Meta-data management issues underpinning Grid and P2P development Experiences from GRASP, SWAD-Europe, PELLUCID and CORAS projects at CCLRC/BITD Emphasis: trust & security policy management Theo Dimitrakos t.dimitrakos@rl.ac.uk Theo Dimitrakos Business & IT Department CCLRC Rutherford Appleton Lab. • RAL has a staff of around 1200 - most are scientists and engineers • Supports the work of over 10000 scientists and engineers, from industry and University • Main Facilities Include: – World Data Centre for Solar-Terrestrial Physics – Molecular Spectroscopy - Infrared, visible and ultraviolet spectroscopy – The world's leading pulsed neutron and muon source • Main facilities enable research into – new materials and structures, – X-ray laser research, – space-based astronomy, – particle physics. Theo Dimitrakos Business & IT Department CCLRC Business & Information Technology – To facilitate Technology Translation and Industry Take-Up – To contribute to the emergence of new ICT paradigms for the European / UK Science and Business – Host the UK W3C Office – UK ERCIM member – To empower new CLRC IT & e-Science projects • complement the expertise of the CCLRC eScience Centre • focusing on integration of the (Semantic) Web and the Grid Services technologies • emphasis on e-government / e-business driven problems – To support the operation of CLRC facilities as a cross-sector IS department Theo Dimitrakos Business & IT Department Overview Meta-data management issues underlie a number of activities at CCLR across eScience and (core business) Information Technology – This talk: an (core business) IT R&D perspective • Examples: – GRASP: Grid-based Application Service Provision – CORAS: CASE tool & method support for Security Risk Analysis – SWAD-Europe: Semantic Web Technology Development – PELLUCID: Agent based platform supporting organisational mobility Theo Dimitrakos Business & IT Department GRASP: motivation • Being mostly used in academic environments, “best-effort” was (and is) a sufficient policy for committing resources to users performing their computational workload. • Moving into the commercial space, businesses will be bound by commitments. Security, privacy, monitoring and accountability are becoming increasingly important in networked environment. “Best effort” is no longer sufficient. From “Specifying and Monitoring Guarantees in Commercial Grids through SLA”, Sahai et. al., available at http://www.hpl.hp.com/techreports/2002/HPL-2002-324.pdf Theo Dimitrakos Business & IT Department GRASP: approach GRASP GRASP consortium consortium ASP -CCLRC -CCLRC (UK) (UK) Æbusiness concept between -CRMPA -CRMPA (Italy) (Italy) financially independent entities -CS-SI -CS-SI (France) (France) -HLRS -HLRS (Germany) (Germany) -LogicDIS -LogicDIS (Greece) (Greece) Flexible but Interoperable -SchlumbergerSema -SchlumbergerSema (Spain) (Spain) proprietary component ASP based ASP GRASP GRID Web Æbasic Services infrastructure for Æinterfaces for dynamic distributed remote procedure OGSA computing calls Theo Dimitrakos Business & IT Department “Grid User” GRID (OGSA compliant) VO participant 1 Factory ASP Legacy Grid API Service 1 System (Black Box) VO participant 2 Client Interface Registry J2EE, .net, Corba etc. Factory ASP ASP Client 1 Client 2 Service 2 Service 3 Theo Dimitrakos Business & IT Department “Grid Enabler” GRID (OGSA compliant) VO participant 1 Factory ASP Legacy Factory Service 1 System/ Service Orchestration Service 4 VO participant 2 Client Interface J2EE, .net, Registry Corba etc. ASP Client 1 ASP Client 2 Factory Service 2 Service 3 Theo Dimitrakos Business & IT Department “Grid Builder” GRID (OGSA compliant) VO participant 1 Factory Grid Service Provider (GSP) Service 1 Legacy Factory System/ Service VO participant 2 Service 4 Orchestratio J2EE, Registry n/ .net, Corba .net/ Service 5 Factory etc. J2EE Service 6 Service 2 Service 3 Client Interface Client Interface Provided by the GSP Provided by third party Theo Dimitrakos GSP Client 1 GSP Client 2 Business & IT Department A scenario driven walkthrough Data + Analysis Tool ? Here are your options ! Engineer Broker Locating…. Theo Dimitrakos Business & IT Department Analysis Tool Data-set A scenario driven walkthrough Selected Data Provider, Analysis Tool Provider and Orchestrator Engineer Locate Broker Set-up “Deploy” Run, Control, Monitor Orchestrator Execution Executes on Theo Dimitrakos Compute Resources Analysis Tool Data-set Business & IT Department GRASP Architecture Theo Dimitrakos Business & IT Department