connect communicate collaborate the gembus way delivering the promise of the internet of services...
TRANSCRIPT
![Page 1: Connect communicate collaborate The GEMBus Way Delivering the Promise of the Internet of Services Diego R. Lopez, RedIRIS](https://reader035.vdocuments.mx/reader035/viewer/2022062721/56649f225503460f94c39fe1/html5/thumbnails/1.jpg)
connect • communicate • collaborate
The GEMBus WayDelivering the Promise of the Internet of Services
Diego R. Lopez, RedIRIS
![Page 2: Connect communicate collaborate The GEMBus Way Delivering the Promise of the Internet of Services Diego R. Lopez, RedIRIS](https://reader035.vdocuments.mx/reader035/viewer/2022062721/56649f225503460f94c39fe1/html5/thumbnails/2.jpg)
connect • communicate • collaborate
The Zen of GEMBus
Middleware is the layer connecting the stuff to the rest of the world in a seamless manner
Our stuff is academic and research network servicesMulti-domain
XaaS: Everything as a Service
X can be Software, Storage, Network…
![Page 3: Connect communicate collaborate The GEMBus Way Delivering the Promise of the Internet of Services Diego R. Lopez, RedIRIS](https://reader035.vdocuments.mx/reader035/viewer/2022062721/56649f225503460f94c39fe1/html5/thumbnails/3.jpg)
connect • communicate • collaborate
The Composition Landscape
Interface descriptions
Compositional procedures and orchestration
Standard interfaces and support for policy agreements
![Page 4: Connect communicate collaborate The GEMBus Way Delivering the Promise of the Internet of Services Diego R. Lopez, RedIRIS](https://reader035.vdocuments.mx/reader035/viewer/2022062721/56649f225503460f94c39fe1/html5/thumbnails/4.jpg)
connect • communicate • collaborate
Composable Network ServicesThe GEMBus Promise
A framework to define, discover, access, and combine network servicesFrom the infrastructure up to application elementsFederated, multi-domain ESBAble to integrate any service within the GÉANT infrastructureFlexible negotiation of service provision capabilities
Addressed toNREN staffe-Science service providersand users!!
Collaborative architectureOpen to collaboration beyond the academic communityProsumer-oriented
– Plug-and-play plus Plug-and-be-played
![Page 5: Connect communicate collaborate The GEMBus Way Delivering the Promise of the Internet of Services Diego R. Lopez, RedIRIS](https://reader035.vdocuments.mx/reader035/viewer/2022062721/56649f225503460f94c39fe1/html5/thumbnails/5.jpg)
connect • communicate • collaborate
What GEMBus Intends to Offer
Mechanisms for enabling user applications to use networked services and compose them
Within a distributed and federated infrastructure, avoiding central services as much as possible
A set of common services for:
Describing and finding service endpoints (registry)
Routing requests and responses (messaging)
Keeping a log of the interactions, for traceability and diagnostics (accounting)
Defining how and when component services are called inside a composed one (mediation)
Establishing rights for the user services (access control)
![Page 6: Connect communicate collaborate The GEMBus Way Delivering the Promise of the Internet of Services Diego R. Lopez, RedIRIS](https://reader035.vdocuments.mx/reader035/viewer/2022062721/56649f225503460f94c39fe1/html5/thumbnails/6.jpg)
connect • communicate • collaborate
What GEMBus Intends to Use
Whatever service endpoints that any participant is willing to offer
Driven by already identified use cases
With the hope of additional ones rising from the user communities
A set of rules for integrating services into the framework, according to:
Web-Service endpoint definitions
Service wrappers
Registration interfaces
APIs using common standards (JBI, OSGi...)
