Networking Research & Infrastructure
Creating Dynamic Superfacilities the SAFE Way (CICI SAFE)
Description
The term “superfacility" describes an integration of two or more existing Department of Energy facilities that use high performance networks and data management software in order to increase scientific output. Currently, superfacilities are manually built for a specific scientific application or community, which limits their uses to large, long-lived projects. The SAFE Superfacilities project brings together researchers and IT support organizations from RENCI, UNC-Chapel Hill, Duke University, and the DOE’s Energy Sciences Network (ESnet) to develop a way to create dynamic superfacilities on demand. The project puts to use advances in campus science networks (Science DMZs) and federated Infrastructure-as-a-Service in an effort to generalize and automate the creation of superfacilities while overcoming their security challenges. By design, superfacility dynamic network links bypass campus security appliances in order to maintain a friction-free network path; security for these paths is typically addressed by managing interconnections manually.
RENCI's Role
Secure and Resilient Architecture: Creating Dynamic Superfacilities the SAFE Way (SAFE Superfacilities) brings advanced technology such as campus science networks and federated Infrastructure-as-a-Service to a wider range of scientists. A collaboration between RENCI, Duke University, and the U.S. Department of Energy’s ESnet, the project is creating a model for improving security while maintaining high-performance friction-free network paths between campus scientists and remote facilities.
The RENCI team is focused on automating the authorization and security monitoring needed to keep these fast and dynamic network links safe. The researchers plan to use the SAFE logical trust system to authorize on-demand stitching of network links in two systems developed and operated by RENCI, Duke, and their collaborators: the ExoGENI testbed and Duke’s Software-Defined Science Network (SDSN) campus network exchange. The team also will deploy security to monitor traffic on dedicated channels used to manage network devices, commonly known as out-of-band management.