GRASP Architecture: GS-Instantiation Theo Dimitrakos Business & IT Department GRASP Architecture: GS-Location Theo Dimitrakos Business & IT Department GRASP Architecture: GS-Orchestration Theo Dimitrakos Business & IT Department GRASP Architecture: Security dynamic collaboration networks Also: joint work with Ivan Djordjevic @ QMUL Theo Dimitrakos Business & IT Department GRASP Architecture: Security secure intra-/inter group communication Alice’s Sec CCT Alice Bob Mgr Manager M1 –join request M2 – authentication M3 – authentication, secret key M4 – forward join request M5 – join response (ACK) M6 – forward ACK M7 – p2p session request M8 – ACK, session key M9/10 – data transfer Theo Dimitrakos Business & IT Department GRASP Architecture: Security enforcing dynamic service security perimeters M e m b er(s) C he c k ing of in puts to M o nito ring o f P ro cess E xecutio n s oftw a re a nd its e x e c utio n S ecurity P o licy E nfo rcers: Authoriza tio n of a c tions : • R ole -ba s e d Ac c e s s C ontr ol • S e c urity P olic y E nforc e m e nt Ap plic a tio n L o cal CCT la ye r Authe ntic a tio n, no n-re pu dia tio n, M anag er-C lient C C T (P 2P ) m e s s a ge inte grity , ro le m a p ping C ertificates C ertificates M e s s a ge c onfide ntia lity / M essag e E ncryp t/D ecryp t inte gr ity P a c k e t m o nitorin g for N e tw ork a tta c k s igna ture s a n d la ye r T raffic M o nito ring a nd F iltering protoc o l a no m a lie s C C T C o m m u n ic a tio n N on-secure Internet Theo Dimitrakos Business & IT Department GRASP Architecture: SLA monitoring Hosting Environment Gateway Host 1 SLA Negotiation Handler Parser Agreement Factory Negotiator Agreement and HE Monitor Agreement Service 1 Host monitor Host 2 Grid Service 1 SLA Host ... ... Template Pool Theo Dimitrakos Business & IT Department GRASP Architecture: SLA monitoring Monitoring scheme options Centralised Devolved LSM1 & CCT Mgr LSM2 Integrated with the Security Perimeter Arbitrator LSM1 & CCT Mgr LSM2 Arbitrator / Community Management Model correlate correlate Compatible with OGSI-Agreement correlate Monitor Monitor Monitor Monitor Leverages BCA high-level concepts Monitor Monitor CCT CCT Leverages GeneSyS low level admin Locally Coordinated Hybrid LSM1 & CCT Mgr LSM2 LSM1 & CCT Mgr LSM2 Arbitrator Arbitrator Hosting Environment correlate correlate correlate correlate correlate Gateway Host 1 SLA Negotiation Handler Parser Monitor Monitor Monitor Monitor Agreement Factory Negotiator Monitor Monitor Monitor Monitor Agreement and HE Monitor Monitor Monitor Agreement Service 1 Host monitor CCT CCT Host 2 Grid Service 1 SLA Host ... ... Template Pool Theo Dimitrakos Business & IT Department GRASP Architecture: Policy Management Policy Service Policy Service Policy Service Policy Instance Policy Instance Policy Instance Enforcer Enforcer Enforcer Theo Dimitrakos Business & IT Department GRASP Architecture: Policy Management Policy Service Policy Service Policy Service Current Current option option under under consideration: consideration: -Assess -Assess an an adaptation adaptation of of KAoS KAoS policy policy framework framework Policy Instance -OWL-S Policy -OWL-S policy policy Instance descriptions descriptions build build on on four four basic basic policy policy types types ++ domains domains for for defining defining roles roles & & contexts contexts Policy Instance -- positive/negative positive/negative authorisation authorisation allows allows controlling controlling access access -- positive/negative positive/negative obligation obligation allows allows enforcing enforcing SLA SLA clauses clauses Enforcer -Policy -Policy services Enforcer services for for each each local local group group (at (at VHE) VHE) Enforcer -Transient -Transient policy policy instances instances for for each each policy policy clause clause for each each group forDimitrakos Theo group -Policy -Policy enforcer enforcer at at each each peer peer (service (service instance) instance) in in aa group Business & IT Department group Semantic Web technologies addressing the Trust Management problem Theo Dimitrakos Business & IT Department Semantic Web Vision Theo Dimitrakos Tim Berners-Lee’s Semantic Web roadmap vision (simplified overview) Business & IT Department SWAD-Europe Semantic Web Advanced Development in Europe • Purpose is to encourage the use of Semantic Web tools and techniques now: – By an outreach programme – By developing practical demonstrators – By providing tools and standards • Partners: – Univ. of