis of the development of three levels of service on GÉANT (Premium, Best Efforts and Less than Best Efforts), it is no longer of central development importance to the technical programme. It was agreed that QoS should be covered in future under in the context of the Lower Layer work. The meeting then moved on to examine each of the technical areas, the format being a short presentation followed by open discussion. Interactions between grids and networks, Roberto Barbera Roberto presented his view of Interactions between grids and networks, based on his experience in the European DataGrid project. In particular he mentioned the critical importance of good IO and network access as being central to the effective use of Grid applications. Roberto mentioned the four level hierarchical or tiered model used for DataGrid, specifically in the Monarc Project. The tiers and expected inter-tier traffic levels being: Tier 0, Online Raw Data Capture and CERN Computer Farm o Data Rate between T0 and T1 approximately 650-2500Mb/s Tier 1, Regional (national) Centers o Data Rate between T1 and T2 approximately 2.5-10Gb/s Tier 2, Centers within the regions o Data Rate between T2 and T3 approximately 155-622Mb/s Tier 3, Institutes o Data Rate between T3 and T4 approximately 100-1000Mb/s Tier 4, Individual Workstations Recently, the paradigm of each computer being closely coupled to its own local storage facilities has been extended. In the next release of the Grid middleware, processors will be expected to be able to retrieve and store data in any of the distributed storage elements in the Grid. In addition, there will be intra-tier data replication and backup, which Roberto sees as a potential network killer. Opening the discussions, Claudio suggested that the traffic generated by a single grid user could appear to network administrator as a Denial of Service attack, preventing other from undertaking their normal work. There was further discussion on the solution. Approaches discussed included the use of Bandwidth on Demand (BoD) and bandwidth over provision. There was a view that BoD was of little use if the underlying physical capacity (in the form of over provision did not already exist). David Williams explained that in his view the concept of a coherent European wide AAA service is key to delivering reliable Grid services. David urged the TAC to think of the development of such a service as a project akin to the 6NET project in scale and reminded the TAC of the large investment of resources that will be required.

Campus Middleware & Grids, Ton Verschuren Ton started his presentation by reviewing the authentication and authorization activities that are currently underway within the academic community. He mentioned: UK: Athens, new: devolved authn and PERMIS (experimental authz) Spain: PAPI (focus on authz) Nordic: FEIDE (focus on attrs & dirs) Sweden: SPOCP (authz only) Switzerland: Shibboleth Netherlands: A-Select (focus on authn) Scattered: PKI Internet2: Shibboleth He reported on the discussions that had taken place within the context of the TERENA Task Force TF-AACE. In particular this Task Force has been working on tying these elements together using technology such as SAML (an XML framework for exchanging authentication and authorization information). Detailed information on SAML can be found at: http://www.oasis-open.org/home/index.php. Ton discussed how SAML can be used as a glue to bring together the different elements that are already available and make them work together. He explained that he sees the future challenges as: Interoperability of GRID tools and campus software to provide the same functionality for Virtual Organisations as for campuses. The need for assertion about identity to be securely transferred The definitions of the appropriate Schema Building of trust (infra)-structures Ton posed the question of what could be supported through the use of PKI. Roberto opened the discussion by explaining that an important concept to be included in any AAA system is that of the role of the individual. He pointed out that when using Grids people may undertake several roles. For instance the role of administrator will have extensive rights over resources, whilst at other times the same person may be a normal user that should be prevented from having unlimited access to resources. Ingrid asserted that the implementation of identity of individual and role is not so difficult, but the concept of federations and indeed the concept of federations of federations is considerably more difficult. Future lower layers work items, Victor Reijs In setting the context for his presentation, Victor explained the current status of the Lower Layer work being carried out in our community. He reported on the establishment of a Performance Enhancement Response Team (PERT) along the lines of the CERT model. In principle, there would be PERT team(s) that would investigate problems in end-to-end performance, exploring issues of hardware, software and networks. In order to operate effectively it is important that PERT teams (or indeed individual users) have access to an appropriate network performance measurement

