logging in or signing up Disz Irvette Download Post to : URL : Related Presentations : Share Add to Flag Embed Email Send to Blogs and Networks Add to Channel Uploaded from authorPOINTLite Insert YouTube videos in PowerPont slides with aS Desktop Copy embed code: (To copy code, click on the text box) Embed: URL: Thumbnail: WordPress Embed Customize Embed The presentation is successfully added In Your Favorites. Views: 62 Category: Education License: All Rights Reserved Like it (0) Dislike it (0) Added: May 01, 2008 This Presentation is Public Favorites: 0 Presentation Description No description available. Comments Posting comment... Premium member Presentation Transcript The Access Grid and Workspace Docking: The Access Grid and Workspace Docking Terry Disz disz@mcs.anl.gov The Futures Lab Math and Computer Science Division Argonne National LaboratoryAccess Grid Project Goals : Access Grid Project Goals Enable Group-to-Group Interaction and Collaboration Connecting People and Teams via the Grid Improve the User Experience: Go Beyond Teleconferencing Provide a Sense of Presence Support Natural Interaction Modalities Use Quality but Affordable Digital IP Based Audio/video Leverage IP Open Source Tools Enable Complex Multisite Visual and Collaborative Experiences Integrate With High-end Visualization Environments ActiveMural, Powerwall, CAVE Family, Workbenches Build on Integrated Grid Services Architecture Develop New Tools to Specifically Support Group CollaborationAG Systems Architecture: AG Systems Architecture Room Instrumentation, Technology, Organizing Software AG Nodes/Clients Edge device management, user interfaces and clients Gateway services to room oriented resources Virtual Venues Spatial metaphor and resource organization Access control and services management Network Services Stream processing and network management Applications Grid Services Record and Playback Service Slide4: An Access Grid Node is a designed space, targeting group to group interaction. For secure applications, physical security must be considered in the design. Each node sends audio and multiple video streams (4) All nodes receive all participants’ video and audio streamsAccess Grid Nodes : Access Grid Nodes Slide7: Network Video Multicast Group Audio Multicast Group AG Nodes Communicate using IP MulticastSlide8: Venue AG Nodes discover users and services through the Venue Services Registry Services Services Services Services P2P Service Usage Venues provide Scope, Discovery and PersistenceSlide9: Venue Third Parties can add, and AG Nodes use Peer to Peer services Services Registry Services Services Services Services Discovery P2P Service Usage P2P Service Usage Venues provide Scope, Discovery and PersistenceSlide10: Network User authentication and authorization services are available Access Control MatrixAccess Grid Software: Access Grid Software VV server package AG Node package Beacon and utilities Docking software Voyager package Demonstration applications (dppt, vic/vtk) Current release AG v1.3 Access Grid Documentation Project: Access Grid Documentation Project Community wide effort to document the Access Grid Based on the Linux documentation project Lead by Boston University Documentation of software, training and user manuals, “Best Practices” http://www.accessgrid.org/agdp/AG Status: AG Status Over 100 Nodes World Wide Venue servers in Europe, Asia, North America Many meetings every day Ag Schedule Weekly Management Tech sessions Classes Seminars Site Reviews Social (Kids on the Grid, Art events, Beer seminar, Maui Sunrise, Montana Wolves) No human factors studies completed yet, but plenty of anecdotes Planning for SCGlobal03 New software under development“Workspace Docking”: “Workspace Docking” Integration of local data and services with other AG participants Shared Files and documents Messaging Video Audio VNC-like desktop control Applications Answer to the question: “What do you call it when I want to show someone something from my computer?” Examples: Examples A user at an AG node wants to show everyone present a PDF document VNC export desktop Shared WEB browser Shared XPDF viewer A user at an AG node wants to send a private message to another user Chat invitation Mud whisper Web send POST-IT Private audio channelExamples: Examples The next presenter at a session wants to privately review slides with a user at another site. Email them, or post Slides to a shared document site Remotely start and control PPT on other’s machine Review over private chat or audio channel A scientist wants to allow other users to control a scientific