Distributed Object-Based Systems Chapter 9 Overview of CORBA The - - PowerPoint PPT Presentation

Distributed Object-Based Systems

Chapter 9

Overview of CORBA

The global architecture of CORBA.

Object Model

The general organization of a CORBA system.

Corba Services

Overview of CORBA services.

Provides the current time within specified error margins Time Mechanisms for secure channels, authorization, and auditing Security Facilities for expressing relationships between objects Relationship Facilities for persistently storing objects Persistence Facilities to publish and find the services on object has to offer Trading Facilities for associating (attribute, value) pairs with objects Property Facilities for systemwide name of objects Naming Facilities for attaching a license to an object Licensing Facilities for creation, deletion, copying, and moving of objects Life cycle Facilities for marshaling and unmarshaling of objects Externalization Advanced facilities for event-based asynchronous communication Notification Facilities for asynchronous communication through events Event Flat and nested transactions on method calls over multiple objects Transaction Facilities to allow concurrent access to shared objects Concurrency Facilities for querying collections of objects in a declarative manner Query Facilities for grouping objects into lists, queue, sets, etc. Collection Description Service

Object Invocation Models

Invocation models supported in CORBA.

Caller continues immediately and can later block until response is delivered At-most-once Deferred synchronous Caller continues immediately without waiting for any response from the server Best effort delivery One-way Caller blocks until a response is returned or an exception is raised At-most-once Synchronous Description Failure semantics Request type

Event and Notification Services (1)

The logical organization of suppliers and consumers

• f events, following the push-style model.

Event and Notification Services (2)

The pull-style model for event delivery in CORBA.

Messaging (1)

CORBA's callback model for asynchronous method invocation.

Messaging (2)

CORBA'S polling model for asynchronous method invocation.

Interoperability

GIOP message types.

Part (fragment) of a larger message Both Fragment Contains information on an error Both MessageError Indication that connection will be closed Both CloseConnection Indicates client no longer expects a reply Client CancelRequest Contains location information on an object Server LocateReply Contains a request on the exact location of an object Client LocateRequest Contains the response to an invocation Server Reply Contains an invocation request Client Request Description Originator Message type

Clients

Logical placement of interceptors in CORBA.

Portable Object Adaptor (1)

Mapping of CORBA object identifiers to servants. a) The POA supports multiple servants. b) The POA supports a single servant.

Portable Object Adaptor (2)

Changing a C++ object into a CORBA object.

My_servant *my_object; // Declare a reference to a C++ object CORBA::Objectid_var oid; // Declare a CORBA identifier my_object = new MyServant; // Create a new C++ object

• id = poa ->activate_object (my_object);

// Register C++ object as CORBA OBJECT

Agents

CORBA's overall model of agents, agent systems, and regions.

Object References (1)

The organization of an IOR with specific information for IIOP.

Object References (2)

Indirect binding in CORBA.

Caching and Replication

The (simplified) organization of a DCS.

Object Groups

A possible organization of an IOGR for an object group having a primary and backups.

An Example Architecture

An example architecture of a fault-tolerant CORBA system.

Security (1)

The general organization for secure object invocation in CORBA.

Security (2)

The role of security interceptors in CORBA.

Overview of DCOM

The general organization of ActiveX, OLE, and COM.

Object Model

The difference between language-defined and binary interfaces.

Tape Library and Registry

The overall architecture of DCOM.

DCOM Services

Overview of DCOM services in comparison to CORBA services.

None None Time SSL, Kerberos Authorization Security Database access None Relationship Database access Structured storage Persistence Active Directory None Trading Active Directory None Property Active Directory Monikers Naming

• Special class factories

Licensing

• Class factories, JIT activation

Life cycle

• Marshaling utilities

Externalization

• COM+ Events

Notification

• COM+ Events

Event Distributed Transaction Coordinator COM+ Automatic Transactions Transaction

• Thread concurrency

Concurrency

• None

Query

• ActiveX Data Objects

Collection Windows 2000 Service DCOM/COM+ Service CORBA Service

Events

Event processing in DCOM.

Clients

Passing an object reference in DCOM with custom marshaling.

Monikers (1)

Binding to a DCOM object by means of file moniker.

Returns interface pointer of object to client Moniker 7 Loads its state from file Object 6 Instructs object to load previously stored state Moniker 5 Creates object and returns interface pointer to moniker Class object 4 Loads class object SCM 3 Looks up associated CLSID and instructs SCM to create object Moniker 2 Calls BindMoniker at moniker Client 1 Description Performer Step

Monikers (2)

DCOM-defined moniker types.

Reference to an object in a remote process Pointer moniker Reference to a moniker in a composition Item moniker Reference to a composition of monikers Composite moniker Reference to a class object Class moniker Reference to an object constructed from a URL URL moniker Reference to an object constructed from a file File moniker Description Moniker type

Active Directory

The general organization of Active Directory.

Fault Tolerance

Transaction attribute values for DCOM objects.

Never join a transaction, even if told to do so DISABLED Never join a transaction NOT_SUPPORTED Join a transaction only if caller is already part of one SUPPORTED A new transaction is started if not already done so REQUIRED A new transaction is always started at each invocation REQUIRES_NEW Description Attribute value

Declarative Security (1)

Authentication levels in DCOM.

Authenticate, integrity-check, and encrypt data packets PACKET_PRIVACY Authenticate data packets and do integrity check PACKET_INTEGRITY Authenticate all data packets PACKET Authenticate client at each invocation CALL Authenticate client when first connected to server CONNECT No authentication is required NONE Description Authentication level

Declarative Security (2)

Impersonation levels in DCOM.

