D u k e S y s t e m s Foundations of a Future Inter-Cloud Architecture Jeff Chase Duke University /...
-
Upload
colin-rooney -
Category
Documents
-
view
216 -
download
1
Transcript of D u k e S y s t e m s Foundations of a Future Inter-Cloud Architecture Jeff Chase Duke University /...
![Page 1: D u k e S y s t e m s Foundations of a Future Inter-Cloud Architecture Jeff Chase Duke University / RENCI.](https://reader035.fdocuments.net/reader035/viewer/2022070305/551496d5550346b0158b6351/html5/thumbnails/1.jpg)
D u k e S y s t e m s
Foundations of a Future“Inter-Cloud” Architecture
Jeff ChaseDuke University / RENCI
![Page 2: D u k e S y s t e m s Foundations of a Future Inter-Cloud Architecture Jeff Chase Duke University / RENCI.](https://reader035.fdocuments.net/reader035/viewer/2022070305/551496d5550346b0158b6351/html5/thumbnails/2.jpg)
Some challenges
• Cloud infrastructure resources– diversity and representation
• Programmability and isolation– working at the bottom of the stack
– configurations and compatibility
• Architecture: elements and combinations– assembling virtual infrastructure
– orchestrating multi-domain services
• Trust
![Page 3: D u k e S y s t e m s Foundations of a Future Inter-Cloud Architecture Jeff Chase Duke University / RENCI.](https://reader035.fdocuments.net/reader035/viewer/2022070305/551496d5550346b0158b6351/html5/thumbnails/3.jpg)
Infrastructure as a Service (IaaS)“Consumers of IaaS have access to virtual computers, network-accessible storage, network infrastructure components, and other fundamental computing resources…and are billed according to the amount or duration of the resources consumed.”
![Page 4: D u k e S y s t e m s Foundations of a Future Inter-Cloud Architecture Jeff Chase Duke University / RENCI.](https://reader035.fdocuments.net/reader035/viewer/2022070305/551496d5550346b0158b6351/html5/thumbnails/4.jpg)
4
The GENI Vision A suite of infrastructure for long-running,realistic experiments in Network Science and Engineering
Mobile Wireless Network Edge Site
Sensor Network
Federated International Infrastructure
Federated substrate with end-to-end virtualized “slices”
Heterogeneous,and evolving over time viaspiral development
Deeply programmableVirtualized
2007
“aggregates”
![Page 5: D u k e S y s t e m s Foundations of a Future Inter-Cloud Architecture Jeff Chase Duke University / RENCI.](https://reader035.fdocuments.net/reader035/viewer/2022070305/551496d5550346b0158b6351/html5/thumbnails/5.jpg)
Substrate
Aggregate
Slice
Slice dataplane
Researcher software . . . . . . running on researcher-specified network topology
Slivers(e.g., VMs)
GENI resource model
node pipeVirtual
topology
Virtual resource control
Physicalnode
pipe
![Page 6: D u k e S y s t e m s Foundations of a Future Inter-Cloud Architecture Jeff Chase Duke University / RENCI.](https://reader035.fdocuments.net/reader035/viewer/2022070305/551496d5550346b0158b6351/html5/thumbnails/6.jpg)
GENI is IaaS
• GENI is diverse Infrastructure-as-a-Service• Every IaaS; all connected.
Can we build a common resource/sliver abstraction spanning “all” resource types?
![Page 7: D u k e S y s t e m s Foundations of a Future Inter-Cloud Architecture Jeff Chase Duke University / RENCI.](https://reader035.fdocuments.net/reader035/viewer/2022070305/551496d5550346b0158b6351/html5/thumbnails/7.jpg)
GENI is IaaS
• GENI is diverse Infrastructure-as-a-Service• Every IaaS; all connected.
• How much platform?
