net-centric sensor grid phase 3 advanced cloud computing technology for sensor grid fa8650-d-09-1639...
TRANSCRIPT
Net-Centric Sensor Grid Phase 3
Advanced Cloud Computing Technology for Sensor Grid
FA8650-D-09-1639
Final Presentation and Demo
Anabas, Inc.November 4, 2010
Close-out Charts
• Background (Alex Ho - Anabas)
• Final Status (Alex Ho)
• Results (Alex Ho, Steven Andrew Myers – IU, Xiaofeng Wang – IU, Apu Chandrasen Kapadia – IU, Geoffrey Fox – IU, Gary Whitted – Ball)
• Discussions
BACKGROUND
BackgroundPhase III Contract Scope
• Continue the research & development of the sensor grid technologies developed in previous AFRL SBIR Phase I and II efforts on Grid of Grids for Information Management.
• The initial prototyped sensor grid technologies and system are designed for managing, integrating and making interoperable separately developed sensors and grids, grids using publish-subscribe based mediation services.
• Prototypes were developed for SCGMMS with UDOP capability and a Community Collaboration grid building tool called Grid Builder.
Background Phase III Research Areas
• Research Area A - Enhanced Grid and Cloud Service Technologies
– Addresses new grid of grid, grid service, and cloud computing technologies that would extend and complement the Phase 2 prototyped Sensor Grid framework capabilities
– Special emphasis on the ability to provide reliable, trusted sensor interactions and vigilant sensing– Emphasis on open systems architectures, industry, and international standards– Developing and demonstrating sensor grid technologies to support ISR sensing exploration and development, and
supporting trusted collaborative sensor systems. – Modifications of the underlying architecture and modifications to the user interface
• Research Area B – Applications of Advanced Trustworthiness Technologies for Net-centric Sensor Grids
– Addresses research and development of methodologies, tools and techniques to measure, assess and evaluate trustworthiness for system of systems and grid of grids architectures and to enable trusted, collaborative operations across heterogeneous, distributed sensor systems.
– Techniques to enable trusted sensor data exchange between distributed heterogeneous sensor networks– Methods to generate and communicate trust within sensor networks and methods to monitor health and status of
heterogeneous sensor systems
• Research Area C - Technology Special Projects– Special research projects that do not fall explicitly into one of the technology areas defined above– Research arising from situations as the result of a technological breakthrough or technology roadmap need– Support for special field test and evaluation programs– Support quick deployment and implementation – Support for training needs
Background (cont’d)Task Order 1:Objective and Sub-Tasks
Sub-tasks:(1) Determine enhanced Sensor Grid requirements(2) Develop advanced technologies (3) Develop sensor management services(4) Investigate trustworthiness algorithms (5) Prototype technologies, integration, and demonstration(6) Investigate and develop application scenarios for the enhanced Sensor Grid
To conduct research, development, and integration ofcloud computing and advanced management services for a Network-centric Sensor Grid.
Background (cont’d)Sub-task Assignments (P: Primary S: Supporting C: Co-responsible)
Sub-task Anabas Ball IU
(1) Determine enhanced Sensor Grid requirements (P) (S) (S)(2) Develop advanced technologies (P) (S) (C)(3) Develop Sensor Management Services (P) (S) (C)(4) Investigate Trustworthiness Algorithms (S) (S) (P)(5) Prototype Development, Integration & Demo (P) (S) (S)(6) Investigate and develop application scenarios (C) (P) (S)
FINAL STATUS
Final StatusCompletion
We have completed by October 2010 (1) Determine enhanced Sensor Grid requirements
- some important requirements• secured transport layer• scalable testbed on commercial clouds• mobile devices as sensor hosts or sensor stream relays• Impromptu-independent Sensor Grid
(2) Analysis of cloud and cloud technologies for data and sensor systems
Final Status (cont’d)Completion
(3) Develop advanced technologies • enhanced SCGMMS to be SSL-capable• implemented EC2-based SCGMMS and Grid Builder• enhanced EC2-based SCGMMS and Grid Build to
support distributed clouds• designed and added a mobile proxy architecture• enhanced and implemented NB native bridges for
Android and Gumstix mobile platforms• designed and developed as a first step an
