Collaboratory R/D Activities: Members of the UM High Energy Physics program have been actively involved in r/d activities associated with the use of collaboratory tools in support of globally distributed research projects such as ATLAS. These efforts are being coordinated by the UM ATLAS Collaboratory Project, presently headed by Homer Neal. Some of the projects currently underway include the development of special software tools to permit the recording and playback of content-rich materials via the web. We see applications for such capabilities in the sharing of information as we collaboratively develop subsystems for the experiment and in the training of our students in ATLAS-specific tasks. As a testbed for our current tools we are archiving on the web talks given in the prestigious CERN Summer Student Program. While this activity provides a service to many individuals who are interested in these talks, it also provides feedback on various software products we have developed for high quality, content-rich, web-based archiving. We archived the 1999 Summer Lectures using the package Syncomat developed by Charles Severance of the University of Michigan Media Union and have made them available via the web. We initiated the creation of the CERN web projects page, have installed the lecture archives on a CERN server, and have also assisted with the addition of several other LHC software-related lectures. CERN is now moving to institutionalize the coverage of such events through its Technical Training Office, and gives us credit for making it possible for it to do so. With the support of USATLAS, which has provided $25,000 in funding, we are embarked on a pilot project examining the use of web-based archiving as a way of providing software training to physicist in the ATLAS collaboration. In particular, we are facilitating the recording of some 20 lectures by Andrea dell 'Acqua, ATLAS Simulation Coordinator, on GEANT4 in ATLAS. It is estimated that approximately 80% of the 2000 members in the collaboration will find these lectures to be helpful. Pending an evaluation of the effectiveness of the GEANT4 lectures, we would be expected to assist with lectures targeted to other topics relevant to ATLAS software. In addition to the above, we have played a lead role in forming a collaboration that will focus on advancing networking technology in support experiments such as ATLAS. In particular, we are currently developing a proposal involving Internet2, CERN, Merit, Argonne National Laboratory and the University of Michigan , to develop bandwidth broker applications to permit the implementation of Quality-of-Service (QoS). The ramifications of this work are large, including an expected unique contribution to current networking technology. It will also have a direct impact on priority network access within our campus and between U.S. sites and CERN. We note also that our informal efforts have already helped facilitate the joining of UCAID by CERN and the connection of CERN into STARTAP. We feel that the r/d involvement of CERN with Internet2 will be beneficial to all groups. Details of a current proposal are provided below: PROPOSAL FOR A UMICH/CERN AUTHENTICATED QOS Research Participants, University of Michigan: William A. (Andy) Adamson, Assistant Director, Center for Information Technology Integration (CITI) Robert C. Ball, Senior Engineering Research Associate, Department of Physics Shawn P. McKee, Assistant Research Scientist, Physics Department Homer A. Neal, Director, UM ATLAS Collaboratory Project, Samuel A. Goudsmit Professor of Physics Jeffrey C. Ogden, UM Internet2 Coordinator, Associate Director, Merit Network Victor K. Wong, Academic Liaison and Director, IT for Research, Office of the CIO INTRODUCTION We propose a research and development project that will, for the first time, advance the state of the art for practical deployment of distributed applications that rely on quality-of-service (QoS) guarantees from the network infrastructure. Although the architectural specifications of QoS reservations are still being developed, it is critical that the initiation of R/D in this area begin immediately to address the issues of authentication and authorization. We propose development of a distributed application that requests network resources from a local bandwidth broker (BB), which in turn forwards the request through the BB infrastructure to the BB in the destination network. Before authorizing a resource request, BBs authenticate the requester, based on the presentation of public key (PK) credentials. We propose to base BB authorization on the Akenti Authorization Service, which inspects the requester's PK credentials and matches her resource usage requirements with a policy statement. Our effort will implement this architecture to inter-operate with existing standard protocols and services, and will provide a demonstration of a distributed, resource-controlled application running between the University of Michigan in Ann Arbor (UMICH) and the European Organization for Nuclear Research in Geneva (CERN). The large-scale, international ATLAS high energy physics research project, being conducted in a massively distributed environment, will be used as the test-bed. PROJECT OVERVIEW We propose constructing the minimal network and security infrastructure configuration needed to: 1. demonstrate bandwidth broker to bandwidth broker communication, and the ability to reserve network resources in a remote realm, and 2. demonstrate authorization of remote network resources based on X509 credentials and Akenti attributes. We will then add this secure QoS reservation ability to CITI's (Center for Information Technology Integration) extensions to VIC and VAT, the Mbone video and audio applications, and demonstrate with audio and video, secure and authenticated reservation of QoS resources between remote realms. Because this is an early demonstration project, there will still be significant hands-on router configuration on the network infrastructure not controlled by participating bandwidth brokers. The results of this project will help to determine whether it will be useful to proceed with the development of an application API. The full research proposal for the activities to be managed at CITI is attached to this proposal, and is also available on the web at: http://www.citi.umich.edu/u/andros/UM-CERN_qos_proposal.htm. PROJECT PARTNERS Researchers from the following organizations are dedicating effort to this project: * Argonne National Laboratory * Center for Information Technology Integration (CITI) * Department of Physics * European Organization for Nuclear Research (CERN) * Merit, Inc. * University Corporation for Advanced Internet Development (UCAID) / Internet2 The bulk of the project will be managed by Andy Adamson in CITI. Homer Neal and two research scientists in Physics, Bob Ball and Shawn McKee, will work in the later phases of the project when Physics provides the real-world test-bed using an actual video application on the connection between UM and CERN. (It is anticipated that ITCom will provide QoS on their part of the path and work with Physics to ensure that one building