![Page 8: D u k e S y s t e m s Foundations of a Future Inter-Cloud Architecture Jeff Chase Duke University / RENCI.](https://reader035.fdocuments.net/reader035/viewer/2022070305/551496d5550346b0158b6351/html5/thumbnails/8.jpg)
Infrastructure
Resources and “Slivers”
![Page 9: D u k e S y s t e m s Foundations of a Future Inter-Cloud Architecture Jeff Chase Duke University / RENCI.](https://reader035.fdocuments.net/reader035/viewer/2022070305/551496d5550346b0158b6351/html5/thumbnails/9.jpg)
EC2: The Canonical IaaS Cloud
![Page 10: D u k e S y s t e m s Foundations of a Future Inter-Cloud Architecture Jeff Chase Duke University / RENCI.](https://reader035.fdocuments.net/reader035/viewer/2022070305/551496d5550346b0158b6351/html5/thumbnails/10.jpg)
Adding storage
![Page 11: D u k e S y s t e m s Foundations of a Future Inter-Cloud Architecture Jeff Chase Duke University / RENCI.](https://reader035.fdocuments.net/reader035/viewer/2022070305/551496d5550346b0158b6351/html5/thumbnails/11.jpg)
Adaptations: Describing IaaS Services
Computer
CPU
Memory
Disk
BW
ra=(8,4)
rb=(4,8)
a
b
crc=(4,4)
→
→
→16
CPU shares
mem
ory
shar
es
![Page 12: D u k e S y s t e m s Foundations of a Future Inter-Cloud Architecture Jeff Chase Duke University / RENCI.](https://reader035.fdocuments.net/reader035/viewer/2022070305/551496d5550346b0158b6351/html5/thumbnails/12.jpg)
Adaptations: service classes
• Must adaptations promise performance isolation?
• There is a wide range of possible service classes…to the extent that we can reason about them.
Availablesurplus
Weakeffort
Besteffort
Proportionalshare
Elastic reservation
Hard reservation
Continuum of service classes
Reflects load factor or overbooking degree
Reflects priority
![Page 13: D u k e S y s t e m s Foundations of a Future Inter-Cloud Architecture Jeff Chase Duke University / RENCI.](https://reader035.fdocuments.net/reader035/viewer/2022070305/551496d5550346b0158b6351/html5/thumbnails/13.jpg)
Adaptations: multi-layer networks
NDL semantic description: a snippet<!--Polatis-Renci:f1--><ndl:Interface rdf:about="#Polatis-Renci:f1"><rdf:type rdf:resource="http://…/ndl/wdm#FiberNetworkElement"/> <rdfs:label>Polatis-Renci:f1</rdfs:label> <ndl:connectedTo rdf:resource="#Polatis-Duke:f1"/></ndl:Interface>
![Page 14: D u k e S y s t e m s Foundations of a Future Inter-Cloud Architecture Jeff Chase Duke University / RENCI.](https://reader035.fdocuments.net/reader035/viewer/2022070305/551496d5550346b0158b6351/html5/thumbnails/14.jpg)
Making connections
node node
program
link
interface
program
“switch” node
![Page 15: D u k e S y s t e m s Foundations of a Future Inter-Cloud Architecture Jeff Chase Duke University / RENCI.](https://reader035.fdocuments.net/reader035/viewer/2022070305/551496d5550346b0158b6351/html5/thumbnails/15.jpg)
Resource functions and attributes
node node
router program or....?
SwitchMatrix/CrossConnect capabilities: e.g., tag swapping.
Interface capabilities, e.g., VLAN attach/enable.
Programming platform and compatibility....