instrument interface on a workstation XMOVE XMX VNCProblem Description: “Let Me Show You This”: Problem Description: “Let Me Show You This” Requirements: Requirements Establish a Trusted Identity AG VV Login Scoping Create an audience Discovery Find who is present Find who has what capability Find what machines are available Find what services are available Security Find who has permission to do X Give someone permission Describe the thing XML Schemas Services Capabilities Initiation Platform Independent Messaging Environment Cause launch of apps on remote machines Assumptions – AG Services: Assumptions – AG Services Registration Service Users authenticate to a Venue directly or via an AG node Methods of storing, delegating credentials Security Authentication Service Authorization API ACL manipulations, where I have permission Secure Communications API Discovery Identity Discovery API Capability/Service API AG scoping mechanism Persistence Service for Documents/files/etc API for accessing, storing Workspace Docking Architecture: Workspace Docking Architecture Server Interface UpLoad(Classad) Delete(classad) ClassadList RequestMatch(Classad) Client Side Server Interface UpDate(ClassadList) Add(classad) Update(classad) Del(Classad) Query(classad)Workspace Docking Classad (ws classads are always in the scope of a VV classad): Workspace Docking Classad (ws classads are always in the scope of a VV classad) vv_classad = [ service_ad = […]; ws_ad = [ name = …; mod_date = …; created_date = …; filetype = …; location= URL; time_to_live = …; owner_ca = […] ]; access_list = …; registrant_ip = …; registrant_dn = …; requirements = …; (ie other.ws_ad.owner_ca.domain = “ANL”) ] Notes: Upload doesn’t use service_ad attribute Upload requirements specify permissions Request classads use ws_ad to create data elements for the requirements expressionfinis: finisRadical Collocation: Radical Collocation Experts/domain specialists physically located within a single work place (I.e. Project Room) for the duration of a project ( one week to a few months) Examples: space mission control, emergency situation rooms, operating theatres, automotive repair shop, trading floors, etc. Benefits of Collocation Constant real-time visual and audio communication is possible Ad hoc sub grouping is possible Multiple simultaneous conversations possible Ad hoc sharing of documents, workstations and applications Complex shared context is created in situ Large amount of shared work state is made persistentAdvanced Collaboration Environments: Advanced Collaboration Environments Goals: Use advanced computer mediated communications techniques to enhance work environments to enable increased productivity for collaborative work. Exploit the use of high-performance computing technologies (digital media, advanced networking, visualization, VR, etc.) to improve the effectiveness of large-scale collaborative work environments. Thoroughly investigate the thesis that network based advanced collaboration technology can create groupwork productivity benefits comparable to that of radical (classical) collocation for distributed work.Stages of Collaborative Work: Stages of Collaborative Work Awareness Interaction Cooperation Collaboration Virtual Organization Increasing need for persistent collaborative infrastructure Can adding the concept of Persistent Shared Spaces to the current suite of computer supported collaborative work tools enable the cost-effective support of virtual organizations.Components of an AG Node: Components of an AG Node Display Computer Video Capture Computer Audio Capture Computer Mixer Echo Canceller Network RGB Video NTSC Video Analog Audio Digital Video Digital Video Digital Audio Shared App, Control Control Computer RS232 SerialPresence and Immersion [1]: Presence and Immersion [1] Presence Concept originally concerned notion of Tele-presence Remote operation of equipment Remote exploration and task oriented work (e.g. planets, ocean floor, hazardous areas, surgery) The “sensation of being there” Recreate the sensory inputs of a remote location Match modalities with human sensory/perception Transmit over a network (latency, bandwidth) Provide natural way to interact with the remote location Achieving a sense of presence is a key human factor in the effectiveness of remotely piloted vehicles, tele-robotics, etc.Presence and Immersion [3]: Presence and Immersion [3] A users sense of presence depends on: Coupling communications channels to sensory modalities Fidelity of the communications channels Low latency/lag and high-bandwidth (matched to sensory needs) The degree