Full HTML for
Given by Tom Haupt,Geoffrey C. Fox at DoD Modernization Users Group Conference Monterey on June 7 99. Foils prepared June 5 99
Outside Index
Summary of Material
Discussion of Web portals
|
WebFlow CORBA and Middle Tier
|
WebFlow Applications
|
Gateway in Detail
|
Denote Foils where Image Critical
Denote Foils where Image has important information
Denote Foils where HTML is sufficient
NPAC Tutorial on Use of Java in Computational Science
Agenda
Target Architecture
Part I
Web Portals
Examples of Portals
Example Portal: Netscape
PPT Slide
Portals are customizable
Special Portals -- Computing
Portals for scientific and engineering communities
PPT Slide
Seamless Access
Example: Globus
Towards a complete solution ...
PPT Slide
Target Architecture
Example of a portal
PSE Example: CCM IPSE
QS Front End
Building a Portal
Portal Building Blocks I
Portal Building Blocks -- Security
Portal Building Blocks -- Distributed Object Support
Basic 3 Tier Computing Model
Object View of running a program
Pragmatic Object Web Technology Model - I
Multi-Tier Client Server Service
Pragmatic Object Web Technology Model - II
Functionality of layers
Proxy -- Proxy -- Backend Capability
Basic Multi Tier architecture
Emerging Object Web Multi-Server Model
Multi-Server Web Computing System or Portal to Computing
Some caveats and comments
What does it take to Implement This
More details on the implementation
Implementation Continued I
Implementation Continued II
Implementation Continued III
Collaboration I
Collaboration II
Collaboration III
Collaboration and Portals I
Collaboration and Portal II
Part II
WebFlow design
A few words about CORBA
Distributed objects
How is this possible?
Example of IDL definition
We need more flexibility...
Event binding
Controlling a module
Adding a remote module
Back to WebFlow design
WebFlow Server
WebFlow Server
CORBA Based Middle-Tier
WebFlow Context Hierarchy
Gatekeeper
Middle-Tier modules serve as proxies of Back-End Services
Modules
Services
Example of a proxy module
WebFlow over Globus
Secure Access: terminology
Secure Access
Security Model
Distributed Objects are less secure
CORBA security is built into ORB
Authentication
Privilege Delegation
CORBA access model
Part III
Applications vary by the functionality of their Front-Ends
Applications vary by how they are composed from modules
The modules can interact with each other in different ways:
Applications vary on how the Front-End interacts with the Middle-Tier
Landscape Management System
LMS Objectives
LMS: Changes in Vegetation
LMS: Changes in Vegetation
LMS Front End
Data Retrieval
PPT Slide
WMS based Visualizations
Implementation of LMS
Running LMS
Client code
Interactions between components
Quantum Simulations
Quantum Simulations
QS: WebFlow implementation
PPT Slide
Implementation of QS
QS: Front-End
Building an application
Document Type Definition
Example XML document
Object Oriented Applications
Mobility System's Applications
Part IV
Target Architecture
Design Issues
Gateway Implementation
Gateway Implementation (2)
Gateway Implementation (3)
Gateway Implementation (4)
Front End
CTA specific knowledge database
Visual Authoring Tools
Example: Data Flow
Example: DARP
User and Group Profile
Resource Identification and Access
Front-End infrastructure
Front-End Support
User Context
PPT Slide
Control Applet
Screen Dump of the Control Applet
Navigator
PPT Slide
Problem description toolboxes
Code toolboxes
Resource Request Toolbox
File Formats I
File Formats II
Other toolboxes
ScienceML
Scientific Notepad
Middle-Tier
WebFlow Server
CORBA Based Middle-Tier
Back End
Back End Services
Gateway Security
Security Model (Keberos)
Building Gateway Components
Middle-Tier is given by a mesh of WebFlow Servers that manage and coordinate distributed computation
How to develop a Gateway component (or a toolbox)
How the Back-End interacts with the rest of the system?
Implementing Back-End Services
What does it take to develop a Gateway module (a proxy)?
