Nessun%20titolo%20diapositiva

1
An Integrated Environment for the Management
of Network Resources and Services Paolo
Bellavista, Antonio Corradi, Rebecca
Montanari pbellavista, acorradi,
rmontanari_at_deis.unibo.it University of Bologna -
Italy Cesare Stefanelli cstefanelli_at_ing.unife.it
University of Ferrara - Italy Software Docs
available at http//www-lia.deis.unibo.it/Research
/SOMA/
2
Novel Management Solutions (1)

• Traditional management tools are based on the
  Client/Server model
• (SNMP, CMIP)
• Good design examples, but C/S shows its limits
  under certain conditions
• (e.g. micro-management problem)
• Novel Management solutions
• CORBA as integration technology with legacy
  management components
• TMN TINA as solution frameworks at the
  architecture level
• Code Mobility Management by Delegation Act
  ive Networks
• Intelligent Networks
• Mobile Agents

3
Novel Management Solutions (2)

• Modern Management Environments should be
• flexible, to dynamically introduce new protocols
  and services
• adaptive, to tune systems behaviour without
  suspending service provision
• capable of supporting service design, deployment
  and control together with managing more
  traditional network resources
• interoperable, to integrate with legacy systems
  and services (CORBA)
• secure, to permit differentiated security levels
  for service provision in untrusted environments
• Following these guidelines, we have designed
  MESIS
• (Management Environment for Secure and
  Interoperable Services)

4
The MESIS Architecture for Management Applications
5
MESIS is built on top of the SOMA Mobile Agent
DPE
Mobile Agent Technology Mobile Agents are
programs that act on behalf of a principal and
can autonomously migrate at runtime and continue
their operations on the new host Our Goal to
provide an integrated programming framework for
the design of distributed services in global,
open and untrusted environments
6
The MESIS Organization Locality Abstractions
7
MESIS Facilities

• Agent Identification Facility
• dynamically assigns GUIDs to any system entity
• Agent Migration Facility
• permits reallocation of network resources and
  service components (native protocol, CORBA
  IIOP, MASIF)
• Agent Communication Facility
• - local comm. by shared objects (blackboards,
  tuple spaces)
• - remote comm. by message exchange
• Agent Naming Facility
• permits to trace and search any system entity
  (by accommodating different naming systems DNS,
  Directory Service, ...)
• Agent Interoperability Facility
• Agent Security Facility

dealt in the following...
8
Why Security and Interoperability in MESIS?

• Untrusted environments call for Security at any
  system layer
• - Mechanisms (authentication, authorization and
  access control, secrecy, integrity)
• - Policies (enforced at domain/place locality)
• - Infrastructures (for certificate
  administration)
• Open and heterogeneous environments require
  Interoperability
• - with other DPE layers via CORBA
• - with other MA DPE implementations via OMG
  MASIF
• Interoperability-related Security Issues
• - CORBA Security Services, SECIOP

9
MESIS Interoperability via CORBA and MASIF
compliance (1)
1
MESIS
as
CORBA
client
2
MESIS
as
CORBA server
3
MASIF
interoperability
3
1
2
MASIF
CORBA
CORBA
CORBA Bridge
Bridge
Server
Client
MASIF
MA DPE
CORBA DPE
MESIS DPE
10
MESIS Interoperability via CORBA and MASIF
compliance (2)
MESIS
MASIF-compliant Manag. System
M
M
A
A
S
S
I
I
F
F
Systems
Management
Security Services
Common

Facilities
CORBA ORB
CMIP
gateway
SNMP
gateway
CORBA-
based
Management
System
CMIP
SNMP
legacy
legacy
systems
systems
11
MESIS Security Mechanisms, Policies and
Infrastructures

• IAIK Cryptographic Mechanisms
• JDK1.2 Security Policies
• Entrust PKI
• Flexibility
• for application designers in the selection of the
  proper security level

12
Management Tools Network Services in MESIS

• We are using the MESIS environment for managing
• resources and services in the areas of
• Network and Systems Management
• Multimedia Distribution Management
• Personal Communications Support Management
• for Mobile Computing Services
• We have already implemented.

13
Network and Systems Management Remote
Installation
14
PCS for Mobile Computing the Mobility Support
Module
15
PCS for Mobile Computing Terminal
Mobility Mobile Place Abstraction
Agents delivered to
a Mobile
Place
Creation of
a Mobile
Place
Agent
A
Mobile
1
2
Place
1
Home
Mobile
3
Place
Domain
A
Place
1
Mobile
Home
Place
1
Place
Domain
A
Place1
Place1
Default
Place1
1
Place2
Place
Domain
B
Agent
B
Agent A
reaches immediately the mobile place.
Agent B
tries to reach the mobile place that has already
moved the agent is tunneled via the home place .
16
Conclusions and Current Work

• The MESIS environment is demonstrating
• to be extremely flexible in the management of
  existing components and services
• to allow rapid prototyping of new services
• We currently work on
• From the point of view of the support
• Full integration with the Entrust PKI
• Full compliance with CORBA Security Services and
  SECIOP
• User Authentication via JavaCard and JavaButton
• From the point of view of the implementation of
  new services
• QoS-aware Multimedia Stream Management
• Intelligent Information Retrieval for
  Distributed Virtual Museums
• Software Docs about MESIS and SOMA are
  available on the Web
• http//www-lia.deis.unibo.it/Research/SOMA/