of immersion achieved Transparency of the human-computer interfaces The completeness of the re-created the world High-degree of task involvement improves sense of immersion High-degree of Immersion increased presence High presence increased sense of collocation Tele-Immersion combined notions of Tele-Presence and Immersion to indicate use of VR over networks Session Startup: Multimedia Streams: Session Startup: Multimedia Streams Access Grid Venue 1. Authenticate Join Venue 4. Media Metadata Session keys Network 5. Start media tools Send/Recv media streams 2. Check authorization Compute new session keys Return keys & media data 3. Issue new keys to existing nodesSlide31: Network Encrypted Video Stream Encrypted Audio Stream AG streams can be encrypted Access Control MatrixSlide32: Data files can be securely shared. Access Control MatrixAccess Grid Security: Basic Tools: Access Grid Security: Basic Tools Authentication: Verification that a participant’s identity matches his claimed identity Authorization: Verification that a participant is allowed access to the resources he requests Privacy: Protection (via encryption) of data from eavesdropping Key Distribution: Mechanism for securely sharing encryption keys with authorized partiesAuthentication: Authentication Current AG: simple username/password Upcoming AG 2 Each user issued credentials Credentials assert the identity of the user; issued by a trusted authority Via proxy credentials, single sign-on possible Interoperable with computational Grid credentials Authorization and Privacy: Authorization and Privacy AG Architecture defines authorization services Gate access to resources based on identities (as verified by authorization mechanism) Privacy enforced by bulk encryption of streaming data (audio/video) and data files AES (FIPS 197) Current AG Audio and Video tools implement AES Key Distribution: Key Distribution Via central server Server picks key Clients authenticate with server to retrieve key Peer to Peer via shared secrets Group-based algorithm computes shared secret from which keys are derived Perfect Forward Secrecy Knowledge of an encryption key does not allow determination of a future encryption key Required characteristic of key distribution mechanisms You do not have the permission to view this presentation. In order to view it, please contact the author of the presentation.
Disz Irvette Download Post to : URL : Related Presentations : Share Add to Flag Embed Email Send to Blogs and Networks Add to Channel Uploaded from authorPOINTLite Insert YouTube videos in PowerPont slides with aS Desktop Copy embed code: (To copy code, click on the text box) Embed: URL: Thumbnail: WordPress Embed Customize Embed The presentation is successfully added In Your Favorites. Views: 62 Category: Education License: All Rights Reserved Like it (0) Dislike it (0) Added: May 01, 2008 This Presentation is Public Favorites: 0 Presentation Description No description available. Comments Posting comment... Premium member Presentation Transcript The Access Grid and Workspace Docking: The Access Grid and Workspace Docking Terry Disz disz@mcs.anl.gov The Futures Lab Math and Computer Science Division Argonne National LaboratoryAccess Grid Project Goals : Access Grid Project Goals Enable Group-to-Group Interaction and Collaboration Connecting People and Teams via the Grid Improve the User Experience: Go Beyond Teleconferencing Provide a Sense of Presence Support Natural Interaction Modalities Use Quality but Affordable Digital IP Based Audio/video Leverage IP Open Source Tools Enable Complex Multisite Visual and Collaborative Experiences Integrate With High-end Visualization Environments ActiveMural, Powerwall, CAVE Family, Workbenches Build on Integrated Grid Services Architecture Develop New Tools to Specifically Support Group CollaborationAG Systems Architecture: AG Systems Architecture Room Instrumentation, Technology, Organizing Software AG Nodes/Clients Edge device management, user interfaces and clients Gateway services to room oriented resources Virtual Venues Spatial metaphor and resource organization Access control and services management Network Services Stream processing and network management Applications Grid Services Record and Playback Service Slide4: An Access Grid Node is a designed space, targeting group to group interaction. For secure applications, physical security must be considered in the design. Each node sends audio and multiple video streams (4) All nodes receive all participants’ video and audio streamsAccess Grid Nodes : Access Grid Nodes Slide7: Network Video