service oriented science scaling escience impact
play

Service-Oriented Science: Scaling eScience Impact Ian Foster - PowerPoint PPT Presentation

Oct 29, 2022 •41 likes •451 views

Service-Oriented Science: Scaling eScience Impact Ian Foster Computation Institute Argonne National Lab & University of Chicago Acknowledgements Carl Kesselman, with whom I developed many ideas (& slides) Bill Allcock, Charlie

  1. Service-Oriented Science: Scaling eScience Impact Ian Foster Computation Institute Argonne National Lab & University of Chicago

  2. Acknowledgements � Carl Kesselman, with whom I developed many ideas (& slides) � Bill Allcock, Charlie Catlett, Kate Keahey, Jennifer Schopf, Frank Siebenlist, Mike Wilde @ ANL/ UC � Ann Chervenak, Ewa Deelman, Laura Pearlman @ USC/ ISI � Karl Czajkowski, Steve Tuecke @ Univa � Numerous other fine colleagues in NESC, EGEE, OSG, TeraGrid, etc. � NSF & DOE for research support 2

  3. Context: System-Level Science Problems too large &/ or complex to tackle alone … 3

  4. Two Perspectives on System-Level Science � System-level problems require integration � Of expertise � Of data sources (“data deluge”) � Of component models � Of experimental modalities � Of computing systems � Internet enables decom position � “When the network is as fast as the computer's internal links, the machine disintegrates across the net into a set of special purpose appliances” (George Gilder) 4

  5. Integration & Decomposition: A Two-Dimensional Problem Function Resource � Decom pose across network Users Discovery tools Clients integrate dynamically Analysis tools � Select & compose services Data Archives � Select “best of breed” providers � Publish result as new services � Decouple resource & service providers Fig: S. G. Djorgovski 5

  6. A Unifying Concept: The Grid “ Resource sharing & coordinated problem solving in dynamic, multi- institutional virtual organizations” Enable integration of distributed resources 1. Using general-purpose protocols & infrastructure 2. To deliver required quality of service 3. “The Anatomy of the Grid”, Foster, Kesselman, Tuecke, 2001 6

  7. System-Level Decomposition Problem Implementation Facilities U. Colorado UIUC Computers Experimental Experimental Storage Model Model Networks COORD. COORD. Services NCSA Software People Computational Model Grid technology

  8. Service-Oriented Systems: Applications vs. Infrastructure Users Composition � Service-oriented applications � Wrap applications as Workflows services Invocation � Compose applications into workflows Appln Appln Service Service � Service-oriented Grid Provisioning infrastructure � Provision physical resources to support application workloads “The Many Faces of IT as Service”, ACM Queue, Foster, Tuecke, 2005 8

  9. Scaling eScience: Forming & Operating Communities � Define membership & roles; enforce laws & community standards � I.e., policy for service-oriented architecture � Addressing dynamic membership & policy � Build, buy, operate, & share infrastructure � Decouple consumer & provider � For data, programs, services, computing, storage, instruments � Address dynamics of community demand 9

  10. Defining Community: Membership and Laws � Identify VO participants and roles � For people and services � Specify and control actions of members � Empower members � delegation Effective � Enforce restrictions � federate policy Access A B 1 1 Access Policy of site 10 10 granted by to community community to user Site 1 A B admission- control policies 1 2 1 2 16 10

  11. Evolution of Grid Security & Policy 1) Grid security infrastructure � Public key authentication & delegation � Access control lists (“gridmap” files) � Limited set of policies can be expressed 2) Utilities to simplify operational use, e.g. � MyProxy: online credential repository � VOMS, ACL/ gridmap management � Broader set of policies, but still ad-hoc 3) General, standards-based framework for authorization & attribute management 11

  12. Core Security Mechanisms � Attribute Assertions � C asserts that S has attribute A with value V � Authentication and digital signature � Allows signer to assert attributes � Delegation � C asserts that S can perform O on behalf of C � Attribute mapping � { A1, A2… An} vo1 � { A’1, A’2… A’m} vo2 � Policy � Entity with attributes A asserted by C may perform operation O on resource R 12

