Towards a Grid Platform Enabling Dynamic Virtual Organisations for Business Applications T. Dimitrakos*,1, G. Laria2, I. Djordjevic1, N. Romano2, F. D'Andria2 , V. Trpkovski1, P. Kearney1, M. Gaeta2, P. Ritrovato2, L. Schubert3, B. Serhan3, L. Titkov1, and S. Wesner3 1 2
BT Security Research Centre, BT Group Research Labs, Adastral Park, IP5 3RE, UK CRMPA, Università di Salerno, DIIMA, via Ponte Don Melillo, Fisciano, 84084, Italy 3 HLRS, High Performance Computing Centre, Stuttgart, Germany
Abstract. In this paper we describe the demonstration of selected security & contract management capabilities of an early prototype infrastructure enabling dynamic Virtual Organisations for the purpose of providing virtualised services and resources that can be offered on-demand, following a utility computing model, and integrated into aggregated services whose components may be distributed across enterprise boundaries. The ideas underpinning this prototype have been investigated in the context of European projects TrustCoM [1], ELeGI [2] and GRASP [4] where initial prototype development has taken place.
1 Introduction This paper summarises an infrastructure that gives enterprises the ability to take advantage of Grid and Web services technologies in order to virtualize their services, make them available to others on a charge-per-use basis, and form Virtual Organizations (VO) in order to selectively outsource components of end-to-end application services (AS) to other providers that participate in a VO. Particular emphasis is placed on the aspects of the infrastructure that relate to security and Service Level Agreement (SLA) management [8]. One of the key architectural elements of the middleware platform to be demonstrated is the distinction between the AS delivered to a client and the component Grid services used to implement this. The component Grid services are provided on demand by 3rd party Service Providers running Virtual Hosting Environments (VHE), which may consist of many individual hosts actually running the services. From a management perspective each VHE provides capabilities for the creation, virtualisation and management of the Grid services within it. The AS provider (ASP) can selectively integrate application components that are virtualised as services and that are offered by different VHE, on a charge-per-use basis subject to SLAs. The infrastructure enables the VHE manager to optimise resource usage within their VHE and also to control the operation of and access to the services that are hosted in their VHE as necessary in a commercial environment, while still exploiting *
Correspondence author:
[email protected]
P. Herrmann et al. (Eds.): iTrust 2005, LNCS 3477 pp. 406 – 410, 2005. © Springer-Verlag Berlin Heidelberg 2005
Towards a Grid Platform Enabling Dynamic Virtual Organisations
407
the power of the underlying Grid technology to deliver the overall AS whose components may be distributed across multiple VHE. The basic business functionality that Application and Service Provider require is provided as default capability by the infrastructure, therefore, simplifying the building Grid-based ASs.
Application Services (Domain Specific) SP1
HE3
Security
I2 I3
Service Instatiation
SP3
SLA
SP2
Service Location
I1 HE1
GW1
Accounting & Billing
VO
Orchestration Service
BizTalk 2004, UDDI directory
HE2 GW2
OGSI.NET (Virginia University)
O Service instance
OGSI extensions
Microsoft .NET Framework
Destroy Manageability Notification Security
Hosting machine
GW3
In
Service instance involved in the orchestrated service Orchestrator Service
O
Fig. 1. VO concept (left) and High Level Architecture of underlying infrastructure (right)
Fig. 1. shows the high level architecture of the VO ecosystem infrastructure composed by three VHE. Building on top of existing OGSA compliant middleware (in the current prototype implementation this is OGSI.NET [5]). A first layer of extension relates to the functionality of Location, Instantiation and Orchestration: - Locator: it allows publishing business services in the VHE and offers a discovery service that can meet a specified QoS/SLA constraint; it returns the endpoint for the Instantiator to create this service - Instantiator: selects an appropriate host and invokes the appropriate Grid Service Factory (-ies), initiates SLA monitoring and Accounting & Billing services and interacts with the security manager service that is responsible for securing the group of GRASP services executing an AS - Orchestration: orchestrates potentially transient Grid services On top of this extension, further business functionality is provided as part of this VO Ecosystem Infrastructure including: - SLA Management: SLA (templates) used in selection of a VHE; monitoring of services to ensure compliance; mapping of monitored data to SLA concepts; - Accounting & Billing: collection of performance/resource data (shared with SLA monitoring); combining different costing methods; applying pricing algorithms; - Security: securing complete AS (multiple component Grid Services on multiple VHEs); handling securely life-time, as well as the addition and expulsion of component Grid service instances that collectively execute a complete application. See [6],[7] for further details.