infrastructure. The major issue in this respect is developing a multi-domain testing environment that can operate truly end-to-end. Victor reported on the work of the ASTON group (A Step towards Optical Networking) specifically focusing on the White Paper that provides a discussion and framework of European NREN requirements in the field of optical networking. A copy of the white paper may be obtained from the TERENA website at: http://www.terena.nl/tech/projects/testbed/nren-whitepaper-v1.0.pdf. Victor explained that the work of TF-NGN is largely driven by the development and testing requirements of the GEANT network managed by DANTE. Victor believes that additionally there are more distant technical issues that need to be addressed (such as the understanding, planning and installation of optical networks and their associated support systems and services). The existing project such as 6NET and possible future projects such as GARDEN, GRANDE and GN2 can be used as vehicles for practical experience feeding into this work. In defining how this work might be organized, Victor offered some guiding principles: The work should address topics that are of importance to the NRENs A suitable leader with the appropriate expertise and sufficient time must be found. The leader should not be expected to undertake all of the work, it needs to be distributed around a number of active group members The group should only attempt work items that are considered achievable Victor presented a list of possible topics for inclusion in the work programme which is detailed in his presentation material. These included major items such as: Enhancement of IPv6 monitoring IPv6 multicast Multi domain Issues Sharing of NREN experience on issues such as optical networking and service models Many of these items will require building strong liaison links with other TERENA Task Forces such as TF-AACE (for authorization technology) and with external groups such as the IETF (on topics like the definition of simpler link protocols). There was some discussion regarding the issues involved providing 40Gb/s over a single 40Gb/s interface versus four parallel 10Gb/s interfaces. Mauro suggested that whilst four 10Gb/s is viable in the short term, issues such as appropriate splitting of single large streams and the correct configuration of ACLs across multiple interfaces makes it less than idea as a long term solution. Practically, the use of four parallel 10Gb/s interfaces in a large network will lead to a highly meshed network which will making routing difficult to manage. Mobility, James Sankar James reported on the origins of the TERENA Task Force chartered to work on mobility issues and mentioned that he and Carston Borman are the co-chairs. He presented the key objectives of TF-MOBILITY which are:

Evaluate AAA techniques in mobile environments (802.1X, VPN, Web). Create an Inter-NREN WLAN roaming architecture and testbed. Evaluate mobile equipment and technology. Evaluate next generation mobile technology for handover and roaming (mobile IP v4 and v6). In addressing these objectives the Task Force has developed three inventories of how the authorisation model for granting mobile access could be implemented on a European scale. These inventories address how existing local systems could be extended to work on a pan-european scale. The models are: VPNs model using a concept of relay networks, which is not thought to be scaleable Cross-Domain 802.1x with VLAN assignment using a hierarchical system of radius servers, in which the users information being held on a radius server on the network on which the user normally resides Web Based which would give an interface to a public access controller which would be based on the work emerging from AAA developments In essence all these approaches have some similarity and furthermore have already been implemented for local use in some of the European Research and Education Networks. The Task Force decided that rather than choose one solution as being technically superior over the other two, it would be more appropriate to provide a pan-european pilot that would support them all. It is likely that this will be based on a hierarchical radius server system. The inventories will be published on the TF-MOBILITY web pages on the TERENA web server in early June 2003. Task Force TF-NETCAST, Dan Mønster TF-NETCAST clearly has its heritage in the work of the former TERENA Task Force, TF-STREAM. Whilst TF-STREAM had a broad remit investigating video conferencing and streaming of multimedia material, TF-NETCAST is focussed specifically at the issues involved in streaming. In particular TF-NETCAST is currently working on a system to announce the availability of streamed material. The system will be based on an integration of systems developed by CESNET and UNINETT and has been localized into seven languages supporting multiple time zones. Whilst the immediate goals are defined by a number of deliverables (the first of which is already delivered), in the longer term it might be possible to develop a European equivalent to the US Research Channel. The video encoding standards being used by the group include ISMA (Internet Streaming Multimedia Alliance based on MPEG-4) and WM (Windows Media). Certificate Hosting at TERENA, Licia Florio Licia presented a proposal originating from TF-AACE which envisages TERENA piloting the collection and storage is some NREN certificates. The proposal originated from the situation that many NRENs use their own private certificates within their own domains, but these certificates have no authoritative standing outside that domain. It is proposed that the pilot could provide a trusted linkage between the