Multicast Group Audio Multicast Group AG Nodes Communicate using IP MulticastSlide8: Venue AG Nodes discover users and services through the Venue Services Registry Services Services Services Services P2P Service Usage Venues provide Scope, Discovery and PersistenceSlide9: Venue Third Parties can add, and AG Nodes use Peer to Peer services Services Registry Services Services Services Services Discovery P2P Service Usage P2P Service Usage Venues provide Scope, Discovery and PersistenceSlide10: Network User authentication and authorization services are available Access Control MatrixAccess Grid Software: Access Grid Software VV server package AG Node package Beacon and utilities Docking software Voyager package Demonstration applications (dppt, vic/vtk) Current release AG v1.3 Access Grid Documentation Project: Access Grid Documentation Project Community wide effort to document the Access Grid Based on the Linux documentation project Lead by Boston University Documentation of software, training and user manuals, “Best Practices” http://www.accessgrid.org/agdp/AG Status: AG Status Over 100 Nodes World Wide Venue servers in Europe, Asia, North America Many meetings every day Ag Schedule Weekly Management Tech sessions Classes Seminars Site Reviews Social (Kids on the Grid, Art events, Beer seminar, Maui Sunrise, Montana Wolves) No human factors studies completed yet, but plenty of anecdotes Planning for SCGlobal03 New software under development“Workspace Docking”: “Workspace Docking” Integration of local data and services with other AG participants Shared Files and documents Messaging Video Audio VNC-like desktop control Applications Answer to the question: “What do you call it when I want to show someone something from my computer?” Examples: Examples A user at an AG node wants to show everyone present a PDF document VNC export desktop Shared WEB browser Shared XPDF viewer A user at an AG node wants to send a private message to another user Chat invitation Mud whisper Web send POST-IT Private audio channelExamples: Examples The next presenter at a session wants to privately review slides with a user at another site. Email them, or post Slides to a shared document site Remotely start and control PPT on other’s machine Review over private chat or audio channel A scientist wants to allow other users to control a scientific instrument interface on a workstation XMOVE XMX VNCProblem Description: “Let Me Show You This”: Problem Description: “Let Me Show You This” Requirements: Requirements Establish a Trusted Identity AG VV Login Scoping Create an audience Discovery Find who is present Find who has what capability Find what machines are available Find what services are available Security Find who has permission to do X Give someone permission Describe the thing XML Schemas Services Capabilities Initiation Platform Independent Messaging Environment Cause launch of apps on remote machines Assumptions – AG Services: Assumptions – AG Services Registration Service Users authenticate to a Venue directly or via an AG node Methods of storing, delegating credentials Security Authentication Service Authorization API ACL manipulations, where I have permission Secure Communications API Discovery Identity Discovery API Capability/Service API AG scoping mechanism Persistence Service for Documents/files/etc API for accessing, storing Workspace Docking Architecture: Workspace Docking Architecture Server Interface UpLoad(Classad) Delete(classad) ClassadList RequestMatch(Classad) Client Side Server Interface UpDate(ClassadList) Add(classad) Update(classad) Del(Classad) Query(classad)Workspace Docking Classad (ws classads are always in the scope of a VV classad): Workspace Docking Classad (ws classads are always in the scope of a VV classad) vv_classad = [ service_ad = […]; ws_ad = [ name = …; mod_date = …; created_date = …; filetype = …; location= URL; time_to_live = …; owner_ca = […] ]; access_list = …; registrant_ip = …; registrant_dn = …; requirements = …; (ie other.ws_ad.owner_ca.domain = “ANL”) ] Notes: Upload doesn’t use service_ad attribute Upload requirements specify permissions Request classads use ws_ad to create data elements for the requirements expressionfinis: finisRadical Collocation: Radical Collocation Experts/domain specialists physically located within a single work place (I.e. Project Room) for the duration of a project ( one week to a few months) Examples: space mission control, emergency situation rooms, operating theatres, automotive repair shop, trading floors, etc. Benefits of Collocation Constant real-time visual and audio communication