Thomas Friese

Towards a service-oriented ad hoc grid

In its current state, service-oriented grid computing focuses on the unification of resources through virtualization, to enable on demand distributed computing within a preconfigured environment. Organizations or inter-organizational communities willing to share their computational resources typically create a centrally planned grid, where dedicated grid administrators manage the nodes and the offered grid services. In this paper, we present the idea of a spontaneously formed, service-oriented ad hoc grid to harness the unused resources of idle networked workstations and high-performance computing nodes on demand. We discuss the requirements of such an ad hoc grid, show how the service-oriented computing paradigm can be used to realize it and present a proof-of-concept implementation based on the Globus Toolkit 3.0. The features of this system are peer-to-peer based node discovery, automatic node property assessment, hot deployment of services into a running system and added inter-service security.

Hot service deployment in an ad hoc grid environment

In this paper, we present a solution to the probl of dynamically deploying grid service factories onto computing nodes running an implentation of the Open Grid Services Infrastructure (OGSI). By providing a non-intrusive Hot Deployment Service (HDS), we extend the service-oriented grid computing paradigm, as it is defined by the Open Grid Services Architecture (OGSA), to provide a more dynamic ad hoc grid environment. Service-oriented grid middleware utilizing the HDS enables organizations or interorganizational communities to form an ad hoc grid to harness unused and scattered resources of an existing IT-infrastructure. The availability of the HDS also improves the capabilities to manage existing grid systs based on the Globus Toolkit 3, which is a vital requirent for the adoption of service-oriented grid systs in production environments.

Flex-SwA: Flexible Exchange of Binary Data Based on SOAP Messages with Attachments

SOAP is the standard protocol for message exchange in Web service environments. As an XML-based protocol, SOAP is not suitable for the transmission of large amounts of binary data. This fact has been addressed by the SOAP messages with attachments specification, which regulates the transfer of a SOAP message together with an arbitrary number of binary attachments composed within a MIME multipart/related message. Although this leads to a reduction of transmission overhead, Web service communication using SOAP messages with attachments still lacks communication and processing flexibility. In this paper, we present a novel and more flexible way of handling attachments in SOAP-based Web service environments. In contrast to SOAP messages with attachments, our approach offers message forwarding without additional communication cost and demand-driven evaluation and transmission of binary data, thus providing the opportunity to save time by overlapping service execution and data transmission

Countering security threats in service-oriented on-demand grid computing using sandboxing and trusted computing techniques

In this paper, an analysis of security threats within service-oriented on-demand Grid computing environments is presented. The analysis is based on identifying three levels of trust relationships and three types of Grid applications in on-demand computing; the trust relationships involve interactions among resource providers, middleware producers, solution producers, and users. The paper presents solutions for addressing the threats inherent to these three increasingly demanding levels. The solutions involve applying sandbox-based approaches using virtual machine technology and jailing mechanisms to ensure trust for the first two levels of on-demand Grid computing, as well as Trusted Computing Platform Alliance (TCPA) technology for the third level of on-demand Grid computing. A brief taxonomy of the presented solutions is introduced.

Self-healing execution of business processes based on a peer-to-peer service architecture

The automated execution of business processes that are composed of individual web services has seen a growing importance throughout enterprise computing in the recent years. The Business Process Execution Language for Web Services (BPEL4WS) has become the predominant language to express such business process compositions. In this paper we present the design and implementation of a Robust Execution Layer that acts as a transparent, configurable add-on to any BPEL4WS execution engine to support self-healing execution of business processes. Resilience of the process execution is achieved through service replacement in case of communication failures, by relying on a robust peer-to-peer service discovery and selection mechanism for alternative services.

Model Driven Development of Service-Oriented Grid Applications

In service-oriented Grid computing, great emphasis is placed on platform independence and cross-platform interoperability at the price of a higher initial software development complexity and cost. The Model Driven Architecture (MDA) approach to software development promises to reduce costs and increase reliability and flexibility of such complex distributed systems. In this paper, we introduce an MDA approach to service-oriented Grid application development and its prototypical implementation. To enable a better separation of development concerns, we propose a subdivision of the Platform Specific Model (PSM) into two parts, separating application functionality and Grid logic. This separation of concerns is maintained even at the code level using Java annotations, allowing domain experts to work on every level with only limited knowledge outside of their domain.

A Framework for Resource Management in Peer-to-Peer Networks

The huge amount of recent activities in peer-to-peer (P2P) computing led to the development of a number of applications and protocols all dealing with similar problems and providing different noninteroperable implementations. In this paper, we present a framework for resource management and information storage in P2P networks. Our framework aims at providing an easy to use and flexible model for P2P computing encouraging more modularized application development and permitting reuse of components. To provide efficient localization of resources and representation of information, our resource management framework (RMF) forms a distributed information space enabling not only flat storage of information but forming graph structures that can be used to build new kinds of applications enabling the users to browse the contents of a P2P network.

Security issues in on-demand grid and cluster computing

In this paper, security issues in on-demand grid and cluster computing are analyzed, a corresponding threat model is presented and the challenges with respect to authentication, authorization, delegation and single sign-on, secure communication, auditing, safety, and confidentiality are discussed. Three different levels of on-demand computing are identified, based on the number of resource providers, solution producers and users, and the trust relationships between them. It is argued that the threats associated with the first two levels can be handled by employing operating system virtualization technologies based on Xen, whereas the threats of the third level require the use of hardware security modules proposed in the context of the Trusted Computing Platform Alliance (TCPA). The presented security mechanisms increase the resilience of the service hosting environment against both malicious attacks and erroneous code. Thus, our proposal paves the way for large scale hosting of grid or Web services in commercial scenarios.

Trust shaping: adapting trust establishment and management to application requirements in a service-oriented grid environment

In this paper, an approach for establishing and managing trust among the interaction partners (i.e. users, nodes and/or services) in a service-oriented Grid environment is presented. The approach is based on a flexible trust model and system architecture for collecting and managing multidimensional trust values. Both identity and behaviour trust of the interaction partners are considered, and different sources are used to determine the overall trust value of an interaction partner. A proposal for establishing the first trust between interaction partners is made, and the possibility to continuously monitor the partners’ behaviour trust during an interaction is provided. The proposed trust architecture can be configured to the domain specific trust requirements by the use of several separate trust profiles covering the entire lifecycle of trust establishment and management.

Programming software agents as designing executable Business processes: A Model-Driven perspective

The contribution of this paper is fourfold. First, we sketch an architecture of agent-enabled business process management that cleanly separates between agent capabilities, business process modeling, and the modeling of services that are employed to actually implement processes. Second, we demonstrate how the Model-Driven Architecture (MDA) paradigm can be beneficially employed at all three layers of the agent-enabled business process architecture. Third, we describe an instance of a platform independent model based on the new UML2 standard, and sketch a mapping to a platform dependent model based on the Business Process Execution Language for Web Services (BPEL4WS). Fourth, we point out the relationship between the programming of multiagent systems, and the design of agent-enabled business processes. Our key thesis is that designing business processes based on an agent-enabled business processes modeling and enactment framework is a useful way of programming agents – a way that may help agent technology to gain much wider acceptance in industry.