Global Grid Forum and AgentLink III Omer Rana

1
Global Grid Forum and AgentLink IIIOmer Rana

• Active since 2000
• Grid Forum Asia-Pacific
• eGrid (European Grid activities)
• Grid Forum US
• Led by
• Mark Linesch, Hewlett Packard
• Recently very industry focused

2
Management
Bill Feiereisen, Los Alamos National Laboratory
Ian Baird, EMC Kyriakos Baxevanidis,
CEC Wolfgang Boch, European Commission Walt
Brooks, NASA Frederica Darema, US National
Science Foundation Robert Fogel, Intel
Corporation Ian Foster, Argonne National
Laboratory and The University of Chicago
Fabrizio Gagliardi, CERN Tony Hey,
Microsoft John Hurley, The Boeing Company Lennart
Johnsson, University of Houston Ken King,
IBM Jysoo Lee, KISTI Yoichi Muraoka, Waseda
University Simon Nicholson, Sun Microsystems and
OASIS Alexander Reinefeld, ZIB Berlin Mary Anne
Scott, US Department of Energy Satoshi Sekiguchi,
AIST Rick Stevens, Argonne National
Laboratory Martin Walker, Hewlett-Packard

• GGF Chair
• Steering Group
• Advisory Group

3
Recent change in structure previously (1)
Research Groups, (2) Working Groups.
4
Standards Function Groups
Infrastructure Area Director Cees de Laat IPv6 (IPv6-WG) Network Measurement (NM-WG) Data Transport (DT-RG) Grid High-Performance Networking (GHPN-RG) Network Measurements for Applications (NMA-RG) 
Data Area Directors David Martin and Malcolm Atkinson Data Access and Integration Services (DAIS-WG) Grid File Systems (GFS-WG) Data Format Description Language (DFDL-WG) GridFTP-WG Grid Storage Management (GSM-WG) Information Dissemination (INFOD-WG) OGSA Data Replication Services (OREP-WG) Transaction Management (TM-RG) OGSA Data (OGSA-D-WG) Byte IO (ByteIO-WG)
Compute Area Directors Bill Nitzberg and Steven Pickles Grid Resource Allocation Agreement Protocol (GRAAP-WG) Job Submission Description Language (JSDL-WG) Grid scheduling Architecture (GSA-RG) OGSA Basic Execution Services (OGSA-BES-WG)
Architecture Area Director Andrew Grimshaw Open Grid Services Architecture (OGSA-WG) Grid Protocol Architecture (GPA-RG) OGSA Naming (OGSA-Naming-WG)
Applications Area Director Dennis Gannon Grid Remote Procedure Call (GridRPC-WG) Grid Information Retrieval (GIR-WG) Distributed Resource Management Application API (DRMAA-WG) Simple API for Grid Applications (SAGA-RG) Grid Checkpoint Recovery (GridCPR-WG)
5
Standards Function Groups
Management Area Directors Hiro Kishimoto and John Tollefsrud Application Contents Service (ACS-WG) Configuration Description, Deployment, and Lifecycle Management (CDDLM-WG) Grid Economic Services Architecture (GESA-WG) OGSA Resource Usage Service (RUS-WG) Usage Record (UR-WG)
Security Area Directors Olle Mulmo and Dane Skow Open Grid Service Architecture Authorization (OGSA AUTHZ-WG) OGSA-P2P-Security (OGSAP2P-RG) Firewall Issues (FI-RG) Trusted Computing (TC-RG)
Liaison Area Director Hiro Kishimoto Standards development organizations Collaboration on networked Resources Management Working Group (SCRM-WG)
6
Research ApplicationsArea Director Satoshi Matsuoka Application Developers and Users (APPS-RG) Astronomy Applications (Astro-RG) Humanities, Arts, and Social Science (HASS-RG) Life Sciences Grid (LSG-RG) Particle and Nuclear Physics Applications (PNPA-RG) Preservation Environments(PE-RG)
Industry ApplicationsArea Director Craig Lee Enterprise Grids Requirements (EGR-RG) Telecomm Community Group (Telco-CG)
Grid OperationsArea Director Ken Klingenstein CA Ops (CAOPs-WG) Production Grid Services (PGS-RG)
Technology InnovatorsArea Director David DeRoure Advanced Collaborative Environments (ACE-RG) Appliance Aggregation (APPAGG-RG) Grid Computing Environments (GCE-RG) User Program Development Tools for the Grid (UPDT-RG) Semantic Grid (SEM-RG) Workflow Management (WFM-RG)
Community AffairsArea Director Geoffrey Fox GGF Process-WG Grid Benchmarking (GB-RG)
Major Grid ProjectsArea Directors Charlie Catlett andAlan Blatecky  
Community Function Groups
7
What do Grids do?