Bristol, – W3C-INRIA, – CCLRC, – HP Labs, – Stilo Theo Dimitrakos Business & IT Department Overview of activities Accessibility XML + RDF Databases Annotations Thesuari Queries Semantic SW + WS Blogging Scaleability Visualisation Trust Theo Dimitrakos Business & IT Department CLRC in SWAD-Europe • Three major areas – Developing XML Schemas from the Semantic Web – Developing tools and techniques for representing thesauri in the Semantic Web • Especially Multilingual Thesauri – Developing tools and techniques for representing and processing Trust relationships in the Semantic Web. Theo Dimitrakos Business & IT Department Pellucid overview The The Pellucid Pellucid project project (IST-2001-34519) (IST-2001-34519) isis developing developing aa customisable customisable software software platform platform for for knowledge knowledge management management systems systems to to aid aid organisationally organisationally mobile mobile employees. employees. ItIt integrates integrates several several advanced advanced information information technologies, technologies, including including autonomous autonomous cooperating cooperating agents; agents; ontologies; ontologies; workflow workflow and and process process modelling; modelling; organisational organisational memory; memory; document document indexing indexing andand metadata metadata for for accessing accessing document document repositories. repositories. The Pellucid platform is agent-based and has three layers: •the interaction layer, concerned with managing the interface with the employee (end-user) and the external world; •the process layer, concerned with managing tasks and workflows; •the access layer, concerned with search and retrieval of a wide range of documents. Theo Dimitrakos Business & IT Department Pellucid overview Each of these layers comprises a collection of agents with defined competences and communications, acting together in a dynamic, flexible way. An organisational memory will allow for monitoring of the overall behaviour of the system and a learning capability for continuous improvement. The competences of the agent classes are as follows: •Personal assistant agents. Responding to explicit requests for information; presentation of information both spontaneously and on request. •Role agents. Monitoring performance of roles in work process; matching appropriate forms of advice to the user through the Personal assistant agent. •Task agents. Instantiating particular forms of advice selected by the role according to the working context of the particular task. Working context encompasses both position in workflow and domain-specific attributes. •Information search and access agents. Locating and retrieving information on request from diverse repositories. •Monitoring agents. Monitoring users’ passage through workflow and communicating between Pellucid system and workflow management or tracking system. Theo Dimitrakos Business & IT Department Pellucid overview The aim of Pellucid is to provide experience management, disseminating the knowledge of more experienced employees to those who are less experienced, a situation that is increasingly common owing to organisational mobility. The vessel for experience management in Pellucid is the active hint: a particular piece of advice presented spontaneously to the user and tailored to the working context. Active hints are constructed in a variety of ways based on templates appropriate for different situations. There are three end-user organisations in the Pellucid project, with very different applications but all with experience management needs: • The Comune di Genova (Italy), whose application is the process of evaluating, planning and executing the installation of traffic lights in the city. • SADESI (Spain), a company that operates the call centre for the telephone network of the regional government in Andalucia—the application is the operation of the call centre itself, where high staff turnover means that experience management is a high priority. • The Mancomunidad de Municipios del Bajo Guadalquivir, an association of local governments in the south of Spain, whose application is the process of management of projects and services. Theo Dimitrakos Business & IT Department CORAS Overview • Eleven institutions from four European countries. • Developed a tool-supported methodology for model-based risk analysis of security- critical systems. The CORAS tool-supported methodology provides: • A methodology for model-based risk assessment integrating