Jeroen van der Ham | University of Amsterdam (original) (raw)
Papers by Jeroen van der Ham
2014 Ieee Security and Privacy Workshops, May 17, 2014
ABSTRACT As an outcome of a seminar on the ’Ethics in Data Sharing’, we sketch a model of best pr... more ABSTRACT As an outcome of a seminar on the ’Ethics in Data Sharing’, we sketch a model of best practice for sharing data in research. We illustrate this model with two current and timely real-life cases from the context of computer and network security.
The goal of this paper was to look into the state of the art of (automatic) distribution of servi... more The goal of this paper was to look into the state of the art of (automatic) distribution of services in peer-to-peer environments. When writing this paper, it became apparent that this is currently not possible, so this article looks at the state of the art techniques in peer-to-peer and grid computing and how these worlds (are going to) interact, as this seems the most likely research area where the distribution of services is going to be realized.
IEEE Communications Magazine, 2015
ABSTRACT This article presents the design and pilot implementation of a suite of intelligent meth... more ABSTRACT This article presents the design and pilot implementation of a suite of intelligent methods, algorithms, and tools for federating heterogeneous experimental platforms (domains) toward a holistic Future Internet experimentation ecosystem. The proposed framework developed within the NOVI research and experimentation European collaborative effort, aims at providing a modular data, control, and management plane architecture that includes: an information model capturing the abstractions of virtualized resources residing in different yet interworking experimental platforms; resource mapping algorithms tackling the inter-domain virtual network embedding problem; mechanisms providing interoperability of monitoring tools; policy-based management services for role-based intra and inter-domain management policies; and dataplane stitching mechanisms to enable the composition of user-specific slices (baskets of virtual resources drawn from the federated substrate). The NOVI framework was deployed and validated in a combined testbed consisting of two dissimilar platforms: a private PlanetLab domain with resources interconnected over the public Internet; and FEDERICA, an infrastructure of virtual resources interconnected via dedicated networking facilities of European National Research and Education Networks and GÉANT. This pre-normative work is expected to contribute to bridging Future Internet experimental federations with interconnected cloud architectures and interworked public/private data-centers, adding value via its intelligent services, information models, and composite algorithms.
This article provides a taxonomy of current and past network modeling efforts. In all these effor... more This article provides a taxonomy of current and past network modeling efforts. In all these efforts over the last few years we see a trend towards not only describing the network, but connected devices as well. This is especially current given the many Future Internet projects, which are combining different models, and resources in order to provide complete virtual infrastructures to users. An important mechanism for managing complexity is the creation of an abstract model, a step which has been undertaken in computer networks too. The fact that more and more devices are network capable, coupled with increasing popularity of the Internet, has made computer networks an important focus area for modeling. The large number of connected devices creates an increasing complexity which must be harnessed to keep the networks functioning. Over the years many different models for computer networks have been proposed, and used for different purposes. While for some time the community has moved ...
ABSTRACT This paper presents the concept of Open Cloud eXchange (OCX) that has been proposed by t... more ABSTRACT This paper presents the concept of Open Cloud eXchange (OCX) that has been proposed by the GN3plus JRA1 activity to bridge the gap between two major components of the cloud services provisioning infrastructure: Cloud Service Provider (CSP) infrastructure; and cloud services delivery infrastructure which in many cases requires dedicated local infrastructure and quality of services that cannot be delivered by the public Internet infrastructure. In both cases there is a need for interconnecting the CSP infrastructure and local access network infrastructure, in particular, to solve the "last mile" problem in delivering cloud services to customer locations and individual (end-)users. The OCX remains neutral to actual cloud services provisioning and limits its services to Layer 0 through Layer 2 to remain transparent to current cloud services model. The proposed OCX concept will leverage the existing Internet eXchange (IX) and GLIF Open Lightpath Exchange (GOLE) solutions and practices, adding specific functionality that will simplify inter-CSP and customer infrastructure integration when supporting basic cloud services provisioning models. The presented paper describes the OCX concept, architecture, design and implementation options, and demo scenario being developed by the OCX development team.
