partners: cardiff university activeplan solutions ltd
DESCRIPTION
COllaborative VIrtual TEams (COVITE) Project J.S. Pahwa, P. Burnap, L. Joita, W.A.Gray, O.F.Rana, John Miles. Partners: Cardiff University ActivePlan Solutions Ltd. Overview. Project Concept The Product Supplier Catalogue Database (PSCD) Application Security Management Collaboration - PowerPoint PPT PresentationTRANSCRIPT
COllaborative VIrtual TEams (COVITE) Project
J.S. Pahwa, P. Burnap, L. Joita, W.A.Gray, O.F.Rana, John Miles
Partners: Cardiff University
ActivePlan Solutions Ltd
Overview
• Project Concept
• The Product Supplier Catalogue Database (PSCD) Application
• Security Management
• Collaboration
• Data Definition
• Data Search
• Conclusions and further work
• AEC (Architecture/ Engineering/ Construction) industry projects involve many individuals and companies forming a consortium for the duration of a project
• Consortia members are geographically dispersed
• Product/Service Manufacturers and Suppliers databases (if existent!) are heterogeneous
• Product/Service Manufacturers’ product information is plentiful and the majority is unstructured and unreachable
Project Concept
The PSCD
The PSCD application – Grid-enabled data management tool that provides the data structure for storing and retrieving information across a number of product suppliers’ databases.
Collaboration occurs between:
• Product Suppliers and Contractors for procurement of supplies
• Product Specification Designers for defining and building industry standards to describe available products
• Members of the Consortium working on a particular construction project which require information on the products
Collaborative Support Consideration
The PSCD
COVITE
Product Class Supplier Databases
Specification Designers
Users/User Groups Supplier Databases managed by suppliers
Poll and connect to relevant databases at runtime
Specification creation and management keep Suppliers up to date
Cardiff University activeplan
PSCDApplication
PCD
Master Data
SecurityService
Cluster of GRID computers
.NET Web Services
.NET Web Services
MasterGrid Service(MGS)
GRID Services
Multiple DatabaseSearch Service(MDSS)
The PSCD
• Software tools used:Apache Tomcat web server, Axis, AntMicrosoft IIS web serverGT3.0.2 coreServlet, ASP, JSP, VBScript, C#
• Resources used on the server side:2 computers in Welsh eScience, in the Grid
network (bouscat, agents-comsc)6 computers in the local network
Grid Security Infrastructure (GSI)
• GSI uses the Public Key Infrastructure (PKI), X.509 certificates and Secure Socket Layer (SSL)
• X.509 certificates provide users with a unique global identification
• Authorization to access a resource is controlled by a mapping between the user’s distinguished name and a local Unix/Linux ID via a grid-mapfile
Grid Security Infrastructure (GSI)
• X.509 Certificate:subject : C=UK,O=eScience,OU=Cardiff,L=WeSC,CN=liviu joitaissuer : C=UK,O=eScience,OU=Authority,CN=CA,[email protected] date : Tue Nov 12 15:33:51 GMT 2002end date : Wed Nov 12 15:33:51 GMT 2003
• Distinguished Name:CN=liviu joita,L=WeSC,OU=Cardiff,O=eScience,C=UK
• Main advantages of using GSI:Single sign-onUsers do not have username/passwords, instead
they have public/private key pairs and identity certificates
Security Architecture
1. First, a user has to have a valid proxy certificate. The user submits his proxy certificate, the VO who belongs to and his role within the VO to the Tomcat Authentication Server (AS) via a web interface using JSP - servlet interface.
2. Tomcat AS authenticates the certificate and obtains the local user name for the PSCD application from the grid-mapfile.
3. Tomcat AS passes the local user name, the user role and the VO to the IIS server that runs the PSCD system (which is a .NET web application environment). IIS then matches the username, the role and the VO to its local DB and creates a session for that user.
4. User preferences are applied to the ‘index’ page of the PSCD system and the user is presented with the home page of the application.
Client Side Web Browser
Firewall
TomcatAuthentication
Server
IISApplication
Server
3
PSCD Application
Submit user proxy certificate
2
4
1
The PSCD Authentication Architecture using a valid proxy certificate
Security Architecture1. First, a user has to have a valid proxy
certificate on the MyProxy Server machine. 2. The user submits his username/password
pair credentials, the VO who belongs to and his role within the VO to the Tomcat Authentication Server (AS) via a web interface using JSP - servlet interface.
3. Tomcat AS uses the username/password pair to authenticate and authorize the user against his proxy certificate from MyProxy server
4. Tomcat AS authenticates the proxy certificate uploaded from MyProxy server and obtains the local username for the PSCD application from the Grid-map file.
5. Tomcat AS passes the local user name the user role and the VO to the IIS server that runs the PSCD system (which is a .NET web application environment). IIS then matches the user name to its local DB and creates a session for that user.
6. User preferences are applied to the ‘index’ page of the PSCD system and the user is presented with the home page of the application.