aspects from partly complementary risk assessment methods and state-of-the-art ICT systems engineering • A UML based specification language targeting security risk assessment. • A library of reusable experience packages. • A web-enabled software tool that supports the methodology and provides two repositories; an assessment repository and a repository for the reusable experience packages. • An XML mark-up for exchange of risk assessment data. • A vulnerability assessment report format. Theo Dimitrakos Business & IT Department CORAS impact 2003-12: The CORAS UML profile for security assessment, submitted as part of the proposal OMG Document ad/2002-01-07, has now been adopted as an OMG standard by the OMG. 2003-09: The first release of the CORAS Risk Assessment Platform has been made available to the public as Open Source via SourceForge.net Theo Dimitrakos Business & IT Department CORAS relevance CORAS process integrates a standardised Risk Management process with the OMG Unified Process (c.f. RUP), so as to fully incorporate risk analysis into the design & development of critical ICT systems. CORAS platform supports the documentation, evolution and maintenance of risk analysis results and their correlation to system models during this process. CORAS platform architecture is based on the ability to create, correlate and manage meta-data both about Risk Analysis and about System Designs Meta-data is used … … as stored or exported “output” for the: (a) Internal representation and book-keeping of the Risk Analysis results (b) Internal representation and book-keeping of the UML diagrams using tailored XML based notations … as stored or imported “input” for the (a) Visualisation of Risk Analysis results (b) Visualisation of systems engineering diagrams based on UML using XSL-based technology Theo Dimitrakos Business & IT Department CORAS architecture Theo Dimitrakos Business & IT Department CORAS meta-data management (as we would have liked it to be…) Theo Dimitrakos Business & IT Department CORAS lessons Experience with developing the current Open Source version of CORAS platform software indicates that: (a) XML DTD and XML Schema definitions are very useful for book-keeping Risk Analysis results, but lack the semantic content that would allow effective cross-referencing and manipulation of RA meta-data during the CORAS process • Defining a core ontology for Risk Analysis data and RA-technique specific extensions in RDF or OWL (DAML+OIL) could provide a solution (b) The above is particularly relevant for supporting solutions about • How to transfer RA knowledge from one technique to another (e.g. HaZOp to FTA to Markov Analysis) in relation to the same target system • How to manage the correlation of RA results with parts of the system model throughout design and development • How to dynamically generate presentations of RA results that are relevant to one specific concern and one specific view of the system. Following the successful completion of the CORAS project we are interested in continuing the development of the CORAS platform & its architecture so as to appropriately addressed the above issues. Theo Dimitrakos Business & IT Department CCLRC contacts for more information • GRASP: Theo Dimitrakos t.dimitrakos@rl.ac.uk • SWAD-Europe: Brian Matthews b.m.matthews@rl.ac.uk • Pellucid: Simon Lambert s.c.lambert@rl.ac.uk • CORAS: Theo Dimitrakos t.dimitrakos@rl.ac.uk Theo Dimitrakos Business & IT Department What does the future hold? • TRUSTCOM: trust/security & contract management framework for dynamic Virtual Organisations – Theo Dimitrakos t.dimitrakos@rl.ac.uk – Michael Wilson m.d.wilson@rl.ac.uk • E-LeGI: elements of a European Learning Grid Infrastructure, focusing on experiential learning applications: – Damian Mac Randal d.f.mac.randal@rl.ac.uk – Theo Dimitrakos t.dimitrakos@rl.ac.uk • Integration of Grid middleware and Pervasive / Nomadic Computing over heterogeneous networks (emphasis on mobility) Theo Dimitrakos Business & IT Department Get involved: forthcoming events An annual event of www.trustmanagement.clrc.ac.uk Working group on Trust Management in Supported by Dynamic Open Systems www.w3c.rl.ac.uk www.itrust.uoc.gr 22nd of August 2004, Toulouse France – affiliated with the IFIP World Computing Congress 2004 Towards a European Learning Grid Infrastructure 1st International Conference 14-16 September 2004 5th LeGE-WG workshop St Anne’s College, Oxford UK Learning Grid of Excellence Theo Dimitrakos Working Group Business & www.lege-wg.org IT Department