Kai Hwang, September 2011

Research Challenges in The Clouds, Many Cores, and Internet of Things Prof. Kai Hwang, Univ. of Southern California and Tsinghua Univ.



Research Frontiers in Supercomputers, Clouds, and Internet of Things based on recent advances in Multi-Core CPU, Many-Core GPU, virtualization techniques and datacenter automation.



Research Challenges in Three Frontier Areas : - Asymmetric Chip Multiprocessors (CMP) – Integrating CPU/GPGPU - Cost-Effective Private Clouds over Automated Datacenters - IoT Maturity and How to Bring Social Networks under control



Open Problems in the Clouds, Internet of Things, and Social Networks - Can we entrust clouds to take over many things we handle privately ? - Are IoT truly cost-effective and fully supported by the Internet Clouds ? - Privacy in Social networks and copyright protection in content networks ?

Kai Hwang, September 2011

1

Web 2.0, Clouds, and Internet of Things HPC: HighPerformance Computing

HTC: HighThroughput Computing

P2P: Peer to Peer

MPP: Massively Parallel Source: K. Hwang, G. Fox, and J. Dongarra,

Processors

Distributed and Cloud Computing, Morgan Kaufmann, 2011 (in press to appear) Kai Hwang, September 2011

2

Hot Research Frontiers: 

Multi-core-CPU and many-core GPU and beyond : Heterogeneous (asymmetric) chip multiprocssors



Virtualization support for cloud computing over distributed and automated datacenters



Cloud security, data integrity, privacy and copyright protection, and trust management in clouds and the future Internet



Advances in RFID tracking, sensor networks, and GPS technologies to build the Internet of things



Ubiquitous cloud computing and social networking using the clouds to process hugh amounts of time-sensitive datasets collected in IoT applications


3

Top 5 Systems in Top-500 List , Nov. 2010


4

The Winner in November 2010

The 2.5 Flops performance shows only a 54.6% efficiency from the peak speed of 4.7 PFlops. Kai Hwang, September 2011

5


6

The Exascale Echelon Project A Future Supercomputer funded by DARPA in The USA

The Echelon CPU/GPU cluster proposed with a hierarchical architecture that can deliver 2.6 PFlops per cabinet. It takes at least N = 400 cabinets to achieve the EFlops performance. (Source: Bill Dally, SC-2010).


7

Mapping of Virtual Machines (VMs) into Many Cores on A Chip Multiprocessor (CMP)

(Courtesy of Marty and Hill, IEEE Micro, 2007) Kai Hwang, September 2011

8

Virtual Hierarchy in CMP

CMP Server Consolidation by Space-Sharing of VMs with multiple Virtual Clusters for various Workloads. (Courtesy of Marty and Hill, 2007) Kai Hwang, September 2011

9

A Large Ware-House Datacenter owned by Microsoft in WA. USA


10

Cloud Computing – Service Provider Priorities  Ensure confidentiality, integrity, and availability in a multi-tenant environment.

 Effectively meet the advertised SLA, while optimizing cloud resource utilization.

 Offer tenants capabilities for selfservice, and achieve scaling through automation and simplification. Kai Hwang, September 2011

11

HPC and HTC Cloud Benchmark Experiments on Amazon EC2 Platform 1. High Throughput 2. High Performance Computing: Computing: RUBiS NAS Parallel Benchmarks (NPB)

(Fan Zhang, Junwei Cao, Kai Hwang at THU joint with CAS/ICT 973 Project) Kai Hwang, September 2011

Kai Hwang, USC

12

MapReduce Skyline Composition of Web/Cloud Services with QoS Guarantee (Joint ZJU/USC Project)


13

Algorithm 3

Similarity Test Algorithm 2

Algorithm 4

Skyline Selection

Services Requests

Service Pool

Skyline Representatives

Skyline Services

Service Flow Requirements


Compositio n Process

Optimal Composite Services

QoS Guarantees

14

Data Security and Copyright Protection in A Trusted Cloud Platform

(Source: K. Hwang and D. Li, IEEE Internet Computing, September 2010 11, 2009 KaiMarch Hwang, September 2011

Prof. Kai Hwang, USC

15

Ex '  X

Security and Trust Barriers in Cloud Computing 

Protecting datacenters must first secure cloud resources and uphold user privacy and data integrity.



Trust overlay networks could be applied to build reputation systems for establishing the trust among interactive datacenters.



A watermarking technique is suggested to protect shared data objects and massively distributed software modules.



These techniques safeguard user authentication and tighten the data access-control in public clouds.