  13. Security Services for VO Policy � Attribute Authority ( ATA ) � Issue signed attribute assertions (incl. identity, delegation & mapping) � Authorization Authority ( AZA ) � Decisions based on assertions & policy VO VO User A AZA VO ATA VO VO A User B Service 13

  14. Security Services for VO Policy � Attribute Authority ( ATA ) � Issue signed attribute assertions (incl. identity, delegation & mapping) � Authorization Authority ( AZA ) � Decisions based on assertions & policy VO Delegation Assertion VO Resource Admin User B can use Service A Attribute User A AZA VO ATA VO VO A User B Service 14

  15. Security Services for VO Policy � Attribute Authority ( ATA ) � Issue signed attribute assertions (incl. identity, delegation & mapping) � Authorization Authority ( AZA ) � Decisions based on assertions & policy VO Delegation Assertion VO Resource Admin User B can use Service A Attribute User A AZA VO VO Member Attribute ATA VO Member VO VO A User B Attribute Service 15

  16. Security Services for VO Policy � Attribute Authority ( ATA ) � Issue signed attribute assertions (incl. identity, delegation & mapping) � Authorization Authority ( AZA ) � Decisions based on assertions & policy VO Delegation Assertion VO Resource Admin User B can use Service A Attribute User A AZA VO VO-A Attr � Mapping VO Member Attribute ATA VO-B Attr ATA VO Member VO VO A VO B User B Attribute Service Service 16

  17. Closing the Loop: GT4 Security Toolkit Authz Callout: SSL/ WS-Security SAML, XACML with Proxy Services (running Certificates on user’s behalf) Access Rights Compute CAS or VOMS Center issuing SAML or X.509 ACs Users Rights Local policy MyProxy on VO identity VO or attribute Rights’ authority KCA Shib 17

  18. Security Needn’t Be Hard: Earth System Grid PURSE User Registration � Purpose � Access to large data � Policies � Per-collection control � Different user classes � Implementation (GT) Optional � Portal-based User review Registration Service � PKI, SAML assertions See also: � Experience GAMA (SDSC), Dorian (OSU) � > 2000 users www.earthsystemgrid.org � > 100 TB downloaded 18

  19. Scaling eScience: Forming & Operating Communities � Define membership & roles; enforce laws & community standards � I.e., policy for service-oriented architecture � Addressing dynamics of membership & policy � Build, buy, operate, & share infrastructure � Decouple consum er & provider � For data, program s, services, com puting, storage, instrum ents � Address dynam ics of com m unity dem and 19

  20. Bootstrapping a VO by Assembling Services 1) Integrate services from other sources � Virtualize external services as VO services Community Content Services Services Provider Capacity Capacity Provider 2) Coordinate & compose � Create new services from existing ones “Service-Oriented Science”, Science , 2005 20

  21. Providing VO Services: (1) Integration from Other Sources � Negotiate service level agreements Community Community … A Z � Delegate and deploy capabilities/ services � Provision to deliver defined capability � Configure environment � Host layered functions 21

  22. Virtualizing Existing Services into a VO � Establish service agreement with service � E.g., WS-Agreement � Delegate use to VO user User User B VO User A VO Admin Existing Services 22

  23. Deploying New Services Policy Allocate/provision Configure Activity Client Initiate activity Monitor activity Control activity Environment Interface Resource provider WSRF (or WS-Transfer/ WS-Man, etc.), Globus GRAM, Virtual Workspaces 23

  24. Available in High-Quality Open Source Software … Globus Toolkit v4 Data w w w .globus.org Replication Grid Credential Replica Telecontrol Mgmt Location Protocol Community Python Data Access Delegation Scheduling WebMDS & Integration Runtime Framework Reliable Workspace C Community File Trigger Authorization Management Runtime Transfer Grid Resource Java Authentication GridFTP Index Allocation & Authorization Runtime Management Data Execution I nfo Com m on Security Mgm t Mgm t Services Runtim e 24 Globus Toolkit Version 4: Software for Service-Oriented Systems, LNCS 3779, 2-13, 2005