408
T. Dimitrakos et al.
2 The Basic Demonstration Scenario The demonstration will follow the following service aggregation scenario. (For simplicity, we refrain from elaborating the application specific functionality.) 1. The functionality of a composite service is captured within a business process description that is held by the ASP. The process is virtualised as a (composite) AS instance with a front-end GUI that facilitates interaction with the end-user. Once the end-user starts the client application a new AS instance is activated. 2. The activation of new AS instance instigates the activation of a new GroupManager service instance, which in turn creates of a security context defining a new Service Instance Group (SIG) that includes itself. 3. Using a graphical application interface, the end-user enters its UserID and sets some parameters that define the end-user requirements about service provision. 4. The UserID and requirements are passed to a web service that maps them to requirements for component services to be outsourced to other providers. 5. Using these outsourcing requirements, an orchestration engine initiates a service discovery process that inspects a VO registry for advertised capabilities1 that meet these requirements. If successful, this process retrieves a list of capabilities offered by different providers for each description of requested service. 6. If discovery is successful then the creation of service instances by the providers that are top in the list is requested, and (upon successful instantiation) the orchestration engine retrieves their virtual addresses. 7. With each service instance, an SLA instance describing the terms of service provision is created and a dedicated monitoring capability is activated. 8. All new instances crated are included in the same SIG as the AS instance. The underlying security infrastructure ensures that service instances can interact only with other service instances in the same SIG or with pre-determined groups of infrastructure services (mainly within their own VHE). 9. The business process capturing the application logic is now executed within the security perimeter that is effectively defined by the SIG within which the AS instance and all component services instances are contained. 10. During the execution of this business process, each service instance is monitored and accounted against the constraints. Depending on the threshold violation of SLA constraints can lead to penalty (e.g. discount) or the graceful shut-down of a component and/or the aggregated service. 11. During the process execution the composite AS will interact with the end-user via its application interface at specific interaction points, as described in the business process specification capturing the application logic. 12. Upon the completion of the application or a user requesting to shut-down the application instance, the infrastructure manages the shut-down of all component
1
The term “capability” is used here to denote the ability of a VHE to commit to creating or activating a service instance that offers the requested functionality at a service level within the requested boundaries. Each capability is associated with the address of an Instantiator service which is responsible for managing the creation of such service instances within its VHE and returning virtual address for each such service instance to the requestor.
Towards a Grid Platform Enabling Dynamic Virtual Organisations
409
service instances, the nullification of agreement instances and the dissolution of the SIG, including the invalidation of the associated security context.
3 Conclusion This is an early prototype of an infrastructure for enabling dynamic Virtual Organisations for the purpose of providing services that can be used on-demand. Summarizing the main objectives of the demonstration are: 1) To introduce a service instantiation process that allows choosing a suitable host matching the parameters specified in an SLA offer, if such a host is available. This instantiation process provides a substantial improvement to the concept of Grid service factories. 2) To provide an example of SLA monitoring with violation notification that leads to the application of penalties to the final accounted charge. 3) To provide a first proven concept of a Grid platform that allows to charge service use on the basis of granular parameters, explaining the real use of the instance (e.g. number/type of invocations, amount/type of exchanged data, etc). 4) To show how the possibility to automate the on-demand creation and management of virtual secure perimeters that span across security/administrative domains, maintain security context across a transaction and permit message exchanges only between instances that are contained within the perimeter itself. The prototype developed so far represents a significant milestone towards the convergence of Web Services and Grid Computing approaches into a new networkcentric, inter-enterprise computing paradigm. However, the current state of the implementation provides a limited functionality for trust management and security policy specification and analysis, and its dependence on OGSI implies that resource management and virtualization mechanisms are not always compliant with more traditional Web Services. In the period 2005-2008, we plan to continue pursuing a conceptually similar approach, while adapting and/or rebuilding the prototype infrastructure as appropriate in order to address the need for such further development while ensuring alignment with the parallel evolution of the web service oriented architecture and web services paradigms, which we intend to influence. Such further applied research and development plans have been accommodated in the European Integrated Projects: TrustCoM [1], ELeGI [2] and Akogrimo.
References [1] [2] [3] [4] [5]
TrustCoM, European Integrated Project, information portal www.eu-trustcom.com ELeGI, European Integrated Project, information portal at www.elegi.org Akogrimo European Integrated Project. Information portal at www.mobilegrids.org GRASP, European targeted research project, information portal www.eu-grasp.net Glenn Wasson, Norm Beekwilder, Mark Morgan and Marty Humphrey OGSI.NET: OGSICompliance on the .NET Framework. In Proceedings of CCGrid 2004, the 4th IEEE/ACM International Symposium on Cluster Computing and the Grid. [6] S.Wesner et al. Towards a platform enabling Grid based Appl. Service Provision. In [9] [7] T. Dimitrakos et al. Enabling Dynamic Sec. Perimeters for Virtual Collaborations. In [9].
410
T. Dimitrakos et al.
[8] P. Ritrovato, T. Dimitrakos, et al. Trust, Security and Contract Management Challenges for Grid-based Application Service Provision. In iTrust2004, Springer-Verlag LNCS. [9] P. Cunningham et al. Building the Knowledge Economy: Issues, Applications, Case Studies. IOS Press Inc.
