1. Center Overview
The Kentucky Center for
Resilient Information Systems (CRIS) was established to carry
out research in
the design and maintenance of robust recoverable networks and
information storage
systems. The initial focus of the center is on the United States
financial sector.
Since 9/11, critical infrastructure
protection has been recognized as a crucial step toward national
security of the
United States (and the world). To create a financial network that is
both resistant to attack and resilient when under attack, new
research is required that
will:
-
Help us to understand and fine tune
the parameters affecting the reliability and availability of existing financial backup systems,
and
-
Enable new algorithms and
architectures for next generation financial systems that are highly
replicated, geographically distributed, secure, resilient to
denial-of-service attacks, and robust to failures of their components.
2. Research Projects
E-Cavern Project:
As a first step, CRIS has designed,
implemented, and deployed a testbed
system specifically designed to address the issues facing the financial
sector. The testbed is housed at the University of Kentucky
(which acts as the primary site) with the remote backup site being
housed in the E-Cavern underground facility. A unique feature of
the testbed is that it utilizes the
University
of Kentucky Emulab facility to create arbitrary network
environments between the primary and secondary site. The emulab
facility can also be used to launch attacks on the sites or the
communication channels to emulate Denial of Service attacks.
The initial problems being studied on the system focus on the
problem of providing asynchronous backup over wide area networks where
the primary site is located hundreds of miles away from the backup
site. The Center has put together a unique team of
experts to accomplish this task. The team consists of faculty and
staff at the two major research universities in Kentucky--the
University of Kentucky in Lexington and the University of
Louisville--together with the engineers and facilitators at our
industrial partners, including e-Cavern, IBM and Cisco Systems.
3. People
4. The Treasury/E-Cavern Testbed Facility
The Treasury/E-Cavern Testbed is fully
operational. It consists of
- Client applications -- primarily workload generators that try to
mimic the behavior of financial transaction systems. These are
run on various types of machines and operating systems. The
testbed includes a pair of 8-CPU IBM X-series machines with fiber
channel interfaces that are specifically reserved for the purposes of
workload generation.
- Database Services -- we have run multiple unix-based databases
(including UDB, postgres, mysql) using an 8-processor IBM P-series
machine as the server. The server machine directly mounts a
mirrored disk (and IBM DS 8000) over a multi-interface fiber-channel
network.
- Primary Data Storage System -- we use an IBM DS 8000 running in
either metro or global mirror modes as our primary disk storage
system. The system can be reconfigured to change the mirroring
parameters, flash copying, etc.
- Secondary (Backup) Storage System -- we use an IBM DS 6800 as our
remote mirror which is setup as either a global or metro mirror of the
primary. It is physically located roughly 70 miles away from the
primary, bounding the minimum latency.
- High-speed Wide Area Network Connection -- the primary and
secondary are connected over a 1Gbps leased line that is carried over
the KPEN network.
- UK Emulab facility -- sits between the primary location and the
secondary location and can be used to change the delay, loss rate,
jitter, etc.
- Additional intel-based machines at both the primary and secondary
site are used to test other types of software configuration (e.g.,
DRDB, FEC-based protocols, (D)DOS attacks, etc).
Detailed information about the testbed
for CRIS users can be found
here, but
is only accessible to CRIS
members with the proper authentication information.
5. Sponsors