Collapsar: A VMBased Architecture for Network Attack Detention Center

1
ACM Multimedia 2004
Towards an Integrated Multimedia Service Hosting
Overlay Dongyan Xu, Xuxian JiangDepartment
of Computer Sciences Center for Education and
Research in Information Assurance and Security
(CERIAS) Purdue University
2
Outline

• Motivation
• MSODA architecture
• MSODA components
• Virtualization of service hosting overlay
• Related work
• Conclusions

3
Motivation

• Proliferation of value-added and function-rich
  media services
• Pervasive media sources live cam, TV, radio
• Content-based processing tracking, enhancement,
  mix-reality
• User-specific media service composition
• Surveillance cams ? image recognition ? scene
  correlation
• Home video ? jitter elimination ? music mixing ?
  mixed-reality rendering

4
Motivation

• Service oriented architectures
• Users dont have to know
• Service implementation details
• Service instance locations
• Service-level routing decisions
• Service providers have more flexibility in
• Implementation
• Deployment strategy placement, replication,
  migration, resource scaling, coalition
• Management upgrade, troubleshooting, recovery

5
Motivation

• Service providers meet service host

Service providers Have no infrastructure For
deployment
Service host (e.g. Yahoo, MSN) Needs rich
services to serve customers
A service-oriented marketplace Hosts a large
variety of media services for customer access
and composition
6
Challenges

• Decoupling service management from hosting
  platform management
• Isolating management of different media services
• Protecting hosting platform from untrusted media
  services
• Enabling agile media service workflow
  optimization
• On-demand service capacity scaling
• Service instance replication and re-location

7
Our Solution MSODA (Media Service On-Demand
Architecture)

• Infrastructure MSODA hosts in wide-area network
• Media service instances virtual machines in
  MSODA hosts
• Media service cloud virtual network of service
  instances
• Service gateways edges of service cloud and
  interface to customers

8
MSODA Architecture
Service Instance (VM)
MSODA host
Service gateway
9
MSODA Host

• Two-level architecture
• Host
• Virtual machines
• Host domain MSODA daemons
• Resource allocation
• Network monitoring
• Traffic tunneling
• Service routing

S1
S2
Guest OS
Guest OS
MSODA daemons
Host OS
An MSODA host
10
MSODA Gateway

• Interface to service clients
• Service composition
• Service configuration
• Edge of service cloud
• Bridging service instances (virtual machines) to
  client machines limited and controlled access

Client
Service instance (VM)
MSODA gateway
11
MSODA Gateway

• Service composition and configuration
• User-centric customization
• Resource conservation

S1
S2
512Kbps
S2
256Kbps
256Kbps
12
Media Service Cloud

• A virtual network of service instances (VMs)
• Based on network virtualization technique
  (VIOLIN)
• VN for VMs
• Using MSODA hosts as underlying carrier (layer-2
  on UDP)
• Emulating advanced network protocols (e.g., IP
  multicast)
• IP-compliant, with its IP address space
• Isolation from underlying Internet

13
Media Service Cloud

• Advantages
• Protection of MSODA infrastructure
• Service traffic volume control
• Service instance reachability control
• Decoupling of
• Media service function (by service developer)
• Service provisioning and composition mechanisms
  (by MSODA developer)

14
Media Service Cloud

• Multicast and anycast group for each media
  service
• Multicast group convenient service management
  (e.g., asking all instances of a service to
  report current load/QoS/most popular content)
• Anycast group service composition routing (e.g.,
  specifying the next service in the service
  delivery workflow)
• Simple APIs for easy media service implementation
• Actual operations performed by underlying MSODA
  hosts

15
Media Service Cloud

• Dynamic service cloud evolution
• Service instance resource scaling
• Service instance replication
• Service instance re-location

S1
S1
S1
S2
S2
S2
Service instance replication
Resource scaling
Time
16
MSODA Prototype

• Service instances (VMs) enabled by User-Mode
  Linux (UML)
• Service cloud (virtual network) enabled by VIOLIN
• Acceptable network performance degradation
• Automatic service instance creation and
  re-location
• Centralized computation of service delivery paths
• Local and wide-area (PlanetLab-based) testbeds
• Virtual private Grids for dynamic scientific
  applications

17
Related Work

• Service composition frameworks
• Ninja, SAHARA, CANS, SPY-Net, SpiderNet
• Service overlay networks
• SOI (Service-Oriented Internet)
• Opus (Overlay Peer Utility Service)
• Overlay networking
• RON, OverQoS, Narada, Overcast, I3
• Resource virtualization
• Virtual machine Denali, VMware, UML, Xen
• Virtual network VNET, VIOLIN
• Virtual environment In-VIGO

18
Conclusions

• MSODA an integrated media service hosting
  platform for service composition
• Virtual machine as granularity for service
  instance management and manipulation
• Virtual service cloud network
• Platform-independent media service development
  and management
• Maximum manipulability for dynamic service
  instance scaling, replication, and re-location
• Strong protection of MSODA platform from
  untrusted media services/clients

19
Thank you.
For more information Email dxu,
jiangx_at_cs.purdue.edu URL www.cs.purdue.edu/dxu
Google Purdue SODA friends