  25. http: / / dev.globus.org Guidelines (Apache) Infrastructure (CVS, email, bugzilla, Wiki) Projects Include … 25

  26. Virtual Workspaces (Kate Keahey et al.) � GT4 service for the creation, monitoring, & management of virtual w orkspaces � High-level workspace description � Web Services interfaces for monitoring & managing � Multiple implementations � Dynamic accounts � Xen virtual machines � (VMware virtual machines) � Virtual clusters as a higher-level construct 26

  27. How do Grids and VMs Play Together? request create new VM image VM Factory VM EPR Create use existing VM image VM image Client inspect & manage VM Repository Resource deploy, suspend VM VM Manager start program 27

  28. Virtual OSG Clusters OSG OSG cluster Xen hypervisors “Virtual Clusters for Grid Communities,” TeraGrid cluster Zhang et al., CCGrid 2006 28

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

eScience in the Netherlands Rob van Nieuwpoort R.vanNieuwpoort@esciencecenter.nl We work

eScience in the Netherlands Rob van Nieuwpoort R.vanNieuwpoort@esciencecenter.nl We work

eScience in the Netherlands Rob van Nieuwpoort R.vanNieuwpoort@esciencecenter.nl We work demand-driven 35 Career paths Scale eScience eScience top eScience top 13 manager specialist researcher eScience eScience eScience 12

819 views • 81 slides
Building Virtual Communities with eScience Andy Parker Director, Cambridge eScience Centre What

Building Virtual Communities with eScience Andy Parker Director, Cambridge eScience Centre What

Building Virtual Communities with eScience Andy Parker Director, Cambridge eScience Centre What is e-Science? "e-Science is about global collaboration in key areas of science, and the next generation of infrastructure that will enable

599 views • 30 slides
The Promise and Perils of Data Science in the Wild Data Science & Society Seminar | eScience

The Promise and Perils of Data Science in the Wild Data Science & Society Seminar | eScience

The Promise and Perils of Data Science in the Wild Data Science & Society Seminar | eScience Institute Community Seminar Brittany Fiore-Gartland, Ph.D. Anissa Tanweer, Ph.C. eScience Institute Department of Communication Human Centered

334 views • 31 slides
Using EBS with Auto Scaling Groups How to use the immense power of AWS Auto-Scaling Groups for a

Using EBS with Auto Scaling Groups How to use the immense power of AWS Auto-Scaling Groups for a

Using EBS with Auto Scaling Groups How to use the immense power of AWS Auto-Scaling Groups for a stateful Docker application. Background Background In a service-oriented world where requests can come from anywhere at any time, keeping a

1.04k views • 31 slides
eScience on Distributed Infrastructure in Poland Marian Bubak AGH University of Science and

eScience on Distributed Infrastructure in Poland Marian Bubak AGH University of Science and

1 eScience on Distributed Infrastructure in Poland Marian Bubak AGH University of Science and Technology ACC Cyfronet Krakow, Poland dice.cyfronet.pl PLAN-E, the Platform of National eScience/Data Research Centers in Europe, 29-30 September

498 views • 39 slides
Measuring the Fog, Gently Antonio Brogi, Stefano Forti, and Marco Gaglianese Service-oriented,

Measuring the Fog, Gently Antonio Brogi, Stefano Forti, and Marco Gaglianese Service-oriented,

Measuring the Fog, Gently Antonio Brogi, Stefano Forti, and Marco Gaglianese Service-oriented, Cloud and Fog Computing Research Group Department of Computer Science University of Pisa, Italy 17th International Conference on Service-Oriented

413 views • 22 slides
Service Variability Meta Modeling for Service Oriented Architectures Mohammad Abu Matar

Service Variability Meta Modeling for Service Oriented Architectures Mohammad Abu Matar