implementation of a light-weight Sensor Grid for transition to Sensor Cloud
• designed and implemented an initial trust architecture and a naïve trustworthiness sensor for integrated system testing
Final Status (cont’d)Completion
(4) Develop enhanced sensor grid management services• Designed and developed an initial management service
and mechanisms for setting and viewing sensor trust attributes
(5) Investigate trustworthiness algorithms and security vulnerabilities in clouds and Web systems and apps
• HMM-based trustworthiness algorithms using contextual data to authenticate and deauthenticate smartphones – completed initial research and experimentation
• Side-channel leakage vulnerability and defense strategies – completed initial research and experimentation
• Soundminer attack scenarios and defense – completed initial research and experimentation
Final Status (cont’d)Completion
(6) Investigate and develop application scenarios for the enhanced Sensor Grid• Ball designed application demo scenario will be
demonstrated
(7) Prototype technologies, integration, and demonstration• Impromptu-based trust architecture• Android remote control sensor for Lego NXT robot on
light-weight sensor grid• Places and Faces – using contextual data to
authenticate and de-authenticate smartphones• Side channel leakages and defenses• Soundminer attack scenarios and defense strategies• Ball demo using light-weight sensor grid and NB
Final Status (cont’d)Publications
• Marlon E. Pierce, Geoffrey C. Fox, Yu Ma, Jun Wang "Cloud Computing and Spatial Cyberinfrastructure" submitted for Publication July 2010
• Geoffrey Fox 22nd ACM "Algorithms and Application for Grids and Clouds " Keynote Talk at Symposium on Parallelism in Algorithms and Architectures Santorini, Greece June 13 - 15, 2010
• Apu Kapadia, Steven Myers, XiaoFeng Wang and Geoffrey Fox " Secure Cloud Computing with Brokered Trusted Sensor Networks " Proceedings of The 2010 International Symposium on Collaborative Technologies and Systems (CTS 2010) May 17-21, 2010 The Westin Lombard Yorktown Center Chicago, Illinois, USA
• Roman Schlegel, Kehuan Zhang, Xiayong Zhou, Mehool Intwala, Apu Kapadia, and XiaoFeng Wang, “Soundminer: A Stealthy and Context-Aware Sound Trojan for Smartphone,” To appear in the 18th Annual Network & Distributed System Security Symposium (NDSS ’11), San Diego, CA, February 6-9, 2011.
Final Status (cont’d)Publications
• S. Chen, R. Wang, X. Wang and K. Zhang, 2010 “Side-Channel Leaks in Web Applications: a Reality Today, a Challenge Tomorrow”, In Proceedings of the 31st IEEE Symposium on Security and Privacy (IEEE S&P Oakland)
• K. Zhang, Z. Li, R. Wang, X. Wang and S.Chen, 2010 “Sidebuster Automated Detection and Quantification of Side-Channel Leaks in Web Application Development”. To appear in Proceedings of the 17th ACM Conference on Computer and Communications Security (CCS).
Final Status (cont’d)
Final Report
• A draft will be completed by or before Nov 30, 2010
Funding
• The SBIR Phase 3 Task Order 1 project is completed within budget.
RESULTS
• Added configurable SSL for sensor grid on clouds• Added SSL for broker to broker in sensor grid
Results: Advanced Technologies Enhanced Security for Sensor Grid
on Cloud
Results: Advanced TechnologiesSensor Grid On Clouds
• Implemented AFRL SBIR Phase 2 SCGMMS, Sensor Grid, and Grid Builder on Amazon EC2 Linux and Windows clouds.
• Extended SCGMMS to inter-clouds (EC2-US and EC2-EU) as a proving ground for enhanced global deployment scalability and to support future distributed, heterogeneous sensor networks.
Results: Advanced TechnologiesInter-cloud Performance (1)
Inter-cloud between EC2-US and EC2-EU
0
2040
60
80
100120
140
1 2 4 8 16 32 64 128
# of Connections
Th
rou
gh
pu
t (M
bp
s)
The EC2-US and EC2-EU inter-cloud sustains a throughput of 126 mbps at 128 Iperf connection. The maximum sustainable throughput has not been reached.
Results: Advanced TechnologiesInter-cloud Performance (2)
The EC2-US and EC2-EU inter-cloud sustains a near linear scalability with an aggregate Trans-Atlantic throughput measured at nearly 500 mbps in this test case.
Inter-cloud Bandwidth Scalability (64 connections)
0
100
200
300
400
500
600
1 2 3 4
Number of instance pairs
Tota
l Th
rou
gh
pu
t (M
bp
s)
Results: Advanced TechnologiesInter-cloud QoS for VoIP
Round-trip latency and jitter measurement satisfies CISCO VoIP QoS network requirementIn all but the case of 2200 users. Only 1 packet lost was detected over a 1.5 day duration.