Selecting a Predefined Task
Gateway/WebFlow Mission
Updates
Outside Index
Summary of Material
HTML version of Basic Foils prepared June 5 99 
Full HTML Index
| presented by |
| Tomasz Haupt Northeast Parallel Architectures Center at Syracuse University |
| Given at DoD High performance Computing Users Group Meeting Monterey June 7 1999 |
| and CPS 714 Summer 1999 Session June 21 1999 |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| Part I: Introduction: Portals/Three Tier System |
| Part II: Middle Tier: WebFlow |
| [part I,II 1,5 hours] break |
| Part III: WebFlow Applications |
| Part IV: Portal for Computing: Gateway |
| [part III, IV] 1,5 hours |
HTML version of Basic Foils prepared June 5 99 
Full HTML Index
| CTA specific knowledge databases |
| Visual |
| Authoring |
| Tools |
| User and |
| Group |
| Profiles |
| Resource Identification and Access |
| Visualizations |
| Collaboration |
| WebFlow |
| Back-End Resources |
| Problem Solving Environment |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| Web Portals |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| A portal is a web entrance to a set of resources and consists of a mix of information, computer simulations and various services |
| For businesses portals generalize the concept of a a company Intranet and encompass domain of IBM main frames, Lotus Notes etc. |
| For computing, portals are called Problem Solving Environments |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| Portal to NPAC is http://www.npac.syr.edu |
| Portal to the world is http://www.yahoo.com/ or http://my.netscape.com/ |
| Portal to latest news is http://www.cnn.com |
| Portal to computational chemistry is http://www.osc.edu/~kenf/theGateway/Portal to stock trading is http://quote.yahoo.com/ |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| Access to: |
| Search Engines |
| News |
| Weather |
| Stocks |
| Sport |
| Services |
| Bookmarks |
| Calendar |
| ... |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| More Portals |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| But perhaps more interestingly computing portals involve building a web based problem solving environment to link together all the capabilities needed to compute |
| run programs and access dynamically status of jobs and computers -- in particular allow a uniform interface to running a given job on one of many backend compute servers |
| compile and debug programs |
| link diverse data sources with computations run on multiple backend machines |
| visualize results |
| web-based help systems and collections of related scientific papers |
| computational steering i.e. interacting with a job (change parameters) based on dynamic results such as visualized results |
| See http://www.osc.edu/~kenf/theGateway/ and http://www-fp.mcs.anl.gov/~gregor/datorr/ |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| Seamless access to HPC resources |
| Seamless access to instruments |
| Data storage |
| Application specific data base |
| Visualization Tools |
| Collaboratory |
| Scientific notepads |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| Remote Resources |
| FRONT-END: |
| high-level user friendly |
| - visual programming and authoring tools - application GUI |
| RESOURCES: |
| all hardware and software |
| components needed to complete the user task, including, but not limited to, |
| compute engines from |
| workstations to supercomputers, |
| storage, databases, instruments, |
| codes, libraries, and licenses. |
| Desktop/Laptop |
| Seamless |
| Access |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| Create an illusion that all resources needed to complete the user tasks are available locally. |
| In particular, an authorized user can allocate the resources she needs without explicit login to the host controlling the resources. |
| An analogy: NSF mounted disk or a network printer. |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| Advantages: |
| - platform independent mini-language (RSL) for specification of resources |
| - can be layered on top of different schedulers - enables interoperability between resources (can allocate many resources at a time, file transfer, monitoring, etc.) Disadvantage: |
| - a bag of low level tools |
| GRAM Client |
| Contact address Resource Language Specification |
| MDS |
| Directory |
| Service |
| GSS-API |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| PSE: problem description (physics, chemistry, ...) |
| Task description: I need 64 nodes of SP-2 at Argonne to run my |
| MPI-based executable "a.out" you can find in "/tmp/users/haupt" on marylin.npac.syr.edu. In addition, I need any idle workstation with jdk1.1 installed. Make sure that the output of my a.out is |
| transferred to that workstation |
| Middle-Tier: map the user's task description onto the resource specification; this may include resource discovery, and other services |
| Resource Specification |
| Resource Allocation: run, transfer data, run |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| Remote Resources |
| We need a third tier! |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| CTA specific knowledge databases |
| Visual |
| Authoring |
| Tools |
| User and |
| Group |
| Profiles |
| Resource Identification and Access |
| Visualizations |
| Collaboration |
| WebFlow |
| Back-End Resources |
| Problem Solving Environment |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| Navigate and choose an existing application to solve the problem at hand. Import all necessary data. |
| Retrieve data |
| Pre/post-processing |
| Run simulations |
| Select host |
| Select model |
| Set parameters |
| Run |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| Ken Flurchick, http://www.osc.edu/~kenf/Gateway |
| 1 .Define your problem |
| 2. Identify resources (software and hardware) |