Service Variability Meta Modeling for Service Oriented Architectures Mohammad Abu Matar and Hassan Gomaa Department of Computer Science George Mason University Fairfax, VA, USA mabumata@gmu.edu hgomaa@gmu.edu Software Variability

319 views • 31 slides
Autoscaling Effects in Speed Scaling Systems Carey Williamson Department of Computer Science

Autoscaling Effects in Speed Scaling Systems Carey Williamson Department of Computer Science

CORS 2016 Autoscaling Effects in Speed Scaling Systems Carey Williamson Department of Computer Science (joint work with Maryam Elahi and Philipp Woelfel) Introduction Dynamic CPU speed scaling systems Service rate adjusted based on

441 views • 14 slides
Scaling the Root A study of the impact on the DNS root system of increasing the size and

Scaling the Root A study of the impact on the DNS root system of increasing the size and

Scaling the Root A study of the impact on the DNS root system of increasing the size and volatility of the root zone Jaap Akkerhuis Lyman Chapin Patrik Fltstrm Glenn Kowack Bill Manning Lars-Johan Liman Summary of Findings Root Scaling

558 views • 20 slides
INF 5890 IT og Ledelse Service Oriented Architecture

INF 5890 IT og Ledelse Service Oriented Architecture

INF 5890 IT og Ledelse Service Oriented Architecture Bendik Bygstad IFI March 2016 Learning outcomes Can define Service Oriented Architecture

460 views • 30 slides
Web-Service Example Service Oriented Architecture 1 Fundamentals Roles Service

Web-Service Example Service Oriented Architecture 1 Fundamentals Roles Service

Web-Service Example Service Oriented Architecture 1 Fundamentals Roles Service provider Service Consumer Registry Operations Publish (by provider) Find (by requester) Bind (by requester or invoker)

250 views • 13 slides
TCS (eScience) Personal CA Milan Sova Context TCS: TERENA SSL CA TERENA eScience SSL

TCS (eScience) Personal CA Milan Sova Context TCS: TERENA SSL CA TERENA eScience SSL

TCS (eScience) Personal CA Milan Sova Context TCS: TERENA SSL CA TERENA eScience SSL CA TERENA Personal CA TERENA eScience Personal CA TERENA Code Signing CA Concept CA as SAML SP RAs as SAML IdPs

814 views • 10 slides
Service-Oriented Computing CSC 450 and CSC 750 Munindar P. Singh, Professor singh@ncsu.edu

Service-Oriented Computing CSC 450 and CSC 750 Munindar P. Singh, Professor singh@ncsu.edu

Service-Oriented Computing CSC 450 and CSC 750 Munindar P. Singh, Professor singh@ncsu.edu Department of Computer Science North Carolina State University Fall 2016 Munindar P. Singh (NCSU) Service-Oriented Computing Fall 2016 1 Preamble

784 views • 32 slides
Service-Oriented Computing CSC 450 and CSC 750 Munindar P. Singh, Professor singh@ncsu.edu

Service-Oriented Computing CSC 450 and CSC 750 Munindar P. Singh, Professor singh@ncsu.edu

Service-Oriented Computing CSC 450 and CSC 750 Munindar P. Singh, Professor singh@ncsu.edu Department of Computer Science North Carolina State University Fall 2018 Munindar P. Singh (NCSU) Service-Oriented Computing Fall 2018 1 Preamble

1.09k views • 35 slides
An Introduction to Service Oriented Architecture Introduction Definitions Sommerville

An Introduction to Service Oriented Architecture Introduction Definitions Sommerville

An Introduction to Service Oriented Architecture Introduction Definitions Sommerville Service-oriented architectures (SOAs) are a way of developing distributed systems where system components are stand-alone services, executing on

480 views • 28 slides
Service Oriented Architectures for R&E networks Network Mashups Bill St. Arnaud

Service Oriented Architectures for R&E networks Network Mashups Bill St. Arnaud

Service Oriented Architectures for R&E networks Network Mashups Bill St. Arnaud CANARIE Inc www.canarie.ca Bill.st.arnaud@canarie.ca Impact of e-Science