![Page 16: D u k e S y s t e m s Foundations of a Future Inter-Cloud Architecture Jeff Chase Duke University / RENCI.](https://reader035.fdocuments.net/reader035/viewer/2022070305/551496d5550346b0158b6351/html5/thumbnails/16.jpg)
An adaptation
virtual interfaceVM instance
logical pipe
![Page 17: D u k e S y s t e m s Foundations of a Future Inter-Cloud Architecture Jeff Chase Duke University / RENCI.](https://reader035.fdocuments.net/reader035/viewer/2022070305/551496d5550346b0158b6351/html5/thumbnails/17.jpg)
Virtual network exchange
Virtual colocampus net to circuit fabric
Cloud hosts with network control
Building network topologies
Computed embedding
![Page 18: D u k e S y s t e m s Foundations of a Future Inter-Cloud Architecture Jeff Chase Duke University / RENCI.](https://reader035.fdocuments.net/reader035/viewer/2022070305/551496d5550346b0158b6351/html5/thumbnails/18.jpg)
IaaS: clouds and network virtualization
Cloud Providers
Virtual Compute and Storage Infrastructure
Transport Network Providers
Cloud APIs (Amazon EC2 ..)Cloud APIs (Amazon EC2 ..) Network Provisioning APIs (NLR Sherpa, DOE OSCARS, I2 ION, OGF NSI …)
Virtual Network Infrastructure
![Page 19: D u k e S y s t e m s Foundations of a Future Inter-Cloud Architecture Jeff Chase Duke University / RENCI.](https://reader035.fdocuments.net/reader035/viewer/2022070305/551496d5550346b0158b6351/html5/thumbnails/19.jpg)
“The missing link”Virtual Infrastructure
Cloud Providers
Bandwidth Provisioned Circuit Network Fabrics
Network Transit Providers
![Page 20: D u k e S y s t e m s Foundations of a Future Inter-Cloud Architecture Jeff Chase Duke University / RENCI.](https://reader035.fdocuments.net/reader035/viewer/2022070305/551496d5550346b0158b6351/html5/thumbnails/20.jpg)
OrchestrationKeeping it together
![Page 21: D u k e S y s t e m s Foundations of a Future Inter-Cloud Architecture Jeff Chase Duke University / RENCI.](https://reader035.fdocuments.net/reader035/viewer/2022070305/551496d5550346b0158b6351/html5/thumbnails/21.jpg)
![Page 22: D u k e S y s t e m s Foundations of a Future Inter-Cloud Architecture Jeff Chase Duke University / RENCI.](https://reader035.fdocuments.net/reader035/viewer/2022070305/551496d5550346b0158b6351/html5/thumbnails/22.jpg)
Flukes Semantic GUI
Ilia Baldine
![Page 23: D u k e S y s t e m s Foundations of a Future Inter-Cloud Architecture Jeff Chase Duke University / RENCI.](https://reader035.fdocuments.net/reader035/viewer/2022070305/551496d5550346b0158b6351/html5/thumbnails/23.jpg)
controller
• ORCA is a “wrapper” for off-the-shelf cloud and circuit nets etc., enabling federated orchestration:+ Resource brokering
+ VM image distribution
+ Topology embedding
+ Stitching
+ Authorization
• GENI, DOE, NSF SDCI+TC• http://networkedclouds.org
• http://geni-orca.renci.org
Open Resource Control Architecture
B
SM
AM
aggregate
coordinator
![Page 24: D u k e S y s t e m s Foundations of a Future Inter-Cloud Architecture Jeff Chase Duke University / RENCI.](https://reader035.fdocuments.net/reader035/viewer/2022070305/551496d5550346b0158b6351/html5/thumbnails/24.jpg)
Overview (1)
Guest-programmablePluggable controller policiesDeployment and monitoring
1. Create a manager for automated elastic
control and monitoring of “slice”.
SliceManager Feedback
control
![Page 25: D u k e S y s t e m s Foundations of a Future Inter-Cloud Architecture Jeff Chase Duke University / RENCI.](https://reader035.fdocuments.net/reader035/viewer/2022070305/551496d5550346b0158b6351/html5/thumbnails/25.jpg)
Overview (2)
2. Place a new orchestration server (Aggregate Manager or authority) at each
provider.
3. Empower AM to approve remote
requests according to local policies, and
invoke local control interfaces as needed.