Computer Communications, 2015
ABSTRACT Transporting Big Data requires high-speed connections between end-hosts. Research and ed... more ABSTRACT Transporting Big Data requires high-speed connections between end-hosts. Research and educational networks typically are state-of-the-art networks that facilitate such high-speed user-created network connections, possibly spanning multiple domains. However, there are many different high-speed optical data plane standards and implementations, and vendors do not always create compatible data plane implementations. These technology incompatibilities may prevent direct communication between domains and therefore complicate the configuration of connections. However, some domains may have adaptation capabilities that can lift the technology incompatibility constraint in establishing paths between incompatible domains. Within this context, we address two problems, namely: (1) how to model the technology incompatibilities of multi-domain multi-layer networks, and (2) how to optimally establish paths in such networks. We introduce the inclusion of the information of the supported technologies and adaptation capabilities of each domain and inter-domain link in our model. We subsequently propose technology-aware routing algorithms for finding the shortest feasible path in a multi-domain multi-layer network.
2013 IEEE 5th International Conference on Cloud Computing Technology and Science, 2013
This paper presents the concept of Open Cloud eXchange (OCX) that has been proposed to bridge the... more This paper presents the concept of Open Cloud eXchange (OCX) that has been proposed to bridge the gap between two major components of the cloud services provisioning infrastructure: Cloud Service Provider (CSP) infrastructure; and cloud services delivery infrastructure which in many cases requires dedicated local infrastructure and quality of services that cannot be delivered by the public Internet infrastructure. In both cases there is a need for interconnecting the CSP infrastructure and local access network infrastructure, in particular, to solve the "last mile" problem in delivering cloud services to customer locations and individual (end-)users. The OCX remains neutral to actual cloud services provisioning and limit its services to Layer 0 through Layer 2 to remain transparent to current cloud services model. The proposed document identifies the initial set of requirements to OCX, that can be run by NRENs, as a part of the GÉANT network, or jointly, and provides suggestions about OCX implementation. The proposed OCX concept will leverage the existing Internet eXchange (IX) and GLIF Open Lightpath Exchange (GOLE) solutions and practices, adding specific functionality that will simplify inter-CSP and customer infrastructure integration when supporting basic cloud services provisioning models, in particular Trusted Third Party (TTP) services to allow federated infrastructure and access control, commonly used by NRENs. The paper also describes trusted/secured topology exchange protocol and dynamic trust establishment protocol as a part of the OCX services.
2014 IEEE Security and Privacy Workshops, 2014
As an outcome of a seminar on the 'Ethics in Data Sharing', we sketch a model of best practice fo... more As an outcome of a seminar on the 'Ethics in Data Sharing', we sketch a model of best practice for sharing data in research. We illustrate this model with two current and timely real-life cases from the context of computer and network security.
2012 SC Companion: High Performance Computing, Networking Storage and Analysis, 2012
ABSTRACT The recent emergence of advanced network infrastructures for e-Science enables tuning of... more ABSTRACT The recent emergence of advanced network infrastructures for e-Science enables tuning of network performance at the application level. The Network Service Interface (NSI) has been created as a result of collaborative development of network and application engineers primarily associated with the Research and Education (R&E) community. The NSI allows workflow systems not only to check available service points for a workflow engine to schedule executions, but also to reserve and provision network connections among those service points. However, the current NSI services are proposed mainly from the network resource management perspective, which concerns little about the programming model of applications. In this paper we extend our previous system called NEtWork QoS Planner (NEWQoSPlanner) by adding inter domain network resource selection and provisioning using NSI. We will discuss how NEWQoSPlanner invokes network services to achieve dynamic resource optimization for workflows, and how to apply such planner in heterogeneous infrastructures.
