5/7/2002

Vidmid-vc: Middleware forVideo Conferencing ServicesEgon Verharen, SURFnet

Vidmid-vc chair

•Middleware•Vidmid VC

•History, Scope, Status, Authentication & Authorization, Object classes and dir.services, Resource discovery

5/7/2002 Internet2 Spring member meeting 2002, http://middleware.internet2.edu/video/ 2

Background

•Why• Collaboration does not know boundaries

• Services coming your way

• Shared need & interest

•Formed in spring 2001• Spent some time naming and scoping

•Critical insight and momentum from ViDe & Internet2 Middleware (MACE & Shibboleth) leaders

•Focus on videoconferencing and video-on-demand for their middleware requirements

•Component of NSF Middleware Initiative (NMI)• NMI-EDIT http://www.nmi-edit.org/

5/7/2002 Internet2 Spring member meeting 2002, http://middleware.internet2.edu/video/ 3

Middleware and federated administrations

• Middleware• It’s not the network, it’s not applications, it’s the stuff nobody wants to do

•Stuff• Identification (“who are you?”)

• Authentication (“prove me who you are”)

• Authorization (“I tell you want you can do”)

• Directory services (where the info is stored)

• Security

•Federated Administration• Virtual organisations/Communities of interest

• Trust-based connection between (local) security domains

– Higher ed

5/7/2002 Internet2 Spring member meeting 2002, http://middleware.internet2.edu/video/ 4

Where are we ?

H.323, S

IP,

mu

lticast too

ls

5/7/2002 Internet2 Spring member meeting 2002, http://middleware.internet2.edu/video/ 5

Vidmid in id-world

Campus authentication Enterprise directory

Web services and

servers

WebISO

Learning Management

Systems PersonalPortals

Objectclassstandards

(e.g.eduperson,gridperson)

ContentPortals

Shibbolethexchange of

attributes

FuturePKI

DoDHEet al.

Future PKI

Interrealm

Security Domain

Gridset al.

5/7/2002 Internet2 Spring member meeting 2002, http://middleware.internet2.edu/video/ 6

Vidmid VideoConferencing

Goals:• Enable authenticated and authorized call setup• Work out architectural issues

– Id, Authnz, Dir. + Resource discovery, security/PKI (for encryption, authentication, signing)

– Both intra- and interrealm

• Identify infrastructure to support interrealm community video

– H.323, SIP, VRVS/AG (multicast)• Instigate client/gw development• foster interoperability at identifier, security and video

stream levels– Engage industry players

5/7/2002 Internet2 Spring member meeting 2002, http://middleware.internet2.edu/video/ 7

Vidmid VC status

•Prioritized Workplan• from vidmid-vc workshop @ UNC, nov. 2001

•Deliverables:• Scenario’s• Object Classes & Directory services

–Video-app directory –ITU standard–Implementation: directory of video-directories

• Resource discovery whitepaper–Where to find the objects & services

• Users, endpoints, gatekeepers/proxies/registries, dialing instructs, MCUs, gateways, …

5/7/2002 Internet2 Spring member meeting 2002, http://middleware.internet2.edu/video/ 8

Enterprise Directory

User datacn.commURI

Gatekeeper

Local endpoint tables

Figure 1. Relationship of H323 LDAP components

h323 LDAP Server

commObject data.commUniqueId commOwner

5/7/2002 Internet2 Spring member meeting 2002, http://middleware.internet2.edu/video/ 9

Vidmid VC status, deliverables

• Framework of requirements, thread models and security services

• Flows and architecture for (inter-realm) authentication and authorization

– Conferencing attributes– endpoint authentication– datastream protection

• Testbeds– SIP– H323– interdomain– international

5/7/2002 Internet2 Spring member meeting 2002, http://middleware.internet2.edu/video/ 10

A&A call setup

EP EP

auth auth1

GK/proxy server GK/proxy server

2reg.

autz

3

Ent.p.autz

?Shibb?

4

5

autz

6

Ent.p.autz

7

8:OKmedia9

1a & 2a

5/7/2002 Internet2 Spring member meeting 2002, http://middleware.internet2.edu/video/ 11

Summary

•Vidmid on speed

•Deliverables ready• Object classes• White paper on resource discovery, authnz

•Near Future• SIP clients• Directory testbed

•Prepare• And join

5/7/2002 Internet2 Spring member meeting 2002, http://middleware.internet2.edu/video/ 12

Background info, URLs & docs

•Vidmid website• http://middleware.internet2.edu/video/

•Workplan vidmid-vc• http://middleware.internet2.edu/video/VidMid-VC-workplan-12-February-2002.html

•Scenario’s (Art Vandenberg GSU, Mary Fran Yafchak SURA, EV)• http://middleware.internet2.edu/video/draft-internet2-vidmid-vc-scenarios-02.html

•Object Classes & Directory services (Tyler Johnson UNC, RadVision)• http://middleware.internet2.edu/video/draft-nmi-commObjectDefinition-00.doc• http://middleware.internet2.edu/video/draft-nmi-commObjectWhitePaper-00.doc

•Resource discovery whitepaper (Art Vandenberg, GSU)• http://middleware.internet2.edu/video/draft-internet2-vidmid-vc-resource-discovery-01.txt

•Directory of video-directories (ViDeNet)• http://videnet.unc.edu/vide-dod/index.phtml

5/7/2002 Internet2 Spring member meeting 2002, http://middleware.internet2.edu/video/ 13

Other joint research

• Networking– QoS for digvid applications (TF-NGN, I2 QoS)– Network analysis and simulation tools (TF-NGN, VideNet Scout,

I2 e2e)– High-reliability architectures (TF-STREAM)– Multicast address space management (Geant)– IPv6 (6net wp’s)

• Middleware– Globally-scaleable H.323 number/dial plan & update (TF-

STREAM, ViDe NASM)– Inter-gatekeeper communication (ViDeNet)– Security and authentication (I2 vidmid)– Directory services (I2 vidmid, ViDeNet, TF-LSD)

5/7/2002 Internet2 Spring member meeting 2002, http://middleware.internet2.edu/video/ 14

Areas for Joint R&D

• Videoconferencing– Gateway development (I2 Commons)

• VRVS, AccessGrid (see next pres), MPEG-2, MJPEG– SIP & VoIP (many, vidmid, TERENA?)

– Integration alternative media streams (I2, AccessGrid)

• e.g. MPEG-4 & HDTV & MJPEG)– Data collaboration tools (ViDe, AccessGrid)

– (Semi)Automated scheduling (VRVS, AccessGrid, …)