Workshop on GENI and Security
			 January 22-23, 2009
			Davis, California, USA

The Global Environment for Network Innovations (GENI) is a suite of
network research infrastructures now in its design and prototyping
phase. It is sponsored by the National Science Foundation to support
experimental research in network science and engineering.

The goal of this workshop is to engage the security community in
GENI's design and prototyping, to ensure that security issues are
properly considered during its development.

First, what classes of security experiments should GENI support? What
capabilities will GENI require to allow the conduct of these
experiments? The capabilities may be intrinsic to GENI (such as
equipment or software of a particular kind) or extrinsic (such as
organizational management, or external interfaces and
connectivity). Experiments involving malware or vulnerabilities
analysis may require that parts of the infrastructure suite be
partitioned from other parts. Deploying and testing new protocols may
require that the suite be partitioned to prevent errors in the
implementation or in the protocol itself from interfering with other
uses of the infrastructure.

Second, how can GENI itself be adequately secured and protected from
attack?  What forms of authentication, authorization, and
accountability would be most appropriate? As access to GENI will be
from the Internet, GENI will be exposed to potential attackers. Other
types of attack may involve physical compromise of the systems making
up GENI, or of the Internet (or other) infrastructure that provides
support for GENI. Protocols, management and organizational procedures
and processes, and access control mechanisms must be developed to
safeguard both the GENI resource and the data and software that
researchers deploy on it.

As the GENI Project Office expects to issue its 2nd solicitation for
GENI analysis and prototyping subcontracts in the middle of December,
with proposals due in mid-February, it is anticipated that topics
discussed at the workshop will lead to proposals from the security

Participation. We invite short (1 paragraph preferably; at most 1
page) statements of ideas addressing these two issues. For example,
what security- related experiments would you like to run on GENI, and
what benefit would you expect from them? What constraints or
requirements would you need to carry out the experiments? How can we
shield other experiments and work being done using GENI from the
effects of your (or others?) experiments? How can we prevent GENI from
being attacked? The workshop is designed to discuss these, and other,

The GENI System Overview
( ) provides an
overview of the GENI system design. The GENI Spiral 1 Overview
( discusses the first
phase of GENI prototyping. More information on GENI is available at
the GENI web site (

Submission Information. Submit your statement to by December 18, 2008. Please use either
PDF or text. The steering committee will evaluate the responses, and
notify senders of the results, by December 22.

Travel. Limited travel support is available, so please indicate in your
submission whether you require assistance. This will not be a factor in
selecting participants.

Web Site. For up-to-date information about the workshop, please visit
the workshop web site at

Steering Committee.
Matt Bishop, co-chair, UC Davis
Chip Elliott, co-chair, BBN
Heidi Picher Dempsey, BBN
Suzanne Iacono, NSF
Karl Levitt, NSF
Taieb Znati, NSF
Others to be added