• Security
• Secure connections
• Authorization control
• Delegation
• Virtual Organizations
• Shared goals
• Authorization Sharing
• Resource Sharing
• Data
• Transport
• Virtualization
• Federation
• Replica Management
• Streaming Data

• Execution
• Jobs
• Services
• Scheduling
• Service Composition
• Workflow
• Subcontracting
• Discovery
• Services
• Data Sets
• Resources
• Registration

Science today is a Team Sport
Dave Snelling (Fujitsu)
8
Activities closely aligned to AgentLink work

• Semantic Grids
• Specification of service ontology
• Specification of application specific ontologies
• Grid Resource Allocation Agreement Protocol
  (GRAAP)
• Description of Service Level Agreements and
  Service Level Indicators
• Trusted Computing

9
Open Grid Services Architecture Evolution
informational
Anatomy of the Grid
OGSA V1.0
OGSA Profile
Normative
OGSA Glossary
Basic Execution Service
Naming
JSDL
Physiology of the Grid
Open Grid Services Infrastructure
Web Services Resource Framework
Web Services Notification
Dave Snelling (Fujitsu)
10
OGSA Specifications Landscape
SYSTEMS MANAGEMENT
UTILITY COMPUTING
GRID COMPUTING
Use Cases Applications
Distributed query processing
Data Centre
ASP
Collaboration
Multi Media
Persistent Archive
VO Management
OGSA-EMS
OGSA Self Mgmt
WS-DAI
WSDM
Discovery
Information
Naming
GGF-UR
Data Model
Core Services
Privacy
Others ...
Trust
Notification
Service Groups
WS-I BP
WSRF-RAP
WS-Security
SAML/XACML
X.509
Basic Profile
WS-Addressing
HTTP(S)/SOAP
WSDL
WSRF-RL
WSRF-RP
Dave Snelling (Fujitsu)
11
WSRF Stateful Resource

• A Resource
• A specific set of state data expressible as an
  XML document
• This is not typically all of the resources
  state!
• Has a well-defined identity and lifecycle
• Known to, and acted upon, by one or more Web
  services.
• Many Possible Instances
• Files, Database tables, EJB Entities, XML
  documents, Compositions of multiple data sources,
  Virtualized executions of applications, etc.
• A WS-Resource has
• Identity Can be uniquely identified/referenced
• Lifetime Often created destroyed by clients
• State Part of the state can be projected as XML
• Type Its Web service interface

Dave Snelling (Fujitsu)
12
WSRF Resource Access
Endpoint Reference
Run-time environment
id
resource
message
Interface
Web Service
message
address
id
Dave Snelling (Fujitsu)
13
WSRF Multiple Resources
Endpoint Reference
Endpoint Reference
Run-time environment
id
resource
message
Interface
Web Service
message
address
id
resource
Dave Snelling (Fujitsu)
14
WSRF Factory Pattern
Endpoint Reference
Run-time environment
Endpoint Reference
resource
message
Interface
Web Service
message
address
Dave Snelling (Fujitsu)
15
Configuration Description, Deployment, and
Lifecycle Management (CDDLM)

• Uses
• CDL for declarative descriptions of system
  configuration
• Based on a CDDLM Component Model
• CDL
• Based on SmartFrog from HP (attribute,value)
  pairs, supports inheritance