221 views • 11 slides
Womens Leadership for Enterprise: Differences in Productivity and Earnings Presented By:

Womens Leadership for Enterprise: Differences in Productivity and Earnings Presented By:

Womens Leadership for Enterprise: Differences in Productivity and Earnings Presented By: Salma Khan Chairperson, NGO Coalition for Beijing PFA Also Former Chairperson, UN CEDAW Committee Division Chief, Planning Commission, GOB Director

408 views • 14 slides
Annual l General l Meeting February 26 th , 2015 Spruce e Ridge Capital Inc. Forward rd-Lo

Annual l General l Meeting February 26 th , 2015 Spruce e Ridge Capital Inc. Forward rd-Lo

PAGE 1 Annual l General l Meeting February 26 th , 2015 Spruce e Ridge Capital Inc. Forward rd-Lo Look oking ing Statements nts Advisory PAGE 2 Certain information regarding Spruce Ridge Capital Inc. ( Spruce ) set forth in this

401 views • 24 slides
2013 RSA: Identifying Source Sink Dynamics in Scallop Populations Jonathan Grabowski, Steve

2013 RSA: Identifying Source Sink Dynamics in Scallop Populations Jonathan Grabowski, Steve

2013 RSA: Identifying Source Sink Dynamics in Scallop Populations Jonathan Grabowski, Steve Vollmer, Brad Harris, & Kevin Stokesbury 2014 RSA: INVESTIGATING THE EFFECTS OF OCEAN ACIDIFICATION AND WARMING ON THEIR SHELL PROPERTIES AND MEAT

500 views • 12 slides
Improving crop productivity and nutrient use efficiency simultaneously in intensive agriculture

Improving crop productivity and nutrient use efficiency simultaneously in intensive agriculture

Improving crop productivity and nutrient use efficiency simultaneously in intensive agriculture in China Zhang FS, Fan MS, Zhang WF, Chen XP, Jiang RF College of Resources and Environmental Sciences China Agricultural University Beijing,

999 views • 62 slides
Power input measurements in Lorentz force-driven turbulent flow Barbara E. Brawn & Daniel P.

Power input measurements in Lorentz force-driven turbulent flow Barbara E. Brawn & Daniel P.

Power input measurements in Lorentz force-driven turbulent flow Barbara E. Brawn & Daniel P. Lathrop Institute for Research in Electronics and Applied Physics Department of Physics University of Maryland College Park 1 Goals measure

232 views • 8 slides
Draft 2020 Capital Budget January 27, 2020 1 Capital Budget Overview Finance Cycle and Budget

Draft 2020 Capital Budget January 27, 2020 1 Capital Budget Overview Finance Cycle and Budget

Draft 2020 Capital Budget January 27, 2020 1 Capital Budget Overview Finance Cycle and Budget Timeline Capital Funding Strategy & Ranking Guidelines Items Referred to the Budget Process Budget Bylaw & Placeholder Budgets Capital

685 views • 67 slides
Agenda of the 2018 BARS AGM Marriott Hotel City Centre, Bristol Thursday 27 th September 2018 6.

Agenda of the 2018 BARS AGM Marriott Hotel City Centre, Bristol Thursday 27 th September 2018 6.

Agenda of the 2018 BARS AGM Marriott Hotel City Centre, Bristol Thursday 27 th September 2018 6. Webmasters Report 1. Minutes of the last AGM - Richard Bell 2. Matters Arising 7. Council Election Results 3. Chairmans Report - Phil

240 views • 20 slides
Rhinebeck Central School District Evaluating and Improving School Climate Presented to the

Rhinebeck Central School District Evaluating and Improving School Climate Presented to the

Rhinebeck Central School District Evaluating and Improving School Climate Presented to the Rhinebeck Community by the Center for Social & Emotional Education May 12, 2008 School Climate: What is it? School Climate refers to the

769 views • 28 slides

More recommend