Possibly, reflection interfaces
Recommendations, best practices and experience
![Page 7: Connect communicate collaborate The GEMBus Way Delivering the Promise of the Internet of Services Diego R. Lopez, RedIRIS](https://reader035.vdocuments.mx/reader035/viewer/2022062721/56649f225503460f94c39fe1/html5/thumbnails/7.jpg)
connect • communicate • collaborate
Compositional Styles
Lightweight SOARESTComposition based on the mash-up paradigmWeb 2.0
Heavyweight SOASOAPComposition based on formal languagesSemantic Web
Bundle platformsSoftware components kept in repositoriesLoaded an instantiated by the application using themOSGi
At least, the two first will be addressed
![Page 8: Connect communicate collaborate The GEMBus Way Delivering the Promise of the Internet of Services Diego R. Lopez, RedIRIS](https://reader035.vdocuments.mx/reader035/viewer/2022062721/56649f225503460f94c39fe1/html5/thumbnails/8.jpg)
connect • communicate • collaborate
Service InterfacesThe MANA Approach
α-interfacesDirectly usable by applications
β-interfacesGovern systems and resources
γ-interfacesAbstract access to resources
δ-interfacesActual control over the resourcesSource: MANA Position Paper, 2009
![Page 9: Connect communicate collaborate The GEMBus Way Delivering the Promise of the Internet of Services Diego R. Lopez, RedIRIS](https://reader035.vdocuments.mx/reader035/viewer/2022062721/56649f225503460f94c39fe1/html5/thumbnails/9.jpg)
connect • communicate • collaborate
What Service Interfaces
GEMBus will provide a set of α-interfaces
Plus the corresponding mediation systems
Specify how β-interfaces have to be published and registered
From individual GÉANT (and external) services
A management platformAs required for direct integration supportUsable by individual services
Source: MANA Position Paper, 2009
![Page 10: Connect communicate collaborate The GEMBus Way Delivering the Promise of the Internet of Services Diego R. Lopez, RedIRIS](https://reader035.vdocuments.mx/reader035/viewer/2022062721/56649f225503460f94c39fe1/html5/thumbnails/10.jpg)
connect • communicate • collaborate
A Tour through Use CasesLive Performance Distribution
![Page 11: Connect communicate collaborate The GEMBus Way Delivering the Promise of the Internet of Services Diego R. Lopez, RedIRIS](https://reader035.vdocuments.mx/reader035/viewer/2022062721/56649f225503460f94c39fe1/html5/thumbnails/11.jpg)
connect • communicate • collaborate
A Tour through Use CasesDigital Repositories
![Page 12: Connect communicate collaborate The GEMBus Way Delivering the Promise of the Internet of Services Diego R. Lopez, RedIRIS](https://reader035.vdocuments.mx/reader035/viewer/2022062721/56649f225503460f94c39fe1/html5/thumbnails/12.jpg)
connect • communicate • collaborate
A Tour through Use CasesGÉANT Service Composition
ClientPath Reservation
Service
AutoBAHNService
PerfSONARService
AutoBAHNServices (IDM)
PerfSONARservices (LS, MP, MA)
GEMBUS
![Page 13: Connect communicate collaborate The GEMBus Way Delivering the Promise of the Internet of Services Diego R. Lopez, RedIRIS](https://reader035.vdocuments.mx/reader035/viewer/2022062721/56649f225503460f94c39fe1/html5/thumbnails/13.jpg)
connect • communicate • collaborate
A Tour through Use CasesAutonomous Services
![Page 14: Connect communicate collaborate The GEMBus Way Delivering the Promise of the Internet of Services Diego R. Lopez, RedIRIS](https://reader035.vdocuments.mx/reader035/viewer/2022062721/56649f225503460f94c39fe1/html5/thumbnails/14.jpg)
connect • communicate • collaborate
A Tour through Use CasesWorkflow (CLARIN)
![Page 15: Connect communicate collaborate The GEMBus Way Delivering the Promise of the Internet of Services Diego R. Lopez, RedIRIS](https://reader035.vdocuments.mx/reader035/viewer/2022062721/56649f225503460f94c39fe1/html5/thumbnails/15.jpg)
connect • communicate • collaborate
A Tour through Use CasesReal Time Collaboration
![Page 16: Connect communicate collaborate The GEMBus Way Delivering the Promise of the Internet of Services Diego R. Lopez, RedIRIS](https://reader035.vdocuments.mx/reader035/viewer/2022062721/56649f225503460f94c39fe1/html5/thumbnails/16.jpg)
connect • communicate • collaborate
On α-Interfaces
Two initial models being addressed
OGSA
NREN natural environment
IPSphere
Network gear manufacturers
Telcos and ISPs
More to explore as service matures
Cloud RESTish interfaces look promising
Lots of hype noise here
![Page 17: Connect communicate collaborate The GEMBus Way Delivering the Promise of the Internet of Services Diego R. Lopez, RedIRIS](https://reader035.vdocuments.mx/reader035/viewer/2022062721/56649f225503460f94c39fe1/html5/thumbnails/17.jpg)
connect • communicate • collaborate
On ß-Interfaces
Three initial use cases being considered for implementation
PerfSONAR and AutoBAHN integration
Autonomous Computing
E2E network SLA
Analysis on how decoupling impacts on service interface design
A wrapper cannot be enough in certain cases
Additional metadata services can be a solution