is possible Ad hoc sub grouping is possible Multiple simultaneous conversations possible Ad hoc sharing of documents, workstations and applications Complex shared context is created in situ Large amount of shared work state is made persistentAdvanced Collaboration Environments: Advanced Collaboration Environments Goals: Use advanced computer mediated communications techniques to enhance work environments to enable increased productivity for collaborative work. Exploit the use of high-performance computing technologies (digital media, advanced networking, visualization, VR, etc.) to improve the effectiveness of large-scale collaborative work environments. Thoroughly investigate the thesis that network based advanced collaboration technology can create groupwork productivity benefits comparable to that of radical (classical) collocation for distributed work.Stages of Collaborative Work: Stages of Collaborative Work Awareness Interaction Cooperation Collaboration Virtual Organization Increasing need for persistent collaborative infrastructure Can adding the concept of Persistent Shared Spaces to the current suite of computer supported collaborative work tools enable the cost-effective support of virtual organizations.Components of an AG Node: Components of an AG Node Display Computer Video Capture Computer Audio Capture Computer Mixer Echo Canceller Network RGB Video NTSC Video Analog Audio Digital Video Digital Video Digital Audio Shared App, Control Control Computer RS232 SerialPresence and Immersion [1]: Presence and Immersion [1] Presence Concept originally concerned notion of Tele-presence Remote operation of equipment Remote exploration and task oriented work (e.g. planets, ocean floor, hazardous areas, surgery) The “sensation of being there” Recreate the sensory inputs of a remote location Match modalities with human sensory/perception Transmit over a network (latency, bandwidth) Provide natural way to interact with the remote location Achieving a sense of presence is a key human factor in the effectiveness of remotely piloted vehicles, tele-robotics, etc.Presence and Immersion [3]: Presence and Immersion [3] A users sense of presence depends on: Coupling communications channels to sensory modalities Fidelity of the communications channels Low latency/lag and high-bandwidth (matched to sensory needs) The degree of immersion achieved Transparency of the human-computer interfaces The completeness of the re-created the world High-degree of task involvement improves sense of immersion High-degree of Immersion increased presence High presence increased sense of collocation Tele-Immersion combined notions of Tele-Presence and Immersion to indicate use of VR over networks Session Startup: Multimedia Streams: Session Startup: Multimedia Streams Access Grid Venue 1. Authenticate Join Venue 4. Media Metadata Session keys Network 5. Start media tools Send/Recv media streams 2. Check authorization Compute new session keys Return keys & media data 3. Issue new keys to existing nodesSlide31: Network Encrypted Video Stream Encrypted Audio Stream AG streams can be encrypted Access Control MatrixSlide32: Data files can be securely shared. Access Control MatrixAccess Grid Security: Basic Tools: Access Grid Security: Basic Tools Authentication: Verification that a participant’s identity matches his claimed identity Authorization: Verification that a participant is allowed access to the resources he requests Privacy: Protection (via encryption) of data from eavesdropping Key Distribution: Mechanism for securely sharing encryption keys with authorized partiesAuthentication: Authentication Current AG: simple username/password Upcoming AG 2 Each user issued credentials Credentials assert the identity of the user; issued by a trusted authority Via proxy credentials, single sign-on possible Interoperable with computational Grid credentials Authorization and Privacy: Authorization and Privacy AG Architecture defines authorization services Gate access to resources based on identities (as verified by authorization mechanism) Privacy enforced by bulk encryption of streaming data (audio/video) and data files AES (FIPS 197) Current AG Audio and Video tools implement AES Key Distribution: Key Distribution Via central server Server picks key Clients authenticate with server to retrieve key Peer to Peer via shared secrets Group-based algorithm computes shared secret from which keys are derived Perfect Forward Secrecy Knowledge of an encryption key does not allow determination of a future encryption key Required characteristic of key distribution mechanisms