Security related project. For students who may have security background knowledge.
Web-Based
Enterprise Management (WBEM). "This initiative was designed to unify
the management of enterprise environments through the development of a set
of Internet- and management-standard technologies. With WBEM, companies
can develop and deliver a set of standards-based management tools that leverage
new and emerging technologies such as the eXtensible Markup Language (XML)
and Common Information Model (CIM)." from http://wwws.sun.com/software/solaris/wbem/cover/cover.html
Investigate the resource discovery, disaster recovery, security, load balancing, and customization problems in storage networks.
2. SAN Management - this area is one that is not well understood nor
well
implemented. Providing the management tools for successful setup and
management
of SAN's is a possibility for some software projects.
Several subareas under this could be:
1. Setup, discovery and configuration of the SAN
2. Capacity planning
3. Ability to correlate data with regard to faults
4. Ability to create 'logical' fault isolation groups
5. CIM/WBEM SAN mgt Interfaces
6. Performance management
7. Asset management - the ability to uniquely and unambiguously
identify each component of the SAN and manage them based on
this. This includes change management as well.
8. Policy management to include:
-Disaster recovery
-Backup
-Hierarchical Storage Management
-Data migration in the case of a failure
9. Event management
3. In the area of security:
1. Hard zoning - that is enabling only certain hosts and/or users
to access certain blocks of data in the SAN.
2. A centralized, trusted zoning manager for the SAN
3. Other ways to enforce 'zoning' of data, without the use of hard
zoning techniques
4. Access control, virus detection and user/group administration
From: sjelinek [mailto:Sarah.Jelinek@sun.com]
Sent: Monday, September 23, 2002 9:19 AM
To: stevewise@adelphia.net; Sarah.Jelinek@sun.com; chow@cs.uccs.edu
Cc: sirubey@excite.com; Sarah.Nelms@sun.com; xiejianhua@hotmail.com
Subject: RE: WBEM Research Project
Edward and Steve,
There are several areas that could be worked on with regard to WBEM
for
research/thesis topics.
>
>2. SAN Management - this area is one that is not well understood
nor
>well
>implemented. Providing the management tools for successful setup
and
>management
>of SAN's is a possibility for some software projects.
> Several subareas under this could be:
> 1. Setup, discovery and configuration of the SAN
> 2. Capacity planning
> 3. Ability to correlate data with regard to faults
> 4. Ability to create 'logical' fault isolation groups
> 5. CIM/WBEM SAN mgt Interfaces
This would specifically be the implementation of the Bluefin spec that
is
attached. This is a new spec, just recently adopted by SNIA as the 'standard'
for managing/configuring/monitoring SANs.
> 6. Performance management
> 7. Asset management - the ability to uniquely and
>unambiguously
> identify each component of the SAN and manage them based
>on
> this. This includes change management as well.
> 8. Policy management to include:
> -Disaster recovery
> -Backup
> -Hierarchical Storage Management
> -Data migration in the case of a failure
Policy management and associated QOS is an area that is not well understood,
not
really implemented in any real way and is an important area that could
be worked
on. It doesn't pertain specifically to CIM/WBEM, but CIM does have the
notion of
a CIM_Service object which could be extended to incorporate this policy
management area.
Other specific areas for research involving CIM/WBEM are:
1. Building a distributed CIM object manager (CIMOM). Currently, all
specifications and implementations of the are single host only. Any
data
gathering has to be done on per host basis and then coalesced for a
LAN/WAN
environment. The need for a distributed CIMOM specification and implementation
is really large.
2. The current WBEM client interface for Solaris is in Java. There
is a strong
need for a client interface that is implemented in C. The Solaris CIMOM
is
written in Java for Solaris 8 and 9 so this would have to be considered
in this
specification and implementation. However, there are C CIMOMs out there
now.
Check out http://sourceforge.net/projects/wbemsource/ for WBEM open
source
projects.
3. All of the ones included in Dr. Chow's original email that I sent
to him
earlier this summer are open for research topics.
4. Figuring out how to make the WBEM/CIM infrastructure be able to
reside in an
embedded device, or run at boot time for an OS. One of the biggest problems
currently with the existing WBEM/CIM implementations is that they are
too big.
This renders it pretty much useless at boot time for most OSs and certainly
prohibits its use in embedded or RT OS environments.
We have developed an Autonomous Anti-DDOS (A2D2) testbed for developing efficient network security technqiues. Existing intrusion detection software packages such snort and firewall are not well integrated. We are interested in developing better techniques that can tolerate network intrusion and systems that are easy to configure/manage.
"Some ideas that
come to mind are something like the OpenCA project to develop a open foundation
like what Verisign does, the ECC-IAIK from the Univeristy of Darmstadt looks
good, and coming up with a product like SiteMinder is good idea. SiteMinder
is an Enterprise wide Security project." suggested by Rich Helton,
an outstanding graduate of ours and the author of "Java Security Solutions".
OPNET has donated their Modeler and IT DecisionGuru packages for our network/protocol research. It can be used in construction and evaluating designs in the above projects.
More to come...
Wednesday 12/8/2004
Wednesday 12/10/2003
Wednesday 12/11/2002