Multiple Views on Multiplicity Computing: Opportunities Viewed through a Cyber-Security Lens CREST Workshop Rick Schantz, Partha Pal, Aaron Paulos, Joe Loyall, Kurt Rohloff Distributed Systems Technology Group March 23, 2012
1982: R&D Computing Landscape Multiplicity emerging … 2
1982: Heterogeneity, Specialization Among Plenty (or so it seemed at the time) 3
1990s Integrated Adaptive System Concept System-wide QoS Application or Domain-specific Contract QoS QoS Adaptive Control Contract QoS Adaptive Control Contract Common Middleware ACE/TAO RT ORB QoS Adaptive Control Services QoS ACE/TAO RT ORB Contract ACE/TAO RT ORB QoS Adaptive Control ACE/TAO RT ORB Contract Distribution Middleware QoS Adaptive Control ACE/TAO RT ORB QoS IntServ /RSVP IntServ/RSVP IntServ/RSVP IntServ/RSVP IntServ/RSVP IntServ/RSVP Operating System Operating Operating Operating Operating Operating Operating QoS System System System System System System Network QoS
Dynamic Quality of Service is a Key Aspect of Mission Critical Distributed Systems Gracefully QoS management for distributed handle degraded systems strives to provide a and hostile situations predictable high level of mission Utility effectiveness and user Effectively utilize resources satisfaction within available resources. Resources • Capture QoS aspects • Manage the resources of mission that could become requirements bottlenecks • Effectively utilize • Mediate conflicting available resources demands for resources for mission • Dynamically reallocate effectiveness as conditions change 5
Allocating Resources According to Utility System • How to determine mission Utility utility? • Each mission has multiple sets of tasks called application strings. Mission Mission Mission – Take weighted sum of string Utility Utility Utility utilities N i m s s UA w UA i j j i 1 String String String – Weighting for relative Utility Utility Utility importance of strings. • String utility • Quality of Service Factors: • Maximize end-user value! – Timeliness • Dynamically adjust resource – Availability allocation. – Quality – Throughput -Continuous end-to-end improvement. -Robust to variations in j UA s F ( T , a , q , Th ) system behavior. -Maximize utility across deployed missions. -Gracefully handle resource failures.
Multi-Layered End-to-End QoS Management End-to-end QoS management must Control and Monitor Network Bandwidth – Set DiffServ CodePoints (per ORB, component server, thread, stream, or message) – Manage all the resources that can affect QoS, i.e., – Work with DSCP directly or with higher level bandwidth brokers anything that could be a bottleneck at any time – Priority-based (Diffserv) or reservation-based (RSVP) during the operation of the system (e.g., CPU, bandwidth, memory, power, sensors, …) Control and Monitor CPU Processing – Shape the data and processing to fit the available – CPU Reservation or CPU priority and scheduling – Have versions that work with CPU broker, RT CORBA, RTARM resources and the mission needs • What can be delivered/processed Shape and Monitor Data and Application Behavior • What is important to deliver/process – Shape the data to fit the resources and the requirements – Insert using components, objects, wrappers, aspect weaving, or intercepters – Includes capturing mission requirements, – Library that includes scaling, compression, fragmentation, tiling, pacing, cropping, monitoring resource usage, controlling resource format change knobs, and runtime reallocation/adaptation Coordinated QoS Management Information Supplier/ System resource managers Consumer allocate available resources based on mission requirements, participants, roles, and priorities Local resource managers decide Information Information Network how best to utilize the resource Supplier Consumer allocation to meet mission requirements Dynamic QoS realized by • Assembly of QoS components Information • Paths through QoS components Supplier/ • Parameterization of QoS components • Adaptive algorithms in QoS components Consumer
2000s Multi-Layered QoS Management for Service-Oriented Distributed Information Systems Mission-level QoS policies Mission-level QoS policies QoS Administration QoS Display QoS Administration Mission Management • Roles, importance, deadlines, • Roles, importance, deadlines, QoSPolicyContext; PreferenceContext user prefs. user prefs. Policy actions Aggregate QoS Information Services Pluggable Policy Status QoS Context Management information Policy QoS Manager (ISQM) Store Client Authent. token; QoS management across QoS management across Orchestration Parsed policy multiple users multiple users instance values Operation • Fairness, resource • Fairness, resource allocations, importance allocations, importance QoSContext Bandwidth Manager Context attributes Metrics Enforce QoS policies at Enforce QoS policies at Local QoS Monitoring Task Creation local decision points local decision points BW allocation Management Service Operation • Priorities of operations and • Priorities of operations and task object Status information information information Task Manager Submission Mgr Dissem. Mgr Insert task • Resource access and • Resource access and LQM Service LQM Service LQM Service process/info shaping process/info shaping Extract task Information QoS instance Filter Mgr (via Information Mechanisms Extract Channel) Insert QoS enforcement QoS enforcement info Get thread info Xlayer Rate Limiting Information to assign mechanisms mechanisms instance Control Diss. queues to task (via Information • Differentiated service • Differentiated service Channel) Task (Broker, Client Task queues Thread Pool • Thread and queue control • Thread and queue control Read Info, Filter, • Rate control, compression, • Rate control, compression, Query, Archive) Info instances Client filtering, replacement filtering, replacement Client IDs (broker, filter, read IO only)
From Protection to Auto-Adaptive to Survivable and Self-Regenerative Systems No system is perfectly secure – only adequately secured with respect to the perceived threat. Prevent Intrusions Prevent Intrusions (Access Controls, Cryptography, Trusted Computing Base) Access Control & Cryptography Trusted Computing Physical Security Base But intrusions will occur 1 st Generation: Protection Detect Intrusions, Limit Damage (Firewalls, Intrusion Detection Systems, Intrusion Boundary VPNs Detection Virtual Private Networks, PKI) Controllers PKI Firewalls Systems 2 nd Generation: Detection But some attacks will succeed Tolerate Attacks Tolerate Attacks (Redundancy, Diversity, Deception, Big Board View of Hardened Intrusion Wrappers, Proof-Carrying Code, Graceful Attacks Operating Tolerance Degradation Real-Time Situation Proactive Secret Sharing) System Awareness & Response 3 rd Generation: Intrusion Tolerance and Survivability 9
Survivability and Intrusion Tolerance Protect Detect React Premise Attacks • The number & sophistication of cyber attacks is increasing – some of these attacks will succeed Philosophy • Operate through attacks by using a layered defense-in-depth concept • Accept some degradation • Protect (C,I, A) of most valuable assets (information, services, …) • Move faster than the intruder Approach •“Defense Enabling” Distributed Applications • Survivability architecture • Exploring beyond degradation-- regain, recoup, regroup and even improve • Semi-automated: Survivability architecture captures a lot of low level (and sometimes uncertain and incomplete) information – utilizes advanced reasoning and machine learning 10
Slowly Advancing from Defending to Tolerance to Survivability toward Regeneration 1997 1998 1999 2011 2012 2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 Adaptive AQuA Distributed OIT Red Team Assessments Object QuOIN Middleware Defense Defense Enabling Enabling APOD: Applications that Survivable and Secure Systems Participate In Their Own Defense Autonomic Autonomic Defense Defense ITUA: Intrusion Tolerance Through Unpredictable Adaptation DPASA: Designing Adaptation Unpredictability Unpredictability APS: Advanced And Protection into a Protected Services Survivability Architecture Byzantine FT Byzantine FT Self-Regenerative CSISM* Survivable systems Survivability Survivability Survivable Survivable Architectures Architectures SOA-based SOA and IMSes and *Cognitive Support for Intelligent Survivability Mgmt Systems Systems Focus Area Cognitive Survivability Management Cognitive Survivability Management DARPA AFRL DHS/HSARPA 11
Recommend
More recommend