The server can invoke remote objects on behalf of the client DELEGATE The server can invoke local objects on behalf of the client IMPERSONATE The server knows the client and can do access control checks IDENTIFY The client is completely anonymous to the server ANONYMOUS Description Impersonation level

Programmatic Security

a) Default authentication services supported in DCOM. b) Default authorization services supported in DCOM.

(b) Authorization using DEC Privilege Attribute Certificates (PACs) DCE Authorization based on the client's identity NAME No authorization NONE Description Service (a) Kerberos authentication GSS_KERBEROS Windows NT security WINNT DEC authentication based on public keys DCE_PUBLIC DCE authentication based on shared keys DCE_PRIVATE No authentication NONE Description Service

Globe Object Model (1)

The organization of a Globe distributed shared object.

Globe Object Model (2)

The general organization

• f a local object for

distributed shared

• bjects in Globe.

Globe Object Model (3)

Interfaces implemented by the semantics subobject of a GlobeDoc object.

Replace the content of an entire document PutAllContent Replace the content of an element with a given array of bytes PutContent Return the content of an element as an array of bytes GetCotent Description Method Content Interface Return a reference to the root element GetRoot Set the root element SetRoot Return a list of the elements currently in the document AllElements Remove an element from the Web document DeleteElement Add an element to the current set of elements AddElement Description Method Document Interface

Globe Object Model (4)

Interfaces implemented by the semantics subobject of a GlobeDoc Object.

Get a list of elements that are currently checked out GetCheckedElements Check in a series of modified elements CheckInElements Check out a series of elements that require modification CheckOutElements Description Method Lock Interface Provide a list of (attribute, value)-pairs for an element SetProperties Return the list of (attribute, value)-pairs of an element GetProperties Description Method Property Interface

Process-to-Object Binding

Binding a process to an object in Globe.

Globe Services

Overview of possible Globe implementations of typical distributes-systems services.

Yes Implemented per object combined with fault-tolerant services Fault tolerance Yes Implemented on a per-object basis Replication Yes Implemented per object, combined with (local) security services Security Yes Implemented on a per-object basis Persistence No Separate service, implemented by a collection of directory objects Property/Trading Yes Separate service, implemented by a collection of naming objects Naming No Implemented by each object separately Licensing Yes Separate class objects combined with per-object implementations Life cycle Yes Each object implements its own marshaling routines Externalization No Separate object per group of events (as in DCOM) Event/Notification No Separate object representing a transaction manager Transaction No Each object implements its own concurrency control strategy Concurrency No Separate object that holds references to other objects Collection Available Possible Implementation in Globe Service

Communication

Invoking an object in Globe that uses active replication.

Globe Server

Operations on a Globe object server.

Get the status of a specific local object StatLR Returns a list of all local objects for a given objects ListDSO Returns a list of all local objects ListAll Lets the server remove all local objects of a given object UnbindDSO Lets the server remove a local object of a given object RemoveLR Lets the server create a local object for a new distributed object CreateLR Lets the server bind to an object, even if it is already bound AddBinding Lets the server bind to a given object, unless it is already bound Bind Description Method

Object References and Contact Addresses (1)

The representation of a protocol layer in a stacked contact address.

Reference to a file in a class repository Implementation handle A protocol-specific address Protocol address A constant representing a (known) protocol Protocol identifier Description Field

Object References and Contact Addresses (2)

The representation of an instance contact address.

String that is used to initialize an implementation Initialization string Reference to a file in a class repository Implementation handle Description Field

Globe Naming Service

Iterative DNS-based name resolution in Globe.

Replication (1)

The interface of the replication subobject as made available to the control subobject.

Indicate that the invocation on the semantics object has completed Invoked Pass the marshaled invocation request to the replication subobject Send Indicate that a new method invocation has been locally requested Start Description Method

Replication (2)

The behavior of the control subobject as a finite state machine.

Examples of Replication in Globe (1)

State transitions and actions for active replication.

Next state Method call Action to take State START None Return results to caller RETURN RETURN Invoked invoke local method INVOKE INVOKE Send Pass marshaled invocations SEND SEND Start None START Modify method START None Return results to caller RETURN RETURN Invoked Invoke local method INVOKE INVOKE Start None START Next state Method call Action to take State Read method

Examples of Replication in Globe (2)

State transitions and actions with primary-backup replication.

START None Return results to caller RETURN RETURN Invoked invoke local method INVOKE Next state Method call Action to take State INVOKE Start none START Modify method at primary replica Next state Method call Action to take State START None Return results to caller RETURN RETURN Send Pass marshaled invocation SEND SEND Start None START Modify method at backup replica START None Return results to caller RETURN RETURN Invoked Invoke local method INVOKE INVOKE Start None START Next state Method call Action to take State Read method

Security (1)

The position of a security subobject in a Globe local object.

Security (2)

Using Kerberos to establish secure distributed shared

• bjects.

Summary (1)

Comparison of CORBA, DCOM, and Globe.

No No yes Trading service No Yes Yes Directory service Object dependent Hard-coded Flexible (POA) Object server No Yes Yes Messaging No Yes Yes Events No Yes Yes Callbacks No Yes Yes

• Async. communication

Yes Yes Yes

• Sync. communication

Binary Binary IDL based Interfaces Few From environment Many of its own Services Distributed objects Remote objects Remote objects Object model Scalability Functionality Interoperability Design goals Globe DCOM CORBA Issue

Continued …

Summary (2)

Comparison of CORBA, DCOM, and Globe.

Globe DCOM CORBA Issue More work needed Various mechanisms Various mechanisms Security No By transactions Yes Recovery support By replication By transactions By replication Fault tolerance No Yes Yes Transactions Separate subobject None Separate server Replication support Only intra-object Transactions Transactions Synchronization True identifier Interface pointer Object's location Object reference Yes No No Location service Yes Yes Yes Naming service