network is ready.) Jeff Ogden, Merit and ITD, has committed personnel who will implement QoS within the Michigan GigaPoP and coordinate work with the UM on one end and UCAID/Abilene on the other. We anticipate that Linda Winkler of Argonne National Laboratory will provide a BB implementation to be used, will test the authorization payload in Argonne's BB testbed, and will run an authorization-enabled BB in the final phase of the project for the connection between UM Physics and CERN. Ted Hanss, UCAID/Internet2, has committed personnel who will describe the Internet2 connection between UMICH and CERN and the means by which a diffserv-enabled connection between UMICH and CERN can be established. In addition, they have requested external funds for this project in a recent request to the NSF. Should this funding become available, it will be used to reduce the funding commitment at UM. Olivier Martin, head of the CERN networking group, has committed personnel who will install CITI's authentication and authorization services. CERN will provide any necessary equipment and personnel to do the real-world test with UM Physics in the later phases of the project. One full-time Graduate Student Research Assistant will be hired for this project. In addition, there will be undergraduate students from Physics involved in the later phases of the project. ADVANTAGES OF UM'S INVOLVEMENT We believe that UM is singularly well-suited to carry out the proposed project. UM is one of the largest and most comprehensive research universities in the US, and one of only a handful of universities with targeted programs in collaborative studies. UM is also nationally recognized as one of the most innovative in linking undergraduate education and research (RAIRE Award, UROP Program), and one with faculty talent that has demonstrated its capability to develop nationwide networks (NSFNET) and Internet browsers (Mosaic). UM is closely affiliated with consortia developing the next generation Internet (UCAID-Internet2, ALLIANCE). Finally, the fact that we are engaging the challenges of collaboratory studies at CERN - where the World Wide Web was first developed - positions us to carry out the planned R/D in an almost ideal setting. STRONG HIGH ENERGY PHYSICS TEAM AT MICHIGAN Members of the Michigan High Energy Physics Group are centrally involved in a variety of key phases of the ATLAS experiment, ranging from the prototyping, construction and commissioning of a significant portion of the muon spectrometer, responsibility for the overall muon database and the muon system trigger electronics, key portions of the collaboration's software training initiatives, the experiment's trigger database design, and several analysis projects. These require the ability to communicate regularly with other members of the collaboration, to communicate using sophisticated shared applications, as well as with dispersed students, faculty and scientists in the Michigan group itself. Advances in networking protocols are necessary to further this research. ABILITY TO IMPACT UNDERGRADUATE EDUCATION Michigan also shares responsibility for the NSF REU (Research Experiences for Undergraduates) program at CERN in which, for the first time, U.S. students are fully participating in the prestigious CERN Summer Student Program. In the future, this link to undergraduate education will provide special opportunities to involve motivated students to help test various new distance learning paradigms in the context of an advanced, high bandwidth, QoS environment. The results will ultimately improve and enhance networking for all university students. DEVELOPMENT OF NETWORKING EXPERTISE AT UM The development of in-house expertise in the area of QoS and advanced networking strategies will strengthen UM's ability to attract the very best information technology faculty, students and staff. Additionally, this project continues moving UM's network infrastructure in the direction necessary to handle future demand for the resources, and works to solve the difficult authentication and security issues that plague the current network. ABILITY TO ATTRACT EXTERNAL FUNDING The strong group of researchers committed to this project plan to move forward with an implementation proposal to the NSF Infrastructure and Technology Research (ITR) program during the next solicitation (estimated submission in early 2001). The ability to demonstrate the University's commitment to this research through this seed grant will strengthen our opportunity to attract external funding for this project. IMPACT ON UM COMMUNITY It is the nature of modern science that complex problems must be tackled across universities, industries and other organizations. While this current project focuses on the needs of the ATLAS collaborators in the Department of Physics, there are other groups on campus that will directly benefit from the results of this research. Some examples include the SPARC (Space, Physics and Aeronomy Research Collaboratory) Project, the Visible Human Project and the Great Lakes Center for AIDS Research. These projects, like ATLAS or any other project that must cross organizational boundaries, also face challenges with regard to authentication and security, as well as difficulties in online communication and shared workspace. Although this work is focused on communication/collaboration between UM Physics and CERN, this project offers the opportunity for UM to get started on QoS for each of the networks/segments/domains. This real-world project is a good way to experiment and gain the technical experience and expertise that will be required in the long run. Success will benefit more than just UM Physics or CERN. Finally, no matter how much bandwidth is available to the UM community, there will be issues related to the allocation of these resources to the highest priorities. At present, these priorities compete equally with all other uses of network bandwidth (like MP3 downloads). Advances in reservation, authentication and security will give UM the head-start necessary to address the allocation issue before it becomes a crisis. CONCLUSION We plan to initiate a set of carefully planned measurements that, in concert with the growth in bandwidth and the advent of the new bandwidth reservation technologies, will extend the power of the Internet to facilitate large-scale collaborative efforts. The impact of these studies should be felt in numerous areas well beyond the scientific project being used as the initial test-bed. We propose to carry out this work employing, symbolically and in reality, a transatlantic bridge that, on each end, will have an exceptionally talented group of researchers committed to its success. By tightly coupling our R/D with targeted applications, we intend to make sure that the technological advances we develop will indeed promote the scientific collaborative process and help lay the groundwork for university scientists being able to continue to contribute to cutting edge scientific research at a very high level, even though they, their colleagues and their students will be increasingly separated by the dispersed nature of future large-scale research facilities.