2012 Eighth International Conference on Semantics, Knowledge and Grids, 2012
ABSTRACT An emerging modus operandi among providers of cloud infrastructures is the one where the... more ABSTRACT An emerging modus operandi among providers of cloud infrastructures is the one where they share and combine their heterogenous resources to offer end user services tailored to specific scientific and business needs. A challenge to overcome is the discovery of suitable resources among these multiple providers, which all have different resource management policies. We present a novel architecture for distributed resource discovery. Our solution provides inter-operability among heterogeneous resource provider, handles dynamic resources status updates, and supports infrastructure abstraction policies through the use of semantic web technology. We show the applicability of this architecture within the EU-FP7 research project NOVI.
Future Generation Computer Systems, 2014
• Networking innovations over virtualized infrastructures-NOVI federation architecture.
Future Generation Computer Systems, 2013
The NOVI Information Model (IM) and the corresponding data models are the glue between the softwa... more The NOVI Information Model (IM) and the corresponding data models are the glue between the software components in the NOVI Service Layer. The IM enables the communication among the various components of the NOVI Architecture and supports the various functionalities it offers. The NOVI IM consists of three main ontologies: resource, monitoring and policy ontology that have evolved over time to accommodate the emerging requirements of the NOVI architecture. This article presents the NOVI IM and its ontologies, together with an overview of how the NOVI software prototypes have benefitted from using the IM.
Communication will always be an important feature of agents. It allows the agents to exchange kno... more Communication will always be an important feature of agents. It allows the agents to exchange knowledge, but also to cooperate with each other on tasks. This is especially important for agents which are applied on the Internet. However, to make this communication actually work, the agents have to speak and understand the same language.
The goal of this paper was to look into the state of the art of (automatic) distribution of servi... more The goal of this paper was to look into the state of the art of (automatic) distribution of services in peer-to-peer environments. When writing this paper, it became apparent that this is currently not possible, so this article looks at the state of the art techniques in peer-to-peer and grid computing and how these worlds (are going to) interact, as this seems the most likely research area where the distribution of services is going to be realized.
In this report we specify how we translate all the topology information from Open Shortest Path F... more In this report we specify how we translate all the topology information from Open Shortest Path First protocol version 2 (OSPF)[1] Link State Announcements (LSAs) to the syntax of the Network Description Language (NDL) .
Pagina 3 van 41 Inleiding Voor de Bodemprocedure BREIN vs Ziggo / XS4ALL over het blokkeren van T... more Pagina 3 van 41 Inleiding Voor de Bodemprocedure BREIN vs Ziggo / XS4ALL over het blokkeren van The Pirate Bay, zijn door BREIN steekproeven gedaan om de verdeling over Nederlandse IP--adressen vast te stellen van Auteursrechtinbreuken met Bittorrent. In de BREIN Steekproeven werd het aantal Bittorrent-uitwisselaars gemeten voor resp. 4, 50 en 15 courante films, Nederlandstalig dan wel met Nederlandse ondertiteling, waarnaar links ter beschikking werden gesteld op The Pirate Bay.
This report is an extension of THE OSPF translation to NDL . In this report we specify how we tra... more This report is an extension of THE OSPF translation to NDL . In this report we specify how we translate the topology information from Open Shortest Path First protocol version 2 Traffic Engineering (OSPF-TE)[2] Link State Announcements (LSAs) to the syntax of the Network Description Language (NDL) .
The topology descriptions used at Internet2 are provided in an XML format for use in the Dynamic ... more The topology descriptions used at Internet2 are provided in an XML format for use in the Dynamic Circuit Network suite. The topology descriptions developed by the University of Amsterdam is the Network Description Language. In August and September 2009 Jeroen van der Ham worked at Internet2 on the translation of topology descriptions. This report describes some of the findings in creating this translation. SNE technical report SNE-UVA-09-02
The NSI main objective is to provide a unified communication method enabling independent single d... more The NSI main objective is to provide a unified communication method enabling independent single domain resource management tools to collaborate at global scale providing multi-domain services in heterogeneous environments.
