1 / 29

Safe and secure control of VLBI stations from remote

Safe and secure control of VLBI stations from remote. Alexander Neidhardt (FESG, TUM) neidhardt@fs.wettzell.de. Martin Ettl (FESG/ MPIfR ), Jim Lovell (UTAS), Walter Alef ( MPIfR ), Ed Himwich (NASA/GSFC), Christopher Beaudoin (MIT- Haystack ),

bardia
Download Presentation

Safe and secure control of VLBI stations from remote

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Safe and secure control of VLBI stations from remote Alexander Neidhardt (FESG, TUM) neidhardt@fs.wettzell.de Martin Ettl (FESG/MPIfR), Jim Lovell (UTAS), Walter Alef (MPIfR), Ed Himwich (NASA/GSFC), Christopher Beaudoin (MIT-Haystack), Christian Plötz (BKG), Arpad Szomoru (JIVE), Matthias Mühlbauer (BKG),

  2. Geodetic Observatory Wettzell

  3. The ideasbehind …

  4. The ideasbehind … Local - Standard operations - Local operator

  5. The ideasbehind … Internet Local Remote - Standard operations - Local operator - Check system states from everywhere at the observatory - Tele-working - Remote assistance and diagnostics - Control very remote, inaccessible telescopes

  6. The ideasbehind … Internet Internet Local Remote Shared - Standard operations - Local operator - Check system states from everywhere at the observatory - Tele-working - Remote assistance and diagnostics - Control very remote, inaccessible telescopes - Save, passive data live monitoring - Dedicated control access by responsible person - Shared access from different observatories - Shared night shifts

  7. The ideasbehind … Internet Internet Local Remote Shared Unattended - Standard operations - Local operator - Check system states from everywhere at the observatory - Tele-working - Remote assistance and diagnostics - Control very remote, inaccessible telescopes - Save, passive data live monitoring - Dedicated control access by responsible person - Shared access from different observatories - Shared night shifts - Observations run autonomous, (semi-) automated and unattended

  8. The ideasbehind … NEXPReS NovelEXplorationsPushing Robust e-VLBI Services

  9. NEXPReS WP5/Task 3: Continuous quality monitoring & Station Remote Control Novel EXplorations Pushing Robust e-VLBI Services • three-year project from July 2010 to June 2013 • with the goal to develop future e-VLBI services of the European VLBI Network (EVN) and to • use e-VLBI for each astronomical observation of the EVN • cooperation of 15 astronomical institutes and National Research and Education Network (NREN) providers • funded by the European Union's Seventh Framework Programme as e‑Infrastructure project • with the four technical main activities: • - Cloud Correlation • - Dynamically Provisioned Network Resources • - Computing in a Shared Infrastructure • - Provisioning High-Bandwidth, High-Capacity Networked Storage WP5/Task 3: (TUM, MPIfR, JIVE) • identify and re-act on observation failures in near real-time • improve diagnostics • allow direct (read) access to the field system control parameters • extend the capabilities of the NASA Field System with - a secure remote control (authentication, authorization, operator roles) and - system monitoring

  10. NEXPReS WP5/Task 3: Continuous quality monitoring & Station Remote Control _ July 1st now

  11. The ideasbehind … NEXPReS NovelEXplorationsPushing Robust e-VLBI Services The solution: e-RemoteCtrl

  12. The solution: e-RemoteCtrl

  13. The solution: e-RemoteCtrl Linux User Credentials wxWidgets System Monitoring Software generator idl2rpc.pl e-RemoteCtrl Wettzell Software Toolbox (well testedmodules & components)

  14. The ideasbehind … NEXPReS NovelEXplorationsPushing Robust e-VLBI Services The solution: e-RemoteCtrl Security

  15. Security rbash sshbroker Tunneled e-RemoteCtrl Wettzell Software Toolbox (well tested modules & components)

  16. Security SSH-Broker configuration (passwords are AES encrypted)

  17. Security User role management with authentication and authorization Static Roles Dynamic Roles Observer Notifier Notifier Currently not used Scheduler Number of users Rolechange Agent User rights Operator Operator Supervisor Operator Superuser Read Chat Schedule (drudg) Adapt (attenuation) Control System change

  18. Security Role change as three-way-handshake (1) Step 1: REQUEST Push role change button User 1 Server User 2 esu (superuser) eoper (notifier) Send role change request to server Verify request Reply OK/NOK Inform active operators about request Step 2: CONFIRM Accept role change Verify request Reply OK/NOK Inform requestor about accept Confirm role change Verify request Reply OK/NOK Change active operator Inform requestor about change

  19. Security Role change as three-way-handshake (2) Step 1: REQUEST Push role change button User 1 Server User 2 esu (superuser) eoper (notifier) Send role change request to server Step 2: ACCEPT Verify request Reply OK/NOK Inform active operators about request Accept role change Verify request Reply OK/NOK Inform requestor about accept Confirm role change Verify request Reply OK/NOK Change active operator Inform requestor about change

  20. Security Role change as three-way-handshake (3) Step 1: REQUEST Push role change button User 1 Server User 2 esu (superuser) eoper (notifier) Send role change request to server Step 2: ACCEPT Verify request Reply OK/NOK Inform active operators about request Step 3: CONFIRM Accept role change Verify request Reply OK/NOK Inform requestor about accept Confirm role change Verify request Reply OK/NOK Change active operator Inform requestor about change

  21. Security Role change as three-way-handshake (3) Step 1: REQUEST Push role change button User 1 Server User 2 esu (superuser) eoper (notifier) Send role change request to server Step 2: ACCEPT Verify request Reply OK/NOK Inform active operators about request Step 3: CONFIRM Accept role change Verify request Reply OK/NOK Inform requestor about accept Confirm role change Verify request Reply OK/NOK Change active operator Inform requestor about change esu (superuser) eoper (operator) esusuperuser eoperoperator

  22. The ideasbehind … NEXPReS NovelEXplorationsPushing Robust e-VLBI Services The solution: e-RemoteCtrl Security Features

  23. Features Main window Mark 5 capacity Status monitor Logging System temperatures Command input Chat Connection status Connection information

  24. Features Checklists

  25. Data forscience andanalysis Data for system operations Data for diagnosis Features Station specific system monitoring (HTML or plain text) MCI

  26. Features Parallel control of several telescopes Acknowledgements to Jim Lovell, UTAS for his support of the project, the access to the AuScopesystems and the usage of the software.

  27. The ideasbehind … NEXPReS NovelEXplorationsPushing Robust e-VLBI Services The solution: e-RemoteCtrl Security Features Test bedand e-RemoteCtrlnetwork

  28. Test bedand e-RemoteCtrlnetwork Tele-working Remote control on site NyAlesund Hartebeesthoek regularusage

  29. Thank you The softwareisavailable on the Web pagehttp://www.econtrol-software.de See also our demo today!!!

More Related