Holding slide prior to starting show

1
Holding slide prior to starting show
2
COllaborative VIrtual TEams (COVITE) Project- P.
Burnap, L. Joita, J.S. Pahwa -
3
Overview

• Project Concept
• Collaborative Support Considerations
• The Product Supplier Catalogue Database (PSCD)
• Security Management
• User Collaboration Management
• Data Management
• Conclusions and further work

4
Project Concept

• AEC (Architecture/ Engineering/ Construction)
  industry projects involve many individuals and
  companies forming a consortium for the duration
  of a project
• Consortia members are geographically dispersed
• Product/Service Manufacturers and Suppliers
  databases (if existent!) are heterogeneous
• Product/Service Manufacturers product
  information is plentiful and the majority is
  unstructured and unreachable
• Solution? A universal product supplier
  catalogue in the form of a database

5
Collaborative Support Consideration

• Collaboration occurs between
• Product Suppliers and Contractors for procurement
  of supplies
• Product Specification Designers for defining and
  building industry standards to describe available
  products
• Members of the Consortium working on a particular
  construction project which require information on
  the products

6
The PSCD

• The PSCD application Grid-enabled data
  management tool that provides the data structure
  for storing information across a number of
  product suppliers database.
• The PSCD Functional Modules
• Security Management
• User Collaboration Management
• Data Management

7
The PSCD
Product Class Supplier Databases
Specification Designers
Specification creation and management keep
Suppliers up to date
.NET Web Services
Multiple Database Search Service (MDSS)
Cluster of GRID computers
Master Grid Service (MGS)
PSCD Application
Poll and connect to relevant databases at runtime
.NET Web Services
GRID Services
Users/User Groups
Supplier Databases managed by suppliers
COVITE
activeplan Cardiff University
8
The PSCD

• Software tools used
• Apache Tomcat web server, Axis, Ant
• Microsoft IIS web server
• GT3.0.2 core
• Java CoG 1.1a
• Servlet, ASP, JSP, VBScript, C

9
Security Management

• Security considerations
• Authentication
• Authorization
• Confidentiality
• Integrity
• Security Management defines a security framework
  for the PSCD application using the Globus
  Security Infrastructure (GSI).

10
Grid Security Infrastructure (GSI)

• GSI uses the Public Key Infrastructure (PKI),
  X.509 certificates and Secure Socket Layer (SSL)
• X.509 certificates provide users with a unique
  global identification
• Authorization to access a resource is controlled
  by a mapping between the users distinguished
  name and a local Unix/Linux ID via a grid-mapfile

11
Grid Security Infrastructure (GSI)

• X.509 Certificate
• subject CUK,OeScience,OUCardiff,LWeSC,CN
  liviu joita
• issuer CUK,OeScience,OUAuthority,CNCA,E
  ca-operator_at_grid-support.ac.uk
• start date Tue Nov 12 153351 GMT 2002
• end date Wed Nov 12 153351 GMT 2003
• Distinguished Name
• CNliviu joita,LWeSC,OUCardiff,OeScience,CUK
• Main advantages of using GSI
• Single sign-on
• Users do not have username/passwords, instead
  they have public/private key pairs and identity
  certificates

12
Security Architecture

• First, a user has to have a valid proxy
  certificate. The user submits his proxy
  certificate to the Tomcat Authentication Server
  (AS) via a web interface using JSP - servlet
  interface.
• Tomcat AS authenticates the certificate and
  obtains the local user name for the PSCD
  application from the grid-mapfile.
• Tomcat AS passes the local user name to the IIS
  server that runs the PSCD system (which is a .NET
  web application environment). IIS then matches
  the username to its local DB and creates a
  session for that user.
• User preferences are applied to the index page
  of the PSCD system and the user is presented with
  the home page of the application.

The PSCD Authentication Architecture using a
valid proxy certificate
13
Security Architecture
PSCD Application

• First, a user has to have a valid proxy
  certificate on the MyProxy Server machine.
• The user submits his username/password pair
  credentials to the Tomcat Authentication Server
  (AS) via a web interface using JSP - servlet
  interface.
• Tomcat AS uses the username/password pair to
  authenticate and authorize the user against his
  proxy certificate from MyProxy server
• Tomcat AS authenticates the proxy certificate
  upload from MyProxy server and obtains the local
  username for the PSCD application from the
  Grid-map file.
• Tomcat AS passes the local user name to the IIS
  server that runs the PSCD system (which is a .NET
  web application environment). IIS then matches
  the user name to its local DB and creates a
  session for that user.
• User preferences are applied to the index page
  of the PSCD system and the user is presented with
  the home page of the application.