2014 Ieee Security and Privacy Workshops, May 17, 2014
ABSTRACT As an outcome of a seminar on the ’Ethics in Data Sharing’, we sketch a model of best pr... more ABSTRACT As an outcome of a seminar on the ’Ethics in Data Sharing’, we sketch a model of best practice for sharing data in research. We illustrate this model with two current and timely real-life cases from the context of computer and network security.
The goal of this paper was to look into the state of the art of (automatic) distribution of servi... more The goal of this paper was to look into the state of the art of (automatic) distribution of services in peer-to-peer environments. When writing this paper, it became apparent that this is currently not possible, so this article looks at the state of the art techniques in peer-to-peer and grid computing and how these worlds (are going to) interact, as this seems the most likely research area where the distribution of services is going to be realized.
IEEE Communications Magazine, 2015
ABSTRACT This article presents the design and pilot implementation of a suite of intelligent meth... more ABSTRACT This article presents the design and pilot implementation of a suite of intelligent methods, algorithms, and tools for federating heterogeneous experimental platforms (domains) toward a holistic Future Internet experimentation ecosystem. The proposed framework developed within the NOVI research and experimentation European collaborative effort, aims at providing a modular data, control, and management plane architecture that includes: an information model capturing the abstractions of virtualized resources residing in different yet interworking experimental platforms; resource mapping algorithms tackling the inter-domain virtual network embedding problem; mechanisms providing interoperability of monitoring tools; policy-based management services for role-based intra and inter-domain management policies; and dataplane stitching mechanisms to enable the composition of user-specific slices (baskets of virtual resources drawn from the federated substrate). The NOVI framework was deployed and validated in a combined testbed consisting of two dissimilar platforms: a private PlanetLab domain with resources interconnected over the public Internet; and FEDERICA, an infrastructure of virtual resources interconnected via dedicated networking facilities of European National Research and Education Networks and GÉANT. This pre-normative work is expected to contribute to bridging Future Internet experimental federations with interconnected cloud architectures and interworked public/private data-centers, adding value via its intelligent services, information models, and composite algorithms.
This article provides a taxonomy of current and past network modeling efforts. In all these effor... more This article provides a taxonomy of current and past network modeling efforts. In all these efforts over the last few years we see a trend towards not only describing the network, but connected devices as well. This is especially current given the many Future Internet projects, which are combining different models, and resources in order to provide complete virtual infrastructures to users. An important mechanism for managing complexity is the creation of an abstract model, a step which has been undertaken in computer networks too. The fact that more and more devices are network capable, coupled with increasing popularity of the Internet, has made computer networks an important focus area for modeling. The large number of connected devices creates an increasing complexity which must be harnessed to keep the networks functioning. Over the years many different models for computer networks have been proposed, and used for different purposes. While for some time the community has moved ...
ABSTRACT This paper presents the concept of Open Cloud eXchange (OCX) that has been proposed by t... more ABSTRACT This paper presents the concept of Open Cloud eXchange (OCX) that has been proposed by the GN3plus JRA1 activity to bridge the gap between two major components of the cloud services provisioning infrastructure: Cloud Service Provider (CSP) infrastructure; and cloud services delivery infrastructure which in many cases requires dedicated local infrastructure and quality of services that cannot be delivered by the public Internet infrastructure. In both cases there is a need for interconnecting the CSP infrastructure and local access network infrastructure, in particular, to solve the "last mile" problem in delivering cloud services to customer locations and individual (end-)users. The OCX remains neutral to actual cloud services provisioning and limits its services to Layer 0 through Layer 2 to remain transparent to current cloud services model. The proposed OCX concept will leverage the existing Internet eXchange (IX) and GLIF Open Lightpath Exchange (GOLE) solutions and practices, adding specific functionality that will simplify inter-CSP and customer infrastructure integration when supporting basic cloud services provisioning models. The presented paper describes the OCX concept, architecture, design and implementation options, and demo scenario being developed by the OCX development team.