![Page 18: Connect communicate collaborate The GEMBus Way Delivering the Promise of the Internet of Services Diego R. Lopez, RedIRIS](https://reader035.vdocuments.mx/reader035/viewer/2022062721/56649f225503460f94c39fe1/html5/thumbnails/18.jpg)
connect • communicate • collaborate
On Registries
Support for several compositional styles
Heavy- and light-weight SOA
Richer metadata set
Semantic description
No central service repository
Distributed publish-and-subscribe
Data-driven update
Several interesting choices
Semantic WS (RDF + WSDL 2)
Data-driven architectures (a-la-OM2)
Flow-oriented protocols (a-la-Wave)
![Page 19: Connect communicate collaborate The GEMBus Way Delivering the Promise of the Internet of Services Diego R. Lopez, RedIRIS](https://reader035.vdocuments.mx/reader035/viewer/2022062721/56649f225503460f94c39fe1/html5/thumbnails/19.jpg)
connect • communicate • collaborate
On Messaging
Protocol and platform neutrality
Several ESB frameworks under evaluation
Plans are not to mandate a single one
SOAP/XML and REST/JSON over HTTP(S) are the obvious first choices
Wrappers already provided by frameworks
Supported by all conceivable implementation languages
Minimize initial integration costs
Other paths to explore
Maximize transparency to application
Enhance formalization without affecting simplicity
Highly dependent on registry capabilities
The metadata issue again
![Page 20: Connect communicate collaborate The GEMBus Way Delivering the Promise of the Internet of Services Diego R. Lopez, RedIRIS](https://reader035.vdocuments.mx/reader035/viewer/2022062721/56649f225503460f94c39fe1/html5/thumbnails/20.jpg)
connect • communicate • collaborate
On Accounting
Establish a common semantics of what to be logged at the α- and ß-interfaces
Define (at least) compatible syntaxesBuild aggregation systems
Explore how to propagate this down the service interface stackExternal logs can be incorporated in the reporting system
Extend these findings toMonitoringExtended helpdesk
Some promising results to incorporateFederation monitoring (eduroam, AAIEye,…)Grid coordinated accountingThe NREN DetectiveEDDY
![Page 21: Connect communicate collaborate The GEMBus Way Delivering the Promise of the Internet of Services Diego R. Lopez, RedIRIS](https://reader035.vdocuments.mx/reader035/viewer/2022062721/56649f225503460f94c39fe1/html5/thumbnails/21.jpg)
connect • communicate • collaborate
On Mediation
Choreography
P2P
Control shared by the services
Enforced by the requesting application
• Orchestration– Centralized– Control exercised by an
orchestration engine that receives the request
– Better suited for user-oriented service creation
• What about a distributed orchestration?
![Page 22: Connect communicate collaborate The GEMBus Way Delivering the Promise of the Internet of Services Diego R. Lopez, RedIRIS](https://reader035.vdocuments.mx/reader035/viewer/2022062721/56649f225503460f94c39fe1/html5/thumbnails/22.jpg)
connect • communicate • collaborate
On Access Control
• All requests and responses include identity information– With persistent unique identifiers
• Service endpoints explicitly state their security requirements in their definition
– Including integrity checking and encryption• Support for different syntaxes for security statements
– Plus a common GEMBus Security Token (GST)• Optional use for encryption and integrity checking in protocols and
channels– But security statements must be integrity protected
• WS-Security seems the obvious choice– And we have to explore RESTish interfaces:
OAuth/OpenID/InfoCard/…
![Page 23: Connect communicate collaborate The GEMBus Way Delivering the Promise of the Internet of Services Diego R. Lopez, RedIRIS](https://reader035.vdocuments.mx/reader035/viewer/2022062721/56649f225503460f94c39fe1/html5/thumbnails/23.jpg)
connect • communicate • collaborate
(More) On Access Control
• The GEMBus security architecture envisages:
– A common token format to guarantee interoperability at the security level
– A STS in order to have at least a source of such tokens and provide a way to translated other token formats into the common format
– An AS able to validate security tokens and provide authorization decisions
• eduGAIN WE token format plus– WebSSO to provide access to STSes– MDS to bootstrap ASes
![Page 24: Connect communicate collaborate The GEMBus Way Delivering the Promise of the Internet of Services Diego R. Lopez, RedIRIS](https://reader035.vdocuments.mx/reader035/viewer/2022062721/56649f225503460f94c39fe1/html5/thumbnails/24.jpg)
connect • communicate • collaborate
On Time (I Hope)
• GEMBus intends to be the next natural step in multi-domain middleware services
– Blurring the line between network and application– XaaS
• Applying in a wider environment what we have learned so far– Generalizing the federation methods and principles
• Trying to satisfy a demand from the user community– Better integration of whatever the infrastructure– Several real projects already identified
• And following the path to the Future Internet– The network becomes a “global virtual resource”