AM AM
SM
![Page 26: D u k e S y s t e m s Foundations of a Future Inter-Cloud Architecture Jeff Chase Duke University / RENCI.](https://reader035.fdocuments.net/reader035/viewer/2022070305/551496d5550346b0158b6351/html5/thumbnails/26.jpg)
Infrastructure Service(e.g., cloud stack or transport network service)
IaaS API
Resource handler
AMTestbed user
requests
AuxSite
Service
Otheruser
requests
pluginsgeneric
front-endimage/cert proxy,
FlowVisor, etc.
Inside an aggregate AM
![Page 27: D u k e S y s t e m s Foundations of a Future Inter-Cloud Architecture Jeff Chase Duke University / RENCI.](https://reader035.fdocuments.net/reader035/viewer/2022070305/551496d5550346b0158b6351/html5/thumbnails/27.jpg)
Overview (3)
Brokering Services
4. Add brokering services for federation, resource
discovery, coordination.
AM AM
SM 5. Advertise or delegate
resources to broker.
![Page 28: D u k e S y s t e m s Foundations of a Future Inter-Cloud Architecture Jeff Chase Duke University / RENCI.](https://reader035.fdocuments.net/reader035/viewer/2022070305/551496d5550346b0158b6351/html5/thumbnails/28.jpg)
Overview (4)
Image/Appliance Services
6. Automate distribution of images, and
endorsement of their attributes.
AM AM
SM
![Page 29: D u k e S y s t e m s Foundations of a Future Inter-Cloud Architecture Jeff Chase Duke University / RENCI.](https://reader035.fdocuments.net/reader035/viewer/2022070305/551496d5550346b0158b6351/html5/thumbnails/29.jpg)
B
lease
SM
AM
NDL-OWL: Making the most of semantic resource descriptions
Substrate abstraction and advertisement
Resource request
Sliver reservation
manifest
G-API
Users and tools
Reservation
Full substrate description
![Page 30: D u k e S y s t e m s Foundations of a Future Inter-Cloud Architecture Jeff Chase Duke University / RENCI.](https://reader035.fdocuments.net/reader035/viewer/2022070305/551496d5550346b0158b6351/html5/thumbnails/30.jpg)
NDL-OWL• NDL-OWL ontology (Semantic Web) extends Network
Description Language (NDL), based on G.805 model.– uva.nl SNE: http://www.science.uva.nl/research/sne/ndl
– NDL represents substrate: topology, connectivity, layers, adaptations (e.g., circuits, virtualization)
– NDL enables path computation by SPARQL queries
• NDL-OWL adds abstracted views of resources– Abstracted view of substrate (resource advertisements)
– Resource requests, embeddings, and allocation
– Edge resources and their configuration
– Label sets (e.g., VLAN tags), label produce/consume tags
![Page 31: D u k e S y s t e m s Foundations of a Future Inter-Cloud Architecture Jeff Chase Duke University / RENCI.](https://reader035.fdocuments.net/reader035/viewer/2022070305/551496d5550346b0158b6351/html5/thumbnails/31.jpg)
NDL-OWL in ORCA • Represent resource semantics for IaaS systems declaratively.
– Not “baked in” to control framework.
– Drive control framework actions by queries on models.
• NDL-OWL adds semantically rich labels for dynamic provisioning.
– Capacity constraints, QoS, usage tracking
• NDL-OWL modules in AMs drive templated configuration commands automatically.
– setup/teardown handler calls from Aggregate Manager
• NDL-OWL modules in SM generate dependency graph for sequenced stitching.