Component Model Based on a deployment object
manages lifecycle of a deployed resource Each
deployment object defined using CDL, and mapped
to its implementation Deployment object
WSRF-compliant EPR CDDLM Deployment API supports
interaction with object
Basic Execution Service (OGSA) may make requests
to CDDLM for deployment
16
ltcdlcdl targetNamespace"http//cddlm.org/webserv
er/apache" xmlns"http//cddlm.org/webser
ver/apache" xmlnstns"http//cddlm.org/w
ebserver/apache" xmlnscdl"http//ggf.or
g/cddlm-wg/xmlcdl/1.0"
xmlnsbase"http//cddlm.org/webserver/generic"gt lt
cdlimport namespace"http//cddlm.org/webserver/g
eneric" location"http//cddlm.org/web
server/generic.cddlm" /gt ltcdltypes ...
/gt ltcdlconfigurationgt ltTomcat cdlname"tomcat"
cdlextends"basewebserver"gt
ltportgt8080lt/portgt lttomcatOpts /gt lt/Tomcatgt
ltSoapEndpoint cdlname"soapendpoint"gt ltname
/gt ltnamespace /gt lt/SoapEndpointgt ltApacheAxis
cdlname"apacheaxis" cdlextends"basewebapplic
ation"gt lthostname /gt ltport /gt
ltwsddDescriptor /gt ltpathgt/axislt/pathgt
ltlivenessPagegthappyaxis.jsplt/livenessPagegt
ltAxisAdmin cdlextends"tnssoapendpoint"gt
ltnamegtadminlt/namegt ltnamespacegthttp//ws.apach
e.org/axis/adminlt/namespacegt lt/AxisAdmingt
ltendpoints /gt lt/ApacheAxisgt lt/cdlconfigurationgt
lt/cdlcdlgt
17
Distributed Deployment

• Binary Components
• Environment variables
• Dynamic linking/loading
• Source Code
• Environment variables
• Distributed build tools
• Extract dependencies
• Download libraries

18
Aspects of Grid Security

• Restrict access to resources or service state
• Related to the formation and management of
  Virtual Organisations
• VO Resources and users are often located in
  distinct administrative domains
• Cant assume cross-organizational trust
  agreements
• Different mechanisms credentials
• Interactions are not just client/server, but
  service-to-service on behalf of the user
• Requires delegation of rights by user to service
• Services may be dynamically instantiated

slide based on presentation given by Carl
Kesselman at GGF Summer School 2004
19
The Trust Model
slide based on presentation given by Carl
Kesselman at GGF Summer School 2004
20
Delegation (a key aspect of VO)
Delegation The act of giving an organisation,
person or service the right to act on your
behalf.

• A Site delegates responsibility for the users
  that may access its resources to the
  managers/management system.
• An organisation delegates its rights to a user.
• A user delegates their authentication to a
  service to allow programs to run on remote sites.

21
Use Delegation toEstablish Dynamic Distributed
System
slide based on presentation given by Carl
Kesselman at GGF Summer School 2004
22
with arbitrary mechanisms
ComputeCenter
X.509/SSL
Kerberos/ WS-Security
Rights
VO
ComputeCenter
SAML Attribute
slide based on presentation given by Carl
Kesselman at GGF Summer School 2004
23
A Working Definition of Trust
Brian Matthews, TrustCom
Trust of a party A to a party B for a service X
is the measurable belief of A in that B behaves
dependably for a specified period within a
specified context (in relation to service X)
Dependability is deliberately understood broadly
to include security, safety, reliability,
timeliness, maintainability
24
POLICY ONTOLOGY TRUST ISSUES
Policy applied to Contract Negotiation Service Access Negotiation Namespaces SLA Validation Trust Relationship (Risk Assessment) Reputation and Trust Service type provider
25
Trust LifeCycle
Brian Matthews, TrustCom
Policy Spec
Feedback Reasoning
Reputation Repository
26
Policy Issues

• Requirements (Declarative Policy)
• User
• Service
• Reputation Repository
• Grouping/Aggregating (Reasoning)
• Ontology Definition
• Consistency Check (does not invalidate old info)
• Contract Formation based on this
• By checking Reputation Repository
• Relationship between Policy ?? SLA (Contract)
• Penalty in case of violation
• Support for Reasoning and Policy Evaluation

27
Standards

• WS-Agreement
• Significant potential of involvement from the
  agents community
• Electronic contracts/negotiation
• Grid Policy
• Use of trust models from agents community
• Automated Deployment
• Tuning deployment scripts
• Semantic Grids
• Ontologies for Policy Description
• Ontologies for services