20020507-VidMid-Verharen
advertisement
Vidmid-vc: Middleware for Video Conferencing Services Egon Verharen, SURFnet Vidmid-vc chair 5/7/2002 •Middleware •Vidmid VC •History, Scope, Status, Authentication & Authorization, Object classes and dir.services, Resource discovery Background •Why • Collaboration does not know boundaries • Services coming your way • Shared need & interest •Formed in spring 2001 • Spent some time naming and scoping •Critical insight and momentum from ViDe & Internet2 Middleware (MACE & Shibboleth) leaders •Focus on videoconferencing and video-on-demand for their middleware requirements •Component of NSF Middleware Initiative (NMI) • NMI-EDIT http://www.nmi-edit.org/ 5/7/2002 Internet2 Spring member meeting 2002, http://middleware.internet2.edu/video/ 2 Middleware and federated administrations • Middleware • It’s not the network, it’s not applications, it’s the stuff nobody wants to do •Stuff • • • • • Identification (“who are you?”) Authentication (“prove me who you are”) Authorization (“I tell you want you can do”) Directory services (where the info is stored) Security •Federated Administration • Virtual organisations/Communities of interest • Trust-based connection between (local) security domains – Higher ed 5/7/2002 Internet2 Spring member meeting 2002, http://middleware.internet2.edu/video/ 3 Where are we ? H.323, SIP, multicast tools 5/7/2002 Internet2 Spring member meeting 2002, http://middleware.internet2.edu/video/ 4 Vidmid in id-world Interrealm Objectclass standards (e.g.eduperson, gridperson) Content Portals Shibboleth exchange of attributes Future PKI Learning Management Systems Security Domain Web services and servers DoDHE et al. Grids et al. Personal Portals WebISO Campus authentication Enterprise directory Future PKI 5/7/2002 Internet2 Spring member meeting 2002, http://middleware.internet2.edu/video/ 5 Vidmid VideoConferencing Goals: • Enable authenticated and authorized call setup • Work out architectural issues – Id, Authnz, Dir. + Resource discovery, security/PKI (for encryption, authentication, signing) – Both intra- and interrealm • Identify infrastructure to support interrealm community video – H.323, SIP, VRVS/AG (multicast) • Instigate client/gw development • foster interoperability at identifier, security and video stream levels – Engage industry players 5/7/2002 Internet2 Spring member meeting 2002, http://middleware.internet2.edu/video/ 6 Vidmid VC status •Prioritized Workplan • from vidmid-vc workshop @ UNC, nov. 2001 •Deliverables: • Scenario’s • Object Classes & Directory services –Video-app directory –ITU standard –Implementation: directory of video-directories • Resource discovery whitepaper –Where to find the objects & services • Users, endpoints, gatekeepers/proxies/registries, dialing instructs, MCUs, gateways, … 5/7/2002 Internet2 Spring member meeting 2002, http://middleware.internet2.edu/video/ 7 Gatekeeper Enterprise Directory Local endpoint tables User data cn . commURI h323 LDAP Server commObject data . commUniqueId commOwner Figure 1. Relationship of H323 LDAP components 5/7/2002 Internet2 Spring member meeting 2002, http://middleware.internet2.edu/video/ 8 Vidmid VC status, deliverables • Framework of requirements, thread models and security services • Flows and architecture for (inter-realm) authentication and authorization – Conferencing attributes – endpoint authentication – datastream protection • Testbeds – SIP – H323 – interdomain – international 5/7/2002 Internet2 Spring member meeting 2002, http://middleware.internet2.edu/video/ 9 A&A call setup auth 1 auth 1a & 2a EP reg. 2 GK/proxy server 9 5 6 autz Ent.p. autz 5/7/2002 8:OK GK/proxy server 3 4 EP media autz7 ? Shibb? Ent.p. autz Internet2 Spring member meeting 2002, http://middleware.internet2.edu/video/ 10 Summary •Vidmid on speed •Deliverables ready • Object classes • White paper on resource discovery, authnz •Near Future • SIP clients • Directory testbed •Prepare • And join 5/7/2002 Internet2 Spring member meeting 2002, http://middleware.internet2.edu/video/ 11 Background info, URLs & docs •Vidmid website • http://middleware.internet2.edu/video/ •Workplan vidmid-vc • http://middleware.internet2.edu/video/VidMid-VC-workplan-12-February-2002.html •Scenario’s (Art Vandenberg GSU, Mary Fran Yafchak SURA, EV) • http://middleware.internet2.edu/video/draft-internet2-vidmid-vc-scenarios-02.html •Object Classes & Directory services (Tyler Johnson UNC, RadVision) • http://middleware.internet2.edu/video/draft-nmi-commObjectDefinition-00.doc • http://middleware.internet2.edu/video/draft-nmi-commObjectWhitePaper-00.doc •Resource discovery whitepaper (Art Vandenberg, GSU) • http://middleware.internet2.edu/video/draft-internet2-vidmid-vc-resource-discovery01.txt •Directory of video-directories (ViDeNet) • http://videnet.unc.edu/vide-dod/index.phtml 5/7/2002 Internet2 Spring member meeting 2002, http://middleware.internet2.edu/video/ 12 Other joint research • Networking – QoS for digvid applications (TF-NGN, I2 QoS) – Network analysis and simulation tools (TF-NGN, VideNet Scout, I2 e2e) – High-reliability architectures (TF-STREAM) – Multicast address space management (Geant) – IPv6 (6net wp’s) • Middleware – Globally-scaleable H.323 number/dial plan & update (TFSTREAM, ViDe NASM) – Inter-gatekeeper communication (ViDeNet) – Security and authentication (I2 vidmid) – Directory services (I2 vidmid, ViDeNet, TF-LSD) 5/7/2002 Internet2 Spring member meeting 2002, http://middleware.internet2.edu/video/ 13 Areas for Joint R&D • Videoconferencing – Gateway development (I2 Commons) • VRVS, AccessGrid (see next pres), MPEG-2, MJPEG – SIP & VoIP (many, vidmid, TERENA?) – Integration alternative media streams (I2, AccessGrid) • e.g. MPEG-4 & HDTV & MJPEG) – Data collaboration tools (ViDe, AccessGrid) – (Semi)Automated scheduling (VRVS, AccessGrid, …) 5/7/2002 Internet2 Spring member meeting 2002, http://middleware.internet2.edu/video/ 14