The PSCD Authentication Architecture using
username/password credentials
14
Security Management

• Demonstration
• http//131.251.42.378080/CovitePortal

15
Communication

• Human-Computer Interaction
• Product Class Creation
• Product Class Subscription
• Product Searching
• Procurement
• Project Design
• Project Virtual Meetings

Current Work
16
The Product Class and its various specification
types
Product Class
Sub Product Class Specification
Specification Group
Specification
Table Specification
Specification
List of Column Specifications where each column
specification has list of values relative to
other column specification values.
Value
Table Spec
List Specification
Sub-Specification Group
Product Class Specification
Demonstration
17
Product Class Versioning

• New products emerge
• Existing products evolve and are assigned more
  attributes
• New versions created and assigned
• Product suppliers notified
• New classes downloaded

18
Product Class Subscription
Demonstration
Resulting File
19
The Product Class and its various specification
types
Product Class
Sub Product Class Specification
Specification Group ID
Specification
Table Specification
Specification
List of Column Specifications where each column
specification has list of values relative to
other column specification values.
Value
Table Spec
List Specification
Sub-Specification Group ID
Product Class Specification
20
Recursive Algorithm

• doSearch (classID) // Returns class details, spec
  objects, tables, lists and groups
• dataSet.Merge (classDetails)
• Foreach (groupID in classDetails) // Same method
  used for class retrieval
• findChildren (groupID) // Returns all details of
  spec groups inc. children IDs
• dataSet.Merge (children)
• getChildren (childrenIDs) // RECURSIVE METHOD
• Do
• getChildren (childrenIDs) // Searches for spec
  groups by parents ID
• dataSet.Merge(children)
• While (children ! null) // While there are still
  children under the parent IDs
• dataSet.WriteXml("C/Inetpub/sql2000/classDetails.
  xml")

21
XML Parsing

• Product supplier receives XML dataset file
• .NET System.Xml namespace used to parse the file
  and pulls out each element of the product class
  by locating nodes and values
• Traverses the document sequentially without
  caching data in memory
• .NET XmlReader classes use a Pull model as
  opposed to SAXs Push
• New product class details populated to PSCD

22
Data Management

• Information held by large number of data sources
  in a Wide Area Network.
• Access to such information held by large number
  of organisations.
• Information processing with aid of independent
  mechanisms, and
• Sharing of information with those who need it.

23

• The Approach
• Does a data source really need to be Grid
  Enabled to provide data access support to the
  Grid Environment?
• - may be not.
• Instead, why not just Grid enable the data access
  process?
• - grid enabled data sources and grid
  enabled data access are two
  different things.

24
The MDSS

• Multiple Database Search Service.
• A database centric Grid service for accessing and
  processing information from large number of data
  sources.
• Searches supplier data sources based on a search
  criteria.
• Built using Globus Toolkit 3.0.2 (Core).

25
The Search

• What to search?
• - a search criteria submitted by the
  user.
• Where to search?
• - data sources that match users
  request.
• What are the available resources to propagate the
  search?
• - the available Database Search Services
  in the MDSS

26
The Objective

• Searching autonomously managed data sources
  external to the Grid Environment.
• Processing, analysing and sharing information in
  real time.
• Collaborative working.
• Collation of searched datasets.
• Optimisation of data access operations.
• Web Services support throughout.
• Use of single proxy.

27
The Architecture

• Two major components
• Master Grid Service identify resources
  available, register new resources, job
  allocation, data parsing and data aggregation.
• Database Search Service data search, data
  aggregation, data parsing, collaborative working
  etc.

28
MDSS Architecture
29
Design Features

• Ability to register new data sources.
• Ability to enhance MDSS capability by adding more
  machines in the Grid cluster.
• Supplier databases free of Grid Complexities.
• Ability to identify data sources to be searched
  in real time.
• Distribute search equally among available GSHs.
• New instance of Database Search Service for each
  operation.

30
Master Grid Service Modules
31
Search Criteria

• Where to Search?
• ltNewDataSetgt
• ltSuppliergt
• ltIDSuppliergt1lt/IDSuppliergt
• ltSupplierWSgthttp//131.251.42.40/test/
  categories.asmxlt/SupplierWSgt
• lt/Suppliergt
• lt/NewDataSetgt
• Available GSHs
• ltNewDataSetgt
• ltGridServiceHandlegt
• ltIDGshgt1lt/IDGshgt
• ltGSHgthttp//131.251.42.408080/ogsa/ser
  vices/DatabaseSearchServicelt/GSHgt
• lt/GridServiceHandlegt
• ltGridServiceHandlegt
• ltIDGshgt2lt/IDGshgt
• ltGSHgthttp//131.251.47.11018080/ogsa/serv
  ices/DatabaseSearchServicelt/GSHgt
• lt/GridServiceHandlegt

32
Demonstration

• Submit search Job to Master Grid Service.
• Master Grid Service distributes the search across
  4 Database Search Services registered with the
  MDSS.
• The Database Search Services collaborate to
  retrieve information from 150 data sources.
• http//131.251.42.40/test/GridServiceTest.aspx

33
Issues

• Identification of Grid resources capability.
• Complicated procedure of setting up grid
  services.
• Unpredictable results when creating port types.
• Scalability large number of simultaneous
  operations.
• Lack of documentation.

34
Conclusions Further Work

• Web Service Security Framework.
• Peer Review System.
• Multiple instances of Master Grid Services.
• Data Streaming.
• Data Caching.
• Memory Resident databases.
• Integration of MDSS and the PCD System with
  Security Service.

35
(No Transcript)