– Declarative stitching framework: propagate typed labels from producers to consumers along dependency DAG
![Page 32: D u k e S y s t e m s Foundations of a Future Inter-Cloud Architecture Jeff Chase Duke University / RENCI.](https://reader035.fdocuments.net/reader035/viewer/2022070305/551496d5550346b0158b6351/html5/thumbnails/32.jpg)
B
lease
SM
AM
NDL-OWL LogicResource query
matching, bandwidth/endpoint
allocationRSpecNDL-OWL
conversions
Interdomain topology
embedding and stitching dependency
DAG inference
Users and tools
Resource allocation and
stitching
NDL-OWL representations drive
stitching by label propagation along dependency DAG.
G-API
![Page 33: D u k e S y s t e m s Foundations of a Future Inter-Cloud Architecture Jeff Chase Duke University / RENCI.](https://reader035.fdocuments.net/reader035/viewer/2022070305/551496d5550346b0158b6351/html5/thumbnails/33.jpg)
ExoGENI
• Every Infrastructure as a Service, All Connected.– Substrate may be volunteered or rented.
– E.g., public or private clouds and transit providers
• ExoGENI Principles:– Open substrate
– Off-the-shelf back-ends
– Provider autonomy
– Federated coordination
– Dynamic contracts
– Resource visibility
![Page 34: D u k e S y s t e m s Foundations of a Future Inter-Cloud Architecture Jeff Chase Duke University / RENCI.](https://reader035.fdocuments.net/reader035/viewer/2022070305/551496d5550346b0158b6351/html5/thumbnails/34.jpg)
Applications and Platforms
![Page 35: D u k e S y s t e m s Foundations of a Future Inter-Cloud Architecture Jeff Chase Duke University / RENCI.](https://reader035.fdocuments.net/reader035/viewer/2022070305/551496d5550346b0158b6351/html5/thumbnails/35.jpg)
SM
Topology requests specified in NDL
GENI-API and ALT-G
User tools request topologies for experiments, systems,applications.
NDL
NDL-OWL drives embedding and
stitching by label propagation along dependency DAG.
NDL-OWL semantic web representations for substrate and requests.
AM AM
![Page 36: D u k e S y s t e m s Foundations of a Future Inter-Cloud Architecture Jeff Chase Duke University / RENCI.](https://reader035.fdocuments.net/reader035/viewer/2022070305/551496d5550346b0158b6351/html5/thumbnails/36.jpg)
SC11 Demo: Solar Fuels Workflow
![Page 37: D u k e S y s t e m s Foundations of a Future Inter-Cloud Architecture Jeff Chase Duke University / RENCI.](https://reader035.fdocuments.net/reader035/viewer/2022070305/551496d5550346b0158b6351/html5/thumbnails/37.jpg)
Oxidation catalysts
Image provided by UNC-CH EFRC: http://www.efrc.unc.edu/
mcdrt.xmcdrt.x
mofmt.xmofmt.x
mcuft.xmcuft.x
argos.xargos.x
mcscf.xmcscf.x
tran.xtran.x
PSOCI.xPSOCI.x MPI (Hopper)
Serial (Condor/Orca)
![Page 38: D u k e S y s t e m s Foundations of a Future Inter-Cloud Architecture Jeff Chase Duke University / RENCI.](https://reader035.fdocuments.net/reader035/viewer/2022070305/551496d5550346b0158b6351/html5/thumbnails/38.jpg)
Example Dynamic Workflow: Ensemble
38
Create slice of resources for ensemble step
Delete slice of resources for ensemble step
• Wide step of Ensemble is temporal
• Width may not be known before ensemble generation
De-provisioningDe-provisioning
ProvisioningProvisioningEnsemble GeneratorEnsemble Generator
CollectorCollector
![Page 39: D u k e S y s t e m s Foundations of a Future Inter-Cloud Architecture Jeff Chase Duke University / RENCI.](https://reader035.fdocuments.net/reader035/viewer/2022070305/551496d5550346b0158b6351/html5/thumbnails/39.jpg)
Trust
![Page 40: D u k e S y s t e m s Foundations of a Future Inter-Cloud Architecture Jeff Chase Duke University / RENCI.](https://reader035.fdocuments.net/reader035/viewer/2022070305/551496d5550346b0158b6351/html5/thumbnails/40.jpg)
Federated trust challenges
• External identity providers (SAML SSO)– Assertion of identity attributes
• Trust structures for federated coordination– Multiple overlapping federations/policies
• Declarative trust structure and policy– Delegation, inference, audits, accountability
– Global slices with capability-based protection
– Software-defined networking services and rights
– Image certifications/endorsements
– stitching
![Page 41: D u k e S y s t e m s Foundations of a Future Inter-Cloud Architecture Jeff Chase Duke University / RENCI.](https://reader035.fdocuments.net/reader035/viewer/2022070305/551496d5550346b0158b6351/html5/thumbnails/41.jpg)
Bidirectionaltrust based on
agreements
GENI Operations and Control
GENI trust structure: overview (v1.0)
CH
AM AM AM AM
Users and tools
Principals are users and organizations, and tools or servers acting on their behalf.
Users create global slices and request aggregates to bind local resources to those slices.
![Page 42: D u k e S y s t e m s Foundations of a Future Inter-Cloud Architecture Jeff Chase Duke University / RENCI.](https://reader035.fdocuments.net/reader035/viewer/2022070305/551496d5550346b0158b6351/html5/thumbnails/42.jpg)
GENI trust structure (v2.0)
AM AM
GOC
GMOC I&M
AMs trust the coordinators,
transitively.
NSF GENI Federation provides identity and authorization services (coordinators) for GENI aggregates.
GENI “Clearinghouse”
IdP PA SA
![Page 43: D u k e S y s t e m s Foundations of a Future Inter-Cloud Architecture Jeff Chase Duke University / RENCI.](https://reader035.fdocuments.net/reader035/viewer/2022070305/551496d5550346b0158b6351/html5/thumbnails/43.jpg)
IdP
Issue user credentials Users have
roles e.g., student, faculty.
Registeruser
user registered
Example: Identity Provider (IdP)
IdP.geniUserTIdP.studentT
IdP.enrolled(CS-114)T
IdP.geniUserDIdP.facultyD
• An IdP asserts facts about users.
• User attributes may include inCommon attributes harvested through indirect delegation to Shibboleth IdPs.
• These attributes may have parameters with simple values (strings or numbers).
D
T
![Page 44: D u k e S y s t e m s Foundations of a Future Inter-Cloud Architecture Jeff Chase Duke University / RENCI.](https://reader035.fdocuments.net/reader035/viewer/2022070305/551496d5550346b0158b6351/html5/thumbnails/44.jpg)
Cloud-Based Credential Store
IdP
Issue user credentials
PA
Create project
SA
Registeruser
Issue project x
credentials
Create slice in x
Issueslice s
credentials
Create sliver in s
1
3
52 4
Delegate
GENI Authorization: Workflow
![Page 45: D u k e S y s t e m s Foundations of a Future Inter-Cloud Architecture Jeff Chase Duke University / RENCI.](https://reader035.fdocuments.net/reader035/viewer/2022070305/551496d5550346b0158b6351/html5/thumbnails/45.jpg)
The view from an AM
AM
• To an aggregate, the world is (has) a cloud of coordinators that the aggregate may accept, or not.
• Think about EC2: it only cares about VISA and MasterCard.
![Page 46: D u k e S y s t e m s Foundations of a Future Inter-Cloud Architecture Jeff Chase Duke University / RENCI.](https://reader035.fdocuments.net/reader035/viewer/2022070305/551496d5550346b0158b6351/html5/thumbnails/46.jpg)
The view from an AM
AM
• A federation is just a convenient grouping of coordinators for an AM to accept as a bundle.
• An AM may even accept them without “joining” the Federation, i.e., agreeing to conform to its dictates.