| 3. Create input file |
| 4. Run your application |
| 5. Analyze results |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| Compose interactively |
| your application |
| from pre-existing |
| modules |
| Data-Flow Front-End |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| We can identify a set of tools that enable the construction of portals |
| These are roughly equivalent to the tools needed to build a general application based on "object web technologies" |
| There is also an architecture implying multi-tier systems with standard compliant interfaces |
A common portal architecture means that portals can be conveniently linked together
|
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| So we currently have languages (Java ..) distributed object support and standards (CORBA ...), interface standards (XML), transport protocols (HTTP, TCP/IP) at various levels, rendering standard (HTML). |
| We have web clients and servers |
We need certain capabilities in common to many portals. These include
|
HTML version of Basic Foils prepared June 5 99
Full HTML Index
So in this course, we will discuss security as it is a common service needed by many portals
|
| And a discussion of special difficulties as seen by spate of stories about viruses, hackers and security leaks of computer information from government facilities |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| Although CORBA for instance provides (by definition) most key distributed object services such as persistence, this is not sufficient as we will inevitably mix object models and further these services are still being developed |
| So as one part of this course we will discuss "discuss distributed object" and "internet" (software) infrastructure |
with special attention to issues of naming, registering, looking up (yellow pages) and addressing objects
|
| We need to contrast classical hierarchy of naming as in DNS and web URL's as implemented in LDAP with much more intriguing dynamic model in Sun's Jini and UCB's Ninja which are suitable for mobile ephemeral objects |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
A server accepts input and produces output
|
| IIOP and HTTP are two common protocols (formats of control data) for inter program messages |
| A Web browser (Netscape or Microsoft) can access any server at "the click of a button" with data from user refining action |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| Similar to invoking a web page |
| "CORBA" or "WIDL" (pure XML CGI specification) is just CGI done right ...... |
| Object Broker |
| Fortran Simulation Code on Sequential or |
| Parallel Machine |
| Convert Generic Run Request into Specific Request on Chosen Computer |
| Fortran Program |
| is an Important |
| Type of Object |
| It can be built up from |
| smaller objects |
| e.g. Matrix |
| library could be an |
| object |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| Basic Vision: The current incoherent but highly creative Web will merge with distributed object technology in a multi-tier client-server-service architecture with Java based combined Web-ORB's |
Need to abstract entities (Web Pages, database entries, simulations) and services as objects with methods (interfaces)
|
COM(Microsoft) and CORBA(world) are competing cross platform and language object technologies
|
| Javabeans plus RMI and JINI is 100% pure Java distributed object technology |
| W3C says you should use XML which defines a better IDL and perhaps an object model -- certainly does for documents |
| How do we do this while technology is still changing rapidly! |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| Old and New Useful Backend Systems |
| Web Server |
| Object Broker |
| IIOP |
| Specialized Java Server |
| HTTP |
| RMI(IIOP) or Custom |
| Client Tier |
| Javabean Enterprise Javabean |
| Back-end Tier |
| Services |
| Middle Tier |
| Servers |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| Need to use mix of approaches -- choosing what is good and what will last |
For example develop Web-based databases with Java objects using standard JDBC (Java Database Connectivity) interfaces
|
| Use XML to record small databases in flat files |
| Use CORBA to wrap existing applications |
| Use COM to access components of major PC applications such as Microsoft Excel and Word |
| Use Jini and Java to implement dynamic registration of objects |
| Use HTML to render everything |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| 1)Rendering of (Multiple) Objects 2)Proxy to some backend capability used to render |
| input and output to and |
| from service |
| Database |
| MPP |
| Telescope |
| File System |
| 1)Server acts as a broker |
| and control layer |
| 2)Same software as client |
| but higher performance |
| multi-user |
| 3)Again service represented |
| as proxy used as a token for |
| control logic |
| Services with |
| specialized software |
| and capabilities |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| The Proxies and actual instantiation are linked by messages whose semantic content is defined (best) in XML |
| The lower system level format can be HTTP RMI IIOP or ... |
| The client proxy is for rendering input and output including specification of object |
| The middle tier proxy allows choice of backend provider and functional integration (the user can specify integration at client proxy level) |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| Objects (at "logical backend") can be on client of course |
| Front end can define a generic (proxy for a) object. The middle control tier brokers a particular instantiation |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| Clients and their servers |
| Middle Tier Custom Servers |
| Back End Servers and |