different domains by hosting these certificates. The Task Force proposes the following role for the project: Defining a process to gather NREN CA root certificates Define a policy for verifying these certificates Host the certificates in such a way that they can be made available to authorised entities. Licia went on to explain the practical steps that would be required including the secure storage of a file containing all the root certificates and there was some discussion on this topic. Roberto asked how the CRL will be managed, however this has not yet been defined. He went on to suggest that the policy adopted for the DataGrid project would be a good starting point for TF-AACE to use for its own policy definition. It was noted that DataGrid uses four or five files per institution to contain the certification information. In further discussions it was suggested that rather than mandating that individuals attend the TERENA office for formal identification as part of the verification process, this could be delegated to local agencies. Licia responded that since this pilot was initially intended to be quite small, and members of TF-AACE regular meet, formal verification in the pilot should not be a problem. Licia agreed to send Roberto a copy TF-AACE policy document for review and comment. Report on the work of TF-AACE, Rodrigo Castro Rodrigo reported that three of the planned deliverables have already been presented to the Task Force members. At the TF-AACE meeting that took place on Sunday 18 th May, in Zagreb, the objectives of the group was reviewed and restated. The agreed areas are now: Development of a framework architecture Definition of a common schema and set of attributes Study and agreement of an appropriate Trust Models Definition of a common list of Terminology Dissemination of Information about AAA to the TERENA community Concluding Discussions Claudio opened the discussion, reviewing the list of Special Interest Areas (SIA) as agreed in 2002. He pointed out that last year the TAC added Grid and Campus Coordination across all of the SIAs. He explained that much work has started in this topic, spread across many Task Forces. It was agreed that the current list of SIA s is still appropriate bearing in mind the minor changes in emphasis explained earlier. David Williams expressed his amazement at the breadth and extent of the technical activities undertaken within our community and the depth of expertise that is available. David suggested that the challenge will be to keep up the enthusiasm of those involved and spread the message of what has been achieved to those outside our community. He went to reflect on the make up of our culturally diverse community. In some respects this is a major strength, bringing different attitudes

and views to problem solving. In another respect encouraging such a diverse set of bodies to work together in a common language may not always be straightforward. David expressed his view that AAA will be a key component of middleware support of Grids. He believes that such a project will be similar in size and extent as the IPv6 initiatives (such as 6-NET). We need to move from a disparate set of experiments to a coherent pan-european service environment. Claudio urged the TAC members to start thinking about how this service development and what steps could be undertaken by TERENA. Ingrid pointed out that the authorisation activities being undertaken as not stand-alone, but in fact are all related. Claudio moved the discussion to the need to identify two new members to fill the vacancies on the TTC. He asked the TAC members to send possible names as soon as possible. In closing the meeting Claudio reminded the TAC members that TERENA needs their support and input throughout the whole year, not just for one-half-day at TNC. He informed them that he intends to consult them through use of the TAC email distribution list. The meeting was closed at 12:45

TERENA Technical Advisory Council Monday 19 May 2003, Zagreb Attendees and Apologies PRESENT Claudio Allocchio GARR, Italy TTC Pål Axelsson SUNET/ Uppsala Univ., Sweden Andrea Baldi ESA Lajos Bálint HUNGARNET, Hungary Roberto Barbera Univ. of Catania, Italy TTC Martin Bech UNI-C, Denmark Artur Binczewski PSNC, Poland Marko Bonać ARNES, Slovenia Carsten Borman TZI/DFN, Germany Thomas Brunner Switch, Switzerland Mauro Campanella GARR, Italy Victor Castello RedIRIS, Spain Rodrigo Castro RedIRIS, Spain Valentino Cavalli TERENA Didier Colle IMEC, Univ. Gent, Belgium Andrew Cormack UKERNA, UK Marián Ďurkovič SANET, Slovakia John Dyer TERENA Jón Ingi Einarsson RHnet, Iceland Licia Florio TERENA Brian Gilmore University of Edinburgh, UK TTC Christoph Graf Switch, Switzerland TTC Jan Gruntorad CESNET, Czech Republic Sæþór L. Jónsson RHnet, Iceland Janne Kanner CSC, Finland Baiba Kaskina TERENA Peter Kaufmann DFN, Germany Roman Lapacz PSNC, Poland Tamás Máray NIIF/HUNGARNET Kevin Meynell TERENA Miroslav Milinovic CARNet/SRCE, Croatia Dan Mønster UNI-C, Denmark Mike Norris HEANET, Ireland Wiktor Procyk PSNC, Poland Erik Radius SURFnet, The Netherlands Victor Reijs HEANET, Ireland James Sankar UKERNA, United Kingdom Petzas Sulcas LITNET Jani Tiihonen CSC, Finland Igor Velimirović CARNet, Croatia Ton Verschuren SURFnet, The Netherlands TTC Karel Vietsch TERENA Peter Villimoes Nordunet Tibor Weis SANET, Slovakia Klass Wierenga SURFnet, The Netherlands David Williams CERN APOLOGIES Brian Carpenter IBM Olivier Martin CERN Peter Rastl ACOnet, Austria Wilfried Wöber ACOnet, Austria

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback