| Popis: |
There is a new trend emerging across university campuses to deploy Science DMZs (demilitarized zones) to support science drivers that involve for e.g., data-intensive applications needing access to remote instrumentation or public cloud resources. Using advanced technologies such as “multi-domain” software-defined networking, zero-copy RDMA data transfers, active measurements and federated identity/access - accelerated flows are starting to be setup from Science DMZs over wide-area overlay networks, by-passing traditional campus firewalls. In this paper, we present a “campus Science DMZ reference architecture” for adaptively managing host-to-host accelerated flows of multiple researchers over wide-area overlay networks with shared underlay infrastructure components. We discuss our novel approaches in handling challenges of policy specification, security enforcement, and performance engineering within Science DMZs to support diverse accelerated flows on a scalable/extensible basis. Lastly, we present a multi-disciplinary case study of a bioinformatics science driver application in a double-ended campus Science DMZ testbed. Our case study illustrates how our reference architecture can enable new “High-Throughput Computing services” that improve remote accessibility and peer-collaboration of data-intensive science users, and simplify related operations/management for campus network service providers. |