| their services |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| Need version 5 browsers with good XML support to properly implement this |
| We draw three tier as minimum architecture but as previous diagram suggests, one is likely to build a more structured system with middle tier having more layers |
Network computer breaks client tier into two with simple HTML at user and Java servlets providing heavier weight capability on a different machine
|
HTML version of Basic Foils prepared June 5 99
Full HTML Index
Well you need some hardware -- that is either an Internet or Intranet
|
| You need some software |
| You need some standards and capabilities expressed in these standards |
| You need some capabilities common to many applications |
| You a specific system to solve a particular problem |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| Note the hardware can be as little as 1 PC on your desk |
More interestingly it is your 64 PC Linux or Windows NT Cluster up to the cluster of 64 128 node SGI Origin's at Los Alamos
|
| Software divides into several types |
| Fortran Program |
| PLSQL Database |
| or ..... |
| HTML Rendering |
| Java/CORBA/WIDL Wrapper |
| Style Sheets and Page Design |
| "Glue" with (multiple) tier servers and XML inter tier communication |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
The backend software can be parallel or sequential and simulation or information based
|
We need to define in XML its interface needed to
|
| This backend program interface is defined as an XML file e.g. <program name="physicssimulation1"> <run domain="npac" machine="maryland" type="pc" os="nt" >c:\myprogs\a.out</run> <input type="htmlform" > <name>userinput</name> <field default="10" >iterations</field> .......... </input> <output> ...</output> </program> |
| Becomes HTML form with name |
| userinput and text field iterations |
| with default value 10 on client |
HTML version of Basic Foils prepared June 5 99 
Full HTML Index
| For this example (running a physics program), we could use a specific machine as defined on previous foil (the Windows NT PC maryland) or a generic machine <run domain="any" machine="any" type="pc" os="nt" > |
| In this case, middle tier broker, would look in a database (XML file) to find what machines were available and either automatically or with user input choose one. |
| Both Software and Hardware are defined in XML |
| Note databases and an XML files are logically equivalent |
| JDBC can access either Oracle (Microsoft) database or XML ASCII file |
More generally XML can be thought of as general object serialization
|
HTML version of Basic Foils prepared June 5 99
Full HTML Index
The front end is some document consisting of a mix of HTML or XML
|
| We will NOT discuss either how to code backend in PLSQL or Fortran or how to compose final rendered document in HTML |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| This is often termed groupware support and Lotus Notes is best known corporate product |
| Collaboration implies sharing of electronic objects and is needed in asynchronous and synchronous modes |
| AOL Yahoo etc. have Internet games which illustrate one sophisticated form of collaboration |
| Chat rooms are perhaps most popular and are simplest synchronous tool. White boards next most popular |
Asynchronous mode is
|
| http://www.npac.syr.edu/tango/ is a collaboration system supporting synchronous sharing of events where events signify changes in objects |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| Notification and linkage service can be based on object registration mechanism and allows important collaborative capabilities |
| one associates with each group activity a "magic ID" (barcode) |
every digital object associated with this activity registers itself when it comes on line with some registry (registry can be distributed). A given object may have multiple barcodes attached to it
|
| Either users or Portals (PSE's) register interest in certain barcodes |
| The (Portal) event service notifies registered observers when a digital object of interest becomes available |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
Notification mechanism enhances collaboration as enables dynamic federation of relevant objects to be automatically maintained
|
| Notification can be used for people so their presence on-line can be made known to those in particular collaborative users |
| Users decide if notification causes an active signal (send electronic mail, ring a buzzer) or passively alters a list on a web page. |
Event Model unifies synchronous and asynchronous models of collaboration
|
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| Shared Objects need to accept data from Portal compliant applications |
| Portal Events need to be integrated into SPDL |
| Portal federates different "event domains" |
| Local Event/Message Bus |
| Collaboration == Sharing Event |
| in "Tango" Server |
| Local Event/Message Bus |
| Local Event/Message Bus |
| Portal Events |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| Whiteboard and Shared Browser can be loaded with files and data from Portal compliant systems |
More generally consider any client side rendering of a gateway system -- either data input or (visualization/data) output
|
Examples from Tango and Computing Portal
|
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| WebFlow |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
Object Oriented, follows JavaBeans model
|
| Firing event E by object A causes invocation of method M of object B. The association of event E and method M is achieved by an event registration mechanism. An event is also an object and it carries data. |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| (a digression) |
| more information on Java, Corba, Distributed Object: |
| http://www.npac.syr.edu/projects/cps616spring96/index.html |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| Typically WebFlow objects live in different address spaces. We use CORBA to invoke methods of the remote objects. |
| Object A |
| (event source) |
| Object B |
| (event target) |
| Fire event E |
| Method M(){ |
| ...} |
| ORB |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| ORB2 |
| Object A |
| (event source) |
| Object B |
| (event target) |
| Fire event E |
| Method M(){ |
| ...} |
| ORB1 |
| IIOP |
| - Objects A and B are CORBA objects (thus not Java objects) |
| - Objects are defined in IDL (Interface Definition Language) |
| - IDL definitions are compiled using (Java)IDL compiler |
| - The IDL compiler generates new classes to be used by the Java compiler |
| (javac) instead of the original ones, on both the client and server side |
| - The IDL compiler generates either classes to be extended, or interfaces to be implemented |
| Object Adapter |
| serves also as a daemon |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| #include "..\BC.idl" module WebFlow { |
| module lms{ |
| interface runEdys:BeanContextChild { void run(); void receiveData(); |
| void setParameter(in string p); |
| }; interface runCasc2d:BeanContextChild{ void run(); void runAgain(); |
| }; interface DoneEvent{ Object getSource(); }; |
| }; }; |
| We will create 3 CORBA objects |
| * two modules: - runEdys - runCasc2d * one event - DoneEvent They will be added to package WebFlow.lms |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| WebFlow objects are developed independently of each other (reusable modules): we cannot assume that the event source knows anything about the event target and vice versa |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| addEventListener |
| rmEventListener |
| fireEvent(E,M) |
| method M |
| Event Source |
| Event Target |
| Adapter |
| Event |
| ORB |
| binding |
| table |
| DII |
| DSI |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| Proxy Module |
| Module |
| ActionButton1 |
| ActionButton2 |
| .... |
| IIOP |
| Another complication: |
| Java sandbox! |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| Local Host |
| Add module |
| Module Factory |
| Proxy Module |
| Remote Host |
| FE |
| request |
| Add module |
| Module Factory |
| Module |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| The WebFlow server is a container object, a.k.a. context - in fact it implements JavaBeanContext class (Java1.2) |
| The BeanContext acts as a logical container for JavaBeans ("WebFlow modules and services") and BeanContexts. |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| User 1 |
| User 2 |
| Application 1 |
| Application 2 |
| App 2 |
| App 1 |
| WebFlow server is given |
| by a hierarchy of containers |
| and components |
| WebFlow server hosts users and services |
| Each user maintains a number of applications composed of custom modules and common services |
| WebFlow Services |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| Mesh of WebFlow Servers |
| implemented as CORBA objects |
| that manage and coordinate |
| distributed computation. |
| Gatekeeper |
| Authentication |
| Authorization |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| Master Server (Gatekeeper) |
| Slave Server |
| Slave Server |
| User Context |
| Application Context |
| Module |
| Slave Server Proxy |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| Services |
| User Modules |
| Browser based Front-End |
| Browser |
| based |
| Front-End |
| User Space Definition and Task Specification |
| Metacomputing Services |
| Back-End Resources |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
Similar to JavaBeans
|
May serve as Proxies
|
HTML version of Basic Foils prepared June 5 99
Full HTML Index
Services are modules provided by the system and offers a generic functionality
|
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| Generate Data |
| Run Job |
| Analyze |
| The Run Job module is a proxy module. It generates the RSL on-the-fly |
| and submits the job for execution using globusrun function. |
| The module knows only exec name, location and its arguments/parameters. |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| In order to run WebFlow over Globus there must be at least one WebFlow node capable of executing Globus commands, such as globusrun |
| Jobs that require computational power of massively parallel computers are directed to the Globus domain, while other jobs can be launched on much more modest platforms, such as the user's desktop or even a laptop running Windows NT. |
| Bridge between WebFlow and Globus |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
Access Control (or Authorization)
|
Authentication
|
Integrity
|
Accountability (or non-repudiation)
|
Privacy
|
HTML version of Basic Foils prepared June 5 99
Full HTML Index
Mutual authentication of servers and users
|
Access control
|
| Privacy |
| Integrity |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| SECIOP |
| Front End Applet |
| https |
| authentication |
| & authorization |
| Gatekeeper |
| delegation |
| Stakeholders |
| HPCC resources |
| GSSAPI |
| GSSAPI |
| Layer 1: secure Web |
| Layer 2: secure CORBA |
| Layer 3: Secure access to resources |
| Policies defined by resource owners |
| https (SSL) |
| AKENTI |
| CORBA security service |
| GSSAPI (Globus) |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
can play both client and server
|
evolve continually
|
interactions are not well defined
|
| are polymorphic (ideal for Trojan horses!) |
can scale without limit
|
| are very dynamic |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| Secure Communications |
| Authentication |
| Client |
| User |
| Encryption |
| Audit |
| Authorization |
| Server |
| Encryption |
| Credentials |
| Object |
| Adapter |
| ORB |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| A principal is authenticated once by ORB and given a set of credentials, including one or more roles, privileges, and an authenticated ID. |
| An authenticated ID is automatically propagated by a secure ORB; it is part of the caller context |
| Principal |
| Credentials |
| Current |
| Client |
| Server |
| set_credentials |
| get_attributes |
| authenticate |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
No delegation
|
Simple delegation
|
Composite delegation
|
| Client |
| Target |
| Client |
| Target |
| Client |
| Target |
| Client |
| Target |
| Object |
| IIOP |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| Based on a trusted ORB model: you must trust that your ORB will enforce the access policy on the server resource |
| The ORB determines: if this client on behalf of this principal can do this operation on this object |
| Server uses Access Control Lists (ACL) to control user access |
| Principal |
| Role |
| Rights |
| Operation |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| WebFlow Applications |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
Applications vary by the functionality of their Front-Ends
|
HTML version of Basic Foils prepared June 5 99
Full HTML Index
Applications vary by how they are composed from modules
|
HTML version of Basic Foils prepared June 5 99
Full HTML Index
The modules can interact with each other in different ways:
|
HTML version of Basic Foils prepared June 5 99
Full HTML Index
Applications vary on how the Front-End interacts with the Middle-Tier
|
HTML version of Basic Foils prepared June 5 99
Full HTML Index
HTML version of Basic Foils prepared June 5 99
Full HTML Index
To develop a web based system that implements a "navigate-and-choose" paradigm and allows the end user to:
|
| Anytime, anywhere, using any platform |
|
(e.g., a connected to the Internet laptop PC)
|
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| A decision maker (the end user of the system) wants to evaluate changes in vegetation in a geographical region over a long time period caused by short term disturbances such as a fire or human activity. |
| One of the critical parameters of the vegetation model (EDYS) is soil condition at the time of the disturbance. |
| This in turn is dominated by rainfall that possibly occurs at that time (CASC2D simulation) |
| Input data for the simulations are available from the Internet, such as Data Elevation Models (DEM) from USGS web site or from custom databases (spices characteristics) |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| Data retrieval |
| Data preprocessing |
Simulation: two interacting codes
|
| Visualization |
| WMS |
| EDYS |
| CASC2D |
| DEM |
| Land Use |
| Soil |
| Texture |
| Vegetation |
| EDYS: vegetation model |
| CASC2D: watershed model |
| WMS: Watershed Modeling System |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| Data retrieval |
| Data pre- and post-processing |
| Simulations |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| The data wizard allows the user to interactively select the data and |
| download them to the local machine. The raw data are then fed to the WMS system launched from the browser to generate input files for simulations. |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| Launching coupled simulations on different Back-End computational resources |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| The results of the |
| simulations are send |
| back to the Front-End, |
| and can be visualized |
| using tools included |
| in WMS package |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
Front-End (client) is a Java application
|
"navigate and choose" - no interactive composition of applications
|
| modules exchange data through message passing mediated by WebFlow |
| client keeps the module references |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| slave |
| runCasc2d |
| master |
| UNIX |
| WinNT |
| slave |
| runEdys |
| lms.class |
| Data wizard |
| WMS |
| exeCasc2d |
| Web |
| Server |
| Web |
| Server |
| WebFlow Servers |
| Client |
| - WebFlow modules |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| try { |
| //add modules |
| p1 = slaveNT.addNewModule("runEdys"); //as defined in conf.file |
| runEdys re = runEdysHelper.narrow(p1); |
| p2 = slaveUNIX.addNewModule("runCasc2d"); //as defined in conf.file |
| runCasc2d rc = runCasc2dHelper.narrow(p2); |
| //bind events |
| master.attachEvent(p2,"Casc2dDone","Casc2dDone",p1,"run"); |
| master.attachEvent(p1,"EdysStarted","EdysStarted",p2,"run"); |
| master.attachEvent(p1,"EdysDone","EdysDone",p2,"runAgain"); |
| //invoke methods of runCasc2dImp |
| rc.run(); |
| } |
| catch(COMM_FAILURE ex) |
| {System.err.println(ex.getMessage()); System.exit(1);} |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| Write |
| slave |
| runCasc2d |
| master |
| UNIX |
| WinNT |
| slave |
| runEdys |
| lms.class |
| Data wizard |
| WMS |
| exeCasc2d |
| Web |
| Server |
| Web |
| Server |
| casc2d |
| IIOP |
| http |
| Write |
| http |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
HTML version of Basic Foils prepared June 5 99
Full HTML Index
HTML version of Basic Foils prepared June 5 99
Full HTML Index
HTML version of Basic Foils prepared June 5 99
Full HTML Index
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| Front-End (client) is a Java applet |
| applications are created dynamically from pre-existing modules |
| modules exchange data through ports (data flow model) |
| server keeps the module references; the references are published on a web site |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| XML |
| A visual representation is converted into a XML |
| document |
| XML |
| service |
| Web |
| Server |
| save |
| parse |
| ApplContext |
| Generates Java code to add modules to ApplContext |