The new approach could be more cost-effective than using the traditional encryption and firewalls to secure the clouds. Kai Hwang, September 2011

16 16

Trusted Zones for VM Insulation Federate identities with public clouds

Identity federatio n

Virtual network security

Access Mgmt

Control and isolate VM in the virtual infrastruct ure Segregate and control user access

Security Info. & Event Mgmt

APP OS

APP OS

Anti-malware Insulate infrastructure from Malware, Cybercrime intelligence Trojans and cybercriminals Strong

Tenan t #2 Virtual Infrastructure APP

APP OS

Tenan t #1 Virtual Infrastructure OS

Cloud Provider Physical Infrastructure Physical Infrastructure

Enable end to end view of security events and compliance across infrastructures Kai Hwang, September 2011

authentication Insulate information from other tenants Insulate informatio n from cloud providers’ employees

Data loss prevention

Encryption & key mgmt Tokenization

GRC 17

Protection of Cloud Datasets and Trust Management


18

Architecture of The Internet of Things Application Layer

Merchandis e Tracking

Environmen t Protection

Intelligent Search

Telemedicine

Intelligent Traffic

Smart Home

Cloud Computing Platform Network Layer

Sensing Layer

Mobile Telecom Network

The Internet

Information Network

RFID

Sensor Network

GPS

RFID Label

Sensor Nodes

Road Mapper

Source: K. Hwang, G. Fox, and J. Dongarra, Distributed and Cloud Computing, Morgan Kaufmann, September 2011. Kai Hwang, September 2011

19

Mobility Support and Security Measures for Mobile Cloud Computing Cloud Service Models

Mobility Support and Data Protection Methods

Hardware and Software Measures for Cloud Security

Infrastructure Cloud (The IaaS Model)

   

Special air interfaces Mobile API design File/Log access control Data coloring

 Hardware/software root of trust,

Platform Cloud (The PaaS Model)

   

Wireless PKI , User authentication, Copyright protection Disaster recovery

 Network-based firewalls and IDS  Trust overlay network  Reputation system  OS patch management


 Provisioning of virtual machines,  Software watermarking  Host-based firewalls and IDS

20

Cloudlets- A trusted, VM-based, and Resource-Rich Portal for Upgrading Mobile Devices with Cognitive Abilities for Mobile access of the cloud to explore Location-Aware Cloud Applications such as : Opportunity Discovery, Fast Information Processing, and Intelligent Decision Making on The Road, etc.

Source: “The Case of VM-based Cloudlets in Mobile Computing”, IEEE Pervasive Computing, Vol.8, No. 4, April 2009 Kai Hwang, September 2011

21

24 Satellites of GPS Deployed in Outerspace


22

Supply Chain Management supported by the Internet of Things. ( http://www.igd.com)


23

Some Cloud Services for IoT Applications 1. Smart and pervasive cloud applications for individuals, homes, communities, companies, and governments, etc. 2. Coordinated calendar, itinerary, job management, events, and consumer record management (CRM) services 3. Coordinated word processing, on-line presentations, webbased desktops, sharing on-line documents, datasets, photos, video, and databases, etc. 4. Deploy conventional cluster, grid, P2P, social networking applications in cloud environments, more cost-effectively. 5. Earthbound applications that demand elasticity and parallelism to avoid large data movement Costs


24

Facebook Apps (550 Millions users)


25


26

Avoiding Cyber-Attacks in Anonymized Social Networks


27







Conclusions: Computing clouds, IoT, and social networks affect the entire service industry and thus the global economy. These systems demand ubiquity, efficiency, security, and trustworthiness. Distributed systems, Clouds and IoT will become a common practice in business, government, education, and entertainment - 50 millions of servers globally in use at thousands of datacenters today and that number grows rapidly in coming years. Effective trust management, guaranteed security, user privacy, data integrity, mobility support, and copyright protection are crucial to the universal acceptance of clouds, IoT and social networks.


28

High-Bandwidth Interconnect in Tianhe-1A

Latency, Bandwidth and Cost-Effective Performance


29

(Source : Hwang, Fox and Dongarra, Distributed and Cloud Computing, Kaufmann, 2011)


30

Elastic Virtual Clustering Physical Cluster 1

Physical Cluster 2

Physical Cluster 3

Virtual Machines deployed on 3 physical clusters Virtual Cluster 1

Virtual Cluster 2

Virtual Cluster 3


Virtual Cluster 4

31

The Echelon

GPU processor proposed at NVIDIA :

128 cores (160 GFlpos each) plus 8 latency processors (LP) connected to 1024 SRAMs (L2 caches) by a NoC, where MS connects to DRAMS and NI extends to the next level of network (Courtesy of Bill Dally, 2010 ).


32