Jiří Denemark

High-definition multimedia for multiparty low-latency interactive communication

We describe a high-quality collaborative environment that uses High-Definition (HD) video to achieve near realistic perception of a remote site. The capture part, consisting of a HD camera, Centaurus HD-SDI capture card, and UltraGrid software, produces a 1.5 Gbps UDP data stream of uncompressed HD video that is transferred over a 10GE network interface to the high-speed IP network. The HD video stream displaying uses either a software-based solution with color depth down-sampling and field de-interlacing, or another Centaurus card. Data distribution to individual participants of the videoconference is achieved using a user-controlled UDP packet reflector based on the Active Element idea. The viability of this system has been demonstrated at the iGrid 2005 conference for a three-way high quality videoconference among sites in the Czech Republic, Louisiana, and California.

User-Empowered Programmable Network Support for Collaborative Environment

We introduce a user-empowered UDP packet reflector to create virtual multicasting environments as an overlay on top of current unicast networks. The end-users’ ability to fully control this environment by a specific communication protocol is the main advantage of our approach. Serializing the parallel communication schema for group communication allows us to introduce special features that are possible in unicast communication only. Similar to working with programmable routers, users can submit their own modules, which can be linked into the reflector and perform user-specific operations (filtering, transcoding etc.). The reflector is the basic element of the overlay network support for the user-empowered group communication in collaborative environments.

User Management for Virtual Organizations

Scalable and fine-grained Grid authorization requires moving away from a gridmapfile based access control and 1-to-l mappings to individual OS user accounts. This is recognized and addressed to by virtual organization (VO) authorization services, e. g. VOMS/LCAS and CAS. They, however, do not address user OS account management and isolation/sandboxing requirements, such as flexible pooling of accounts while maintaining auditing records. This paper describes some existing systems for user management for VOs and provides a list of requirements for a new user management system on which our current research is focused on.

Virtual environments: framework for virtualized resource access in the grid

To assure secure access to any computer resources one must provide an adequate level of authentication, authorization job isolation and possibility of auditing user actions. In the grid environment that comprises a large number of users and resources in different administrative domains, these features are challenging. Grid economy and accounting related to it are becoming more and more important in an emerging aspect of grid commercialization. Also, the requirements of the users and administrators are becoming more and more sophisticated: checkpointing and migration of jobs, detailed software requirements, quality of service, collaborative work, and load balancing, to name a few. Virtualization techniques, nowadays more and more matured and advanced, seem to help solve the above-mentioned problems. In the present paper we discuss some of these techniques as well as existing solutions and then propose a framework for Virtual Environments. The framework focuses on resource access control, but the benefits of virtualization are wider.

Best practices of user account management with virtual organization based access to grid

Scalable and fine-grained Grid authorization requires the move away from gridmap-file based access control and 1-to-1 mappings to individual operating system user accounts. This is recognized and addressed by virtual organization authorization services and user management systems e. g. Virtual Organization Membership Service (VOMS), Local Centre Authorization System (LCAS), Local Credential MAPping Service (LCMAPS) and Community Authorization Service (CAS). They do, however, not address user operating system account management and isolation/sandboxing requirements, such as flexible pooling of accounts while maintaining auditing records. In this paper we compare existing systems which solve the above shortcomings and are currently used in real production grids.