| Publishes IOR |
| Front-End Applet |
| Middle-Tier |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| <!DOCTYPE taskspec [ |
| <!ELEMENT taskspec (task)+> |
| <!ATTLIST taskspec |
| UserContextRef CDATA #REQUIRED |
| AppName CDATA #REQUIRED> |
| <!ELEMENT task ((task | module)*,connection*) > |
| <!ELEMENT module (#PCDATA) > |
| <!ATTLIST module |
| modulename CDATA #REQUIRED |
| host CDATA #REQUIRED > |
| <!ELEMENT connection (out,in)> |
| <!ELEMENT in EMPTY> |
| <!ELEMENT out EMPTY> |
| <!ATTLIST out |
| modulename CDATA #REQUIRED |
| eventname CDATA #REQUIRED |
| <!ATTLIST in |
| modulename CDATA #REQUIRED |
| method CDATA #REQUIRED > |
| ]> |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| <taskspec UserContextRef="123as321" AppName="TestApplication"> |
| <task> |
| <module modulename="FileBrowser" host="localhost"> |
| </module> |
| <module modulename="FileEditor" host="localhost"> |
| </module> |
| <module modulename="Gaussian" host="localhost"> |
| </module> |
| <connection> |
| <out modulename="FileBrowser" eventname="FileEvent" event="File"/> |
| <in modulename="FileEditor" method="run"/> |
| </connection> |
| <connection> |
| <out modulename="FileEditor" eventname="FileEvent" event="File"/> |
| <in modulename="Gaussian" method="run"/> |
| </connection> |
| </task> |
| </taskspec> |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| Coordinates transformations |
| Remote HPCC resources |
| - Web interface to store data in DB in variable format - Data transfer from DB to a visualization engine |
| - Coordinates transformations on |
| a remote server - Launching simulations on remote |
| hosts with interactive input |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| Gateway: Portal for Computing |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| CTA specific knowledge databases |
| Visual |
| Authoring |
| Tools |
| User and |
| Group |
| Profiles |
| Resource Identification and Access |
| Visualizations |
| Collaboration |
| WebFlow |
| Back-End Resources |
| Problem Solving Environment |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| Support for a seamless access (security) |
| Support for distributed, heterogeneous Back-End services (HPCC, DBMS, Internet, ...) managed independently from Gateway |
| Variable pool of resources: support for discovery and dynamical incorporation into the system |
| Scalable, extensible, low-maintenance Middle Tier |
| Web-based, extensible, customizable, self-adjusting to varying capacities and capabilities of clients (humans, software and hardware) front end |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
Distributed, object-oriented middle tier
|
HTML version of Basic Foils prepared June 5 99
Full HTML Index
Gateway operates in a keberized environment [Support for a seamless access]
|
HTML version of Basic Foils prepared June 5 99
Full HTML Index
Task Specification is expressed in XML
|
Resource Specification is expressed in XML
|
| [Support for distributed, heterogeneous Back-End services; Variable pool of resources; Scalable, extensible, low-maintenance Middle Tier] |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| Component-based Front-End [extensible] |
Front-End Components ("toolbox interfaces") are
|
| All components (Front End, Middle-Tier) are defined in XML and contain metadata (used for component mining) |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| requires server side support (both the middle tier and the back-end) through well defined interfaces |
| should be constructed from reusable or cloneable components |
| allows for identification of software components best suited to solve the problem at hand |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| Allows for composition of the computational task from components (reusable modules) |
| Different tools to support various programming models such as data parallel, task parallel, data flow, object oriented |
| No assumption on granularity |
| Metadata about components and support for archiving and mining the components |
| Support for instrumentation and steering |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
HTML version of Basic Foils prepared June 5 99
Full HTML Index
HTML version of Basic Foils prepared June 5 99
Full HTML Index
Controls the user/group environment
|
Allows for customization
|
| History of actions |
| Scientific notebook |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
Computational resources
|
Data
|
| Networks |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| Portal Page |
| User Context |
| Control Applet |
| Navigator (extensible, customizable) |
PSE specific toolboxes
|
| Other (Collaboration, Visualizations, ...) |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| Represents a Gateway session. |
| The session is associated with a user (or group) profile. |
| WebFlow extends the notion of the UNIX profile via the 'User Data Base' (UDB). This UDB contains information about submitted jobs, history of the users actions, and other user state information. The user context may also contain application/front-end specific information. |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| The control applet is responsible for maintaining the session, and direct communication with the middle-tier. |
| Direct communication is the most efficient, but since it is buried into an applet, this mechanism is not readily customizable. |
| The generic services, such as file service (upload, download, edit, copy, move, delete) and job services (show current jobs/show queues/kill jobs) will be supported this way. [combination of the user context and a query] |
| The Gateway will also support a non-direct communication with the middle-tier through servelts. |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| The navigator allows the user to select and customize toolboxes. |