![Page 47: D u k e S y s t e m s Foundations of a Future Inter-Cloud Architecture Jeff Chase Duke University / RENCI.](https://reader035.fdocuments.net/reader035/viewer/2022070305/551496d5550346b0158b6351/html5/thumbnails/47.jpg)
AM-centric view of coordination
AMAny surrender of sovereignty to a Federation is voluntary, or induced by socio-political factors outside the trust structure.
The NSF GENI AMs choose to surrender.
![Page 48: D u k e S y s t e m s Foundations of a Future Inter-Cloud Architecture Jeff Chase Duke University / RENCI.](https://reader035.fdocuments.net/reader035/viewer/2022070305/551496d5550346b0158b6351/html5/thumbnails/48.jpg)
AM-centric view of coordination
AM
Therefore, we should design coordinators that leave AMs free to choose from the menu of coordinators available.
To the extent that AMs choose the same coordinators, they should work.
![Page 49: D u k e S y s t e m s Foundations of a Future Inter-Cloud Architecture Jeff Chase Duke University / RENCI.](https://reader035.fdocuments.net/reader035/viewer/2022070305/551496d5550346b0158b6351/html5/thumbnails/49.jpg)
Software Service as a Subject
• Trust is “typically” based on a human or organizational identity.
• Can we trust a service or program instance independent of our trust in its owner (SP)?
• Can a slice or cloud-hosted service be “its own” subject?
• Add new building blocks:– Assert/certify program attributes
– Remote attestation
![Page 50: D u k e S y s t e m s Foundations of a Future Inter-Cloud Architecture Jeff Chase Duke University / RENCI.](https://reader035.fdocuments.net/reader035/viewer/2022070305/551496d5550346b0158b6351/html5/thumbnails/50.jpg)
“Trusted Platform Cloud”
• Trusted entity certifies program properties.
• AM attests to loaded program or image
• Client infers instance attributes from program properties
• Sealed instances
Service Instance Identity (SID): autonomous, independent of owner.
![Page 51: D u k e S y s t e m s Foundations of a Future Inter-Cloud Architecture Jeff Chase Duke University / RENCI.](https://reader035.fdocuments.net/reader035/viewer/2022070305/551496d5550346b0158b6351/html5/thumbnails/51.jpg)
Signed, Sealed, Delivered
• Program (or image) must be signed and endorsed by entity trusted by clients.
• Program is delivered to the cloud sites where it runs, under control of SP (instance owner).
• Cloud provider (AM) seals the instance to prevent post-launch tampering by SP.– Administer through well-defined interfaces only.
– No “log in as root”
– Cloud provider issues fresh key and attestation.
![Page 52: D u k e S y s t e m s Foundations of a Future Inter-Cloud Architecture Jeff Chase Duke University / RENCI.](https://reader035.fdocuments.net/reader035/viewer/2022070305/551496d5550346b0158b6351/html5/thumbnails/52.jpg)
Example: Trusted Platform as a Service
Andrew Brown et. JC, Trusted Platform-as-a-Service: A Foundation for Trustworthy Cloud-Hosted Applications, CCSW 2011
A Service Provider requests a new instance to run a Python/Django program. ORCA
launches a trusted image designated for running secured code. The image has a script that
fetches the program, launches it, and seals itself.
![Page 53: D u k e S y s t e m s Foundations of a Future Inter-Cloud Architecture Jeff Chase Duke University / RENCI.](https://reader035.fdocuments.net/reader035/viewer/2022070305/551496d5550346b0158b6351/html5/thumbnails/53.jpg)
Toward an “InterCloud” and FIA
• Networked clouds present a range of challenges
– Identity, trust, governance, policy
– Resource representation and resource control
• An “InterCloud” must provide some some coordination services trusted by aggregates.
• The trust graphs must match the inter-cloud governance/agreement structure, which may be complex and fluid.– Specify them declaratively with a trust delegation logic.
– Evolve them according to events at the socio-political layer.
• Attestation of hosted services enables a trustworthy ecosystem of cloud application.
• Next: pricing, economics, and adaptation