Computer Communications, 2015
ABSTRACT Transporting Big Data requires high-speed connections between end-hosts. Research and ed... more ABSTRACT Transporting Big Data requires high-speed connections between end-hosts. Research and educational networks typically are state-of-the-art networks that facilitate such high-speed user-created network connections, possibly spanning multiple domains. However, there are many different high-speed optical data plane standards and implementations, and vendors do not always create compatible data plane implementations. These technology incompatibilities may prevent direct communication between domains and therefore complicate the configuration of connections. However, some domains may have adaptation capabilities that can lift the technology incompatibility constraint in establishing paths between incompatible domains. Within this context, we address two problems, namely: (1) how to model the technology incompatibilities of multi-domain multi-layer networks, and (2) how to optimally establish paths in such networks. We introduce the inclusion of the information of the supported technologies and adaptation capabilities of each domain and inter-domain link in our model. We subsequently propose technology-aware routing algorithms for finding the shortest feasible path in a multi-domain multi-layer network.
2013 IEEE 5th International Conference on Cloud Computing Technology and Science, 2013
This paper presents the concept of Open Cloud eXchange (OCX) that has been proposed to bridge the... more This paper presents the concept of Open Cloud eXchange (OCX) that has been proposed to bridge the gap between two major components of the cloud services provisioning infrastructure: Cloud Service Provider (CSP) infrastructure; and cloud services delivery infrastructure which in many cases requires dedicated local infrastructure and quality of services that cannot be delivered by the public Internet infrastructure. In both cases there is a need for interconnecting the CSP infrastructure and local access network infrastructure, in particular, to solve the "last mile" problem in delivering cloud services to customer locations and individual (end-)users. The OCX remains neutral to actual cloud services provisioning and limit its services to Layer 0 through Layer 2 to remain transparent to current cloud services model. The proposed document identifies the initial set of requirements to OCX, that can be run by NRENs, as a part of the GÉANT network, or jointly, and provides suggestions about OCX implementation. The proposed OCX concept will leverage the existing Internet eXchange (IX) and GLIF Open Lightpath Exchange (GOLE) solutions and practices, adding specific functionality that will simplify inter-CSP and customer infrastructure integration when supporting basic cloud services provisioning models, in particular Trusted Third Party (TTP) services to allow federated infrastructure and access control, commonly used by NRENs. The paper also describes trusted/secured topology exchange protocol and dynamic trust establishment protocol as a part of the OCX services.
2014 IEEE Security and Privacy Workshops, 2014
As an outcome of a seminar on the 'Ethics in Data Sharing', we sketch a model of best practice fo... more As an outcome of a seminar on the 'Ethics in Data Sharing', we sketch a model of best practice for sharing data in research. We illustrate this model with two current and timely real-life cases from the context of computer and network security.
2012 SC Companion: High Performance Computing, Networking Storage and Analysis, 2012
ABSTRACT The recent emergence of advanced network infrastructures for e-Science enables tuning of... more ABSTRACT The recent emergence of advanced network infrastructures for e-Science enables tuning of network performance at the application level. The Network Service Interface (NSI) has been created as a result of collaborative development of network and application engineers primarily associated with the Research and Education (R&E) community. The NSI allows workflow systems not only to check available service points for a workflow engine to schedule executions, but also to reserve and provision network connections among those service points. However, the current NSI services are proposed mainly from the network resource management perspective, which concerns little about the programming model of applications. In this paper we extend our previous system called NEtWork QoS Planner (NEWQoSPlanner) by adding inter domain network resource selection and provisioning using NSI. We will discuss how NEWQoSPlanner invokes network services to achieve dynamic resource optimization for workflows, and how to apply such planner in heterogeneous infrastructures.