The PSCD Authentication Architecture using username/password credentials
Client Side Web Browser
Submit username/password
1
Firewall
Tomcat Authentication Server
MyProxy Server
IISApplication
Server
2
3
4
5
6
PSCD Application
The Product Class
• A standard product definition for providing product information.
• Acts as a template and provides meta information for creating actual product information.
• Is made up of a number of specifications conforming to different specification types.
• Can be used by Product Suppliers for population of product information in their databases.
The Product Class Database
• A tool for creating Product Classes and Product Class Specifications.
• Enables Product Class versioning.
• Releases Product Class for subscription by Product Suppliers.
• Provides meta information for building product search criteria.
Sub Product Class Specification
Specification Group
Specification
Sub-Specification Group
Table Spec
List Specification
Product Class Specification
Specification
Value
Table Specification
List of Column Specifications where each column specification has list of values relative to other column specification values.
List Specification
Value
Value
…
Product Class
The Product Class and its various specification types
Product Class Versioning
• New products emerge• Existing products evolve and are assigned
more attributes• New versions created and assigned• Product suppliers notified• New classes downloaded
Product Class Subscription
Table
Table
…
Table
Table
…
XmlParse
Service
<xml> … … …</xml>
Product Catalogue Database
Transport Layer
Transport Layer
Product Supplier Database
Product Class Database Structure
Product Class
Product Category Product Class Version
Product Class DefinitionCategory Hierarchy
Category
Specification List Version Specification Group Version
Table Version
List Specification
Sub Product Class Version
Specification Group
Table Specification
Sub Product Class Definition
List DefinitionSpecification Group Definition
Table Definition
Sub Product Class
Data Search
• Information held by large number of data sources in a Wide Area Network.
• Access to such information held by large number of organisations.
• Information processing with aid of independent mechanisms, and
• Sharing of information with those who need it.
Objectives
• Searching autonomously managed data sources external to the Grid Environment.
• Processing, analysing and sharing information in real time.
• Collaborative working.• Collation of searched datasets.• Optimisation of data access operations.• Web Services support throughout.• Use of single proxy.
The Approach
• Does a data source really need to be “Grid Enabled” to provide data access support to the Grid Environment?
- may be not.
• Instead, why not just Grid enable the data access process?
- grid enabled data sources and grid enabled data access are two different things.
The MDSS
• A virtual distributed database search model.• A database centric Grid service for accessing and
processing information from large number of data sources.
• Searches supplier data sources based on a search criteria.
• Enables a channel for product suppliers for advertising products to a large user base.
• Built using Globus Toolkit 3.0.2 (Core).
The Search
• What to search?
- a search criteria submitted by the user.• Where to search?
- data sources that match user’s request.• What are the available resources to propagate the
search?
- the available Database Search Services in the MDSS
Search CriteriaWhere to Search? <NewDataSet> <Supplier> <IDSupplier>1</IDSupplier> <SupplierWS>http://131.251.42.40/test/categories.asmx</SupplierWS> </Supplier> …</NewDataSet>
Available GSHs <NewDataSet> <GridServiceHandle> <IDGsh>1</IDGsh> <GSH>http://131.251.42.40:8080/ogsa/services/DatabaseSearchService</GSH> </GridServiceHandle> <GridServiceHandle> <IDGsh>2</IDGsh> <GSH>http://131.251.47.110:18080/ogsa/services/DatabaseSearchService</GSH> </GridServiceHandle> …</NewDataSet>
MDSS Architecture
Two major components:• Master Grid Service: identify resources available,
register new resources, job allocation, data parsing and data aggregation.
• Database Search Service: data search, data aggregation, data parsing, collaborative working.
- MDSS Architecture -
WS Layer WS Layer WS LayerWS Layer WS Layer WS Layer
Grid DB Search ServiceGrid DB Search Service Grid DB Search Service
Apache Axis Soap Server
<<soap messages >> <<soap messages >><<soap messages >>
Master Grid Service * Metadata Query *Job Allocation Grid Service * Collation of datasets
Single user
VO
Active Plan (Search Criteria Specified here)
MetadataProduct Classes
Grid Engine(based on the OGSA Model)
Supplier databases
GSH Document
Parser
Supplier Document
Parser
Xml Converter
Database Search Service
Job Execution
Grid Service Manager
Data Aggregation
Master Grid
Service
OGSA Container
Master Grid Service Modules
MDSS Design Features
• Ability to register new data sources.• Ability to enhance MDSS capability by adding more
machines in the Grid cluster.• Supplier databases free of Grid Complexities.• Ability to identify data sources to be searched in real
time.• Distribute search equally among available GSHs.• New instance of Database Search Service for each
operation.
Conclusions & Further Work
• Product Class creation, versioning, subscription and search.
• Peer Review System.
• Multiple instances of Master Grid Services.
• Data Streaming.
• Data Caching.
• Memory Resident databases.
Demonstration
Please visit Welsh e-Science booth for the demonstration of the grid enabled PSCD Application between 1300 -1400 today.
Questions?