• Added sensor proxy manager to support mobile sensors
• Sensor proxy manager provides a discovery service for a mobile sensor to connect to a nearby Grid Builder
• Added SSL for mobile handsets to sensor proxy manager communication
Results: Advanced TechnologiesMobile Handsets Support
Results: Advanced TechnologiesTrust Architecture
Some design considerations• An architecture to support easy access to sensor
data and metadata for evaluation of trustworthiness algorithms in sensor grid
• A simple interface to integrate trustworthiness algorithms with sensor grid
Current model supported by sensor grid• Trustworthiness algorithms could be implemented in
the form of trustworthiness sensors. This sensor type can access sensor data and sensor metadata in a sensor grid, and provides its own sensor data (calculated “trustworthiness value”) to a sensor grid.
Results: Advanced TechnologiesAn Initial Light-weight Sensor Grid
• We re-designed SCGMMS to remove its dependency on Impromptu
• We developed an initial light-weight sensor grid that supports better openness and standards-compliance
• 2 of the demos today will use this new light-weight sensor grid. One is for an engineering demo by IU and the other an application scenario demo by Ball
End of Presentation on Core Infrastructure and Middleware
ACKNOWLEDGMENTS
We are grateful to:
• Bill McQuay• James J. Foshee• Raymund Garcia• The U.S. Air Force Research Laboratory – AFRL/RYT• Indiana University CGL/Security Group (Subcontractor Partner)• Ball Aerospace (Subcontractor Partner)
WHAT WE PLAN TO DO
High-Level Sub-tasks• Research and assess a logical sensor overlay architecture to enable dynamic
tasking and configure groups of sensors for selected layered sensing architecture. (Estimated: by mid-December).
• Integrate layered sensing with UDOP. (Estimated: by mid-January)• Research and develop some HMM-based and other appropriate methods to
establish trust and combine/aggregate trust in layered sensing. (Estimated: by end of November 2009 for problem understanding and technical design; by end of March for some preliminary implementation).
• Add support for Android phone as a commercial sensor container for trustworthiness algorithm study. (Estimated: by end of March 2010).
• System integrate, trust, layered sensing, and all newly added features with SCGMMS and Grid Builder. (Estimated: by mid-April 2010)
• Work with AFRL,Ball and IU to support investigation related to demonstrating the enhanced sensor grid for multi-layered sensing urban scenario. (On a continuous basis)
• Package, deploy the enhanced Sensor Grid on clouds for experimentation (Estimated: by mid-May 2010)
• Documentation (Estimated: by end of June 2010.)
A TYPICAL TRUSTED SENSOR DEMO ARCHITECTURE
FOR CLOUDS
ACKNOWLEDGMENTS
We are grateful to:
• Bill McQuay• James J. Foshee• Raymund Garcia• The U.S. Air Force Research Laboratory – AFRL/RYT• Indiana University CGL/Security Group (Subcontractor Partner)• Ball Aerospace (Subcontractor Partner)
Appendix
RESEARCH SENSOR GRIDSon Clouds
Sensor Grids and Clouds
• Secure clouds (elastic resources) can be used to process sensor information.– Computing resources can grow or shrink depending on demand.– Resource locations can be optimized using content distribution
network strategies.• Clouds also make great testbeds
– Simulate large numbers of sensors to test scaling and performance
– Simulate unreliable networks– Simulate attack strategies, consequences of compromised
systems in very large networks.– Investigate mitigation and containment strategies for
compromised resources.
Sensor Grids and Clouds
• Tracks latest open standards, research community and national deployment efforts on clouds and grids.
• An example is the NSF-funded FutureGrid led by Geoffrey Fox for e-Science and high-performance computing to support the development of new system software and applications that can be simulated in order to accelerate the adoption of new technologies in scientific computing.
RESEARCH APPROACH TO
LAYERED SENSING
Layered Sensing• We will research, assess, and evaluate possible advanced sensor
management services which can dynamically task and configure groups of sensors for selected layered sensing architectures.
• We will explore using an overlay architecture for the enhanced Sensor Grid to support construction of selected logically layered sensing architectures.
• The logical overlay architecture will be integrated with the current UDOP capability.
NEAR TERM RESEARCHPLAN ON TRUSTED LAYERED
SENSING BY IU SECURITY GROUP
Results: Advanced TechnologiesStrawman Trust Architecture
Some design considerations• An architecture to support evaluation of
trustworthiness algorithm in sensor grid• An interface to integration trustworthiness algorithm
Current implementation• Designed, implemented and integrated with
SCGMMS, Sensor Grid, and Grid Builder a preliminary sensor-centric trust architecture to support sensor data streams in tandem with sensor attribute states for trustworthiness algorithms modeled as trustworthiness sensors.