2012 Eighth International Conference on Semantics, Knowledge and Grids, 2012
ABSTRACT An emerging modus operandi among providers of cloud infrastructures is the one where the... more ABSTRACT An emerging modus operandi among providers of cloud infrastructures is the one where they share and combine their heterogenous resources to offer end user services tailored to specific scientific and business needs. A challenge to overcome is the discovery of suitable resources among these multiple providers, which all have different resource management policies. We present a novel architecture for distributed resource discovery. Our solution provides inter-operability among heterogeneous resource provider, handles dynamic resources status updates, and supports infrastructure abstraction policies through the use of semantic web technology. We show the applicability of this architecture within the EU-FP7 research project NOVI.
Future Generation Computer Systems, 2014
• Networking innovations over virtualized infrastructures-NOVI federation architecture.
Future Generation Computer Systems, 2013
The NOVI Information Model (IM) and the corresponding data models are the glue between the softwa... more The NOVI Information Model (IM) and the corresponding data models are the glue between the software components in the NOVI Service Layer. The IM enables the communication among the various components of the NOVI Architecture and supports the various functionalities it offers. The NOVI IM consists of three main ontologies: resource, monitoring and policy ontology that have evolved over time to accommodate the emerging requirements of the NOVI architecture. This article presents the NOVI IM and its ontologies, together with an overview of how the NOVI software prototypes have benefitted from using the IM.
Communication will always be an important feature of agents. It allows the agents to exchange kno... more Communication will always be an important feature of agents. It allows the agents to exchange knowledge, but also to cooperate with each other on tasks. This is especially important for agents which are applied on the Internet. However, to make this communication actually work, the agents have to speak and understand the same language.
The goal of this paper was to look into the state of the art of (automatic) distribution of servi... more The goal of this paper was to look into the state of the art of (automatic) distribution of services in peer-to-peer environments. When writing this paper, it became apparent that this is currently not possible, so this article looks at the state of the art techniques in peer-to-peer and grid computing and how these worlds (are going to) interact, as this seems the most likely research area where the distribution of services is going to be realized.
In this report we specify how we translate all the topology information from Open Shortest Path F... more In this report we specify how we translate all the topology information from Open Shortest Path First protocol version 2 (OSPF)[1] Link State Announcements (LSAs) to the syntax of the Network Description Language (NDL) .
Pagina 3 van 41 Inleiding Voor de Bodemprocedure BREIN vs Ziggo / XS4ALL over het blokkeren van T... more Pagina 3 van 41 Inleiding Voor de Bodemprocedure BREIN vs Ziggo / XS4ALL over het blokkeren van The Pirate Bay, zijn door BREIN steekproeven gedaan om de verdeling over Nederlandse IP--adressen vast te stellen van Auteursrechtinbreuken met Bittorrent. In de BREIN Steekproeven werd het aantal Bittorrent-uitwisselaars gemeten voor resp. 4, 50 en 15 courante films, Nederlandstalig dan wel met Nederlandse ondertiteling, waarnaar links ter beschikking werden gesteld op The Pirate Bay.
This report is an extension of THE OSPF translation to NDL . In this report we specify how we tra... more This report is an extension of THE OSPF translation to NDL . In this report we specify how we translate the topology information from Open Shortest Path First protocol version 2 Traffic Engineering (OSPF-TE)[2] Link State Announcements (LSAs) to the syntax of the Network Description Language (NDL) .
The topology descriptions used at Internet2 are provided in an XML format for use in the Dynamic ... more The topology descriptions used at Internet2 are provided in an XML format for use in the Dynamic Circuit Network suite. The topology descriptions developed by the University of Amsterdam is the Network Description Language. In August and September 2009 Jeroen van der Ham worked at Internet2 on the translation of topology descriptions. This report describes some of the findings in creating this translation. SNE technical report SNE-UVA-09-02
The NSI main objective is to provide a unified communication method enabling independent single d... more The NSI main objective is to provide a unified communication method enabling independent single domain resource management tools to collaborate at global scale providing multi-domain services in heterogeneous environments.