| Embedded in a separate frame, it consists of menus, buttons, links, etc, derived from an XML document. |
| The navigator is a hierarchical, extensible and customizable. |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| The problem description is application specific, and the Gateway only provides a general framework for creating a PSE. |
| The most important part is the specification of what services (middle and back tier) are needed, what is their API, and how to add new services. |
| Example services: access to databases, XML parsing, generating HTML in-the-fly, file services. |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| The end user see it as a mapping between the problem description and software to be used to solve the problem. Actually, it identifies WebFlow modules and their parameters to be used to construct the application (see resource request toolbox below). |
| The module parameters may include input files, and if necessary, the input files are generated at this stage (using this or a separate toolbox). In addition, some parameters will be constructed from information stored in data bases, including UDB, and other sources. |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| The front-end activities result in an abstract task specification. |
| Abstract in the sense that the user may not know nor care what actual resources are used. |
| The task is composed of independently developed modules and services following different programming models. |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| We noted that Gateway should support input and output files with certain characteristics including |
| Native: internal format known to a particular application -- no checking of format matching if link output of one module to input of another |
parameter input: special file constructed in XML defining basic parameters needed by a batch job
|
HTML version of Basic Foils prepared June 5 99
Full HTML Index
Third file format is
|
Gateway modules need to specify nature of their input and output files and what type of linkage of modules is allowed or even required.
|
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| Visualizations |
| Collaboration |
| Scientific notebook |
| ... |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| This we define as a group of defined formats that support scientific data, note taking and sketches |
XSIL (Scientific data Interchange) defines metadata needed to specify scientific data files including high level parameters and methods needed to read data
|
| VML is Vector Graphics Mark up Language |
| DrawML is designed to support simple technical drawings (easier than VML but VML should be able to do this?) |
| VRML (3D scenes) reimplemented in XML as X3D |
| MathML Mathematical Expressions |
| ChemML Support Chemistry |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| Presumably this allows Scientists to make notes and record thoughts in a way that it supports important scientific constructs |
At its simplest this is an authoring tool like Microsoft Word, PowerPoint or Framemaker
|
| One useful utility would be a whiteboard that supported scientific notes using ScienceML |
Such a collaborative whiteboard (implemented in Tango for instance) would be useful in research and teaching
|
HTML version of Basic Foils prepared June 5 99
Full HTML Index
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| User 1 |
| User 2 |
| Application 1 |
| Application 2 |
| App 2 |
| App 1 |
| WebFlow server is given |
| by a hierarchy of containers |
| and components |
| WebFlow server hosts users and services |
| Each user maintains a number of applications composed of custom modules and common services |
| WebFlow Services |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| Mesh of WebFlow Servers |
| implemented as CORBA objects |
| that manage and coordinate |
| distributed computation. |
| Gatekeeper |
| Authentication |
| Authorization |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| Access to HPCC (via Globus) |
| Access to distributed databases (via JDBC) |
| Access to mass storage |
| Access to the Internet resources |
| Access to desktop application and local data |
| Access to code repositories |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| SECIOP |
| Front End Applet |
| SECIOP |
| authentication |
| & authorization |
| Gatekeeper |
| delegation |
| HPCC resources |
| GSSAPI |
| GSSAPI |
| Layer 1: secure Web |
| Layer 2: secure CORBA |
| Layer 3: Secure access to resources |
| Policies defined by resource owners |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| . |
| Gateway applications are composed of independent reusable modules |
| Modules are written by module developers who have only limited knowledge of the system on which the modules will run. |
| The WebFlow system hides module management and coordination functions |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| Back-end service |
| Middle-tier proxy |
| Front-end controls |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
Often, your job do not need to interact.
|
HTML version of Basic Foils prepared June 5 99
Full HTML Index
If you need to interact
|
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| Many come as a standard Gateway modules |
User's modules
|
HTML version of Basic Foils prepared June 5 99
Full HTML Index
HTML version of Basic Foils prepared June 5 99
Full HTML Index
seamless access to remote resources
|
| high-level user friendly visual programming and runtime environment for HPDC |
| portable system based on industry standards and commodity software components |
HTML version of Basic Foils prepared June 5 99
Full HTML Index
| Contact person: Tomasz Haupt |
| haupt@npac.syr.edu |
| voice (315) 443-2087 |
| http://www.npac.syr.edu/users/haupt/WebFlow/ |