/[pdpsoft]/trunk/grid-mw-security/ees/presentation/talk.tex
ViewVC logotype

Contents of /trunk/grid-mw-security/ees/presentation/talk.tex

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1044 - (show annotations) (download) (as text)
Mon Nov 2 12:05:16 2009 UTC (12 years, 2 months ago) by aramv
File MIME type: text/x-latex
File size: 6738 byte(s)
Added better sequence diagram slides
1 \documentclass{beamer}
2 \usepackage{beamerthemesplit}
3 \usetheme{egee}
4
5 \title{The Execution Environment Service}
6 \author{Aram Verstegen}
7 \institute{Nikhef}
8
9 \date{
10 %% leave the following line alone
11 % {EGEE-III INFSO-RI-222667}
12 \today
13 %% edit the next line
14 %Conference name and date along with standard \LaTeX hspace/hfill commands to space this line
15 \hfill
16 %Section: \thesection
17 \insertsection
18 \hfill
19 %\insertsubsection
20 %\hfill
21 Sheet: % \currentsubsection
22 }
23
24 \begin{document}
25 \frame{\titlepage}
26
27 %\AtBeginSubsection[]
28 %\AtBeginSection[]
29 %{
30 \begin{frame}<beamer>
31 \frametitle{Layout}
32 %\tableofcontents[currentsection,currentsubsection]
33 %\tableofcontents[sections={<1-\currentsection>}]
34 %\tableofcontents%[pausesections]
35 \tableofcontents%[currentsection]
36 \end{frame}
37 %}
38
39 \section{Introduction}
40 \subsection{Nikhef}
41
42 \begin{frame}%[fragile]
43 \frametitle{Nikhef}
44 \begin{figure}[hp]
45 \centering
46 \includegraphics[width=0.7\textwidth]{nikhef_organigram}
47 %\caption[Nikhef organizational chart]%
48 %{A diagram showing the organizational structure of Nikhef}
49 \end{figure}
50 \end{frame}
51
52 \setbeamertemplate{background}{\includegraphics[width=\paperwidth,height=\paperheight]{atlas.jpg}}
53 \subsection{Grid computing}
54 \begin{frame}
55 \frametitle{CERN's definition}
56 CERN on Grid computing:
57 \begin{quote}
58 "A service for sharing computer power and data storage capacity over the Internet"
59 \end{quote}
60 \end{frame}
61 \setbeamertemplate{background}
62
63 \begin{frame}
64 \frametitle{Worldwide scale}
65 \begin{figure}[hp]
66 \centering
67 \includegraphics[width=\textwidth]{rtm}
68 \end{figure}
69 \end{frame}
70
71 \begin{frame}
72 \frametitle{Job path}
73 \begin{figure}[hp]
74 \centering
75 \includegraphics[width=0.6\textwidth]{grid_job_diagram.pdf}
76 \end{figure}
77 \end{frame}
78
79 \begin{frame}
80 \frametitle{Translating Grid credentials}
81 \begin{figure}[hp]
82 \centering
83 \includegraphics[width=0.6\textwidth]{certificate-to-user-account.pdf}
84 \end{figure}
85 \end{frame}
86
87 \begin{frame}
88 \frametitle{Authorization on Grid sites}
89 \begin{figure}[hp]
90 \centering
91 \includegraphics[height=0.8\textheight]{lcmaps-2.pdf}
92 \end{figure}
93 \end{frame}
94
95 \section{Security middleware in the gLite stack}
96 \subsection{Site Access Control suite}
97 %\begin{frame}
98 %\frametitle{SCAS-based authorization}
99 %\begin{figure}[hp]
100 %\centering
101 %%\includegraphics[width=\textwidth]{scas.png}
102 %\includegraphics[height=0.665\textheight]{scas-hippie-slide-4.pdf}
103 %\label{fig:scas}
104 %\end{figure}
105 %\end{frame}
106
107 \begin{frame}
108 \frametitle{Middleware front-ends}
109 \begin{figure}[hp]
110 \centering
111 %\includegraphics[width=\textwidth]{argus.png}
112 \includegraphics[height=0.7\textheight]{argus-hippie-slide-5.pdf}
113 \label{fig:scas}
114 \end{figure}
115 \end{frame}
116
117 \begin{frame}
118 \frametitle{Argus-based authorization}
119 \begin{figure}[hp]
120 \centering
121 %\includegraphics[width=\textwidth]{argus.png}
122 \includegraphics[height=0.7\textheight]{argus-simple.pdf}
123 \label{fig:scas}
124 \end{figure}
125 \end{frame}
126
127 \begin{frame}
128 \frametitle{Goal of the EES}
129 \begin{figure}[hp]
130 \centering
131 \includegraphics[height=0.8\textheight]{lcmaps-vs-ees.pdf}
132 \end{figure}
133 \end{frame}
134
135
136 %\begin{frame}
137 %\frametitle{New use cases}
138 %\begin{itemize}
139 %\item Interact with Local Resource Management System
140 %\item Enforce reconfiguration of a batch queue scheduler like Maui
141 %\item Interface with virtualization frameworks like OCCI or OpenNebula
142 %\end{itemize}
143 %\end{frame}
144
145 \section{The Execution Environment Service}
146
147 \subsection{Functional requirements}
148 \begin{frame}
149 \frametitle{Functional requirements}
150 \begin{itemize}
151 \item Have the ability to work with SAML2-XACML2 concepts
152 \item Provide a data store for generic and specialized data types
153 \item Be easily adaptable to new use cases
154 \item Facilitate access from several external interfaces
155 \end{itemize}
156 \end{frame}
157
158 \subsection{Technical requirements}
159 \begin{frame}
160 \frametitle{Technical requirements}
161 \begin{itemize}
162 \item Be largely backward-compatible with existing deployment schemes
163 \item Perform efficiently
164 \item Be thread-safe
165 \item Be portable to many different platforms
166 \item Be able to interact with the OS on a low level
167 \item Provide a flexible plug-in API
168 \end{itemize}
169 \end{frame}
170
171 \subsection{Proposed design of the EES}
172 \begin{frame}
173 \frametitle{Proposed design of the EES}
174 \begin{figure}[hp]
175 \centering
176 \includegraphics[width=\textwidth]{ees.pdf}
177 \end{figure}
178 \end{frame}
179
180 \subsection{API design}
181 \begin{frame}
182 \frametitle{EEF API}
183 \begin{itemize}
184 \item eef\_init()
185 \item eef\_run()
186 \item eef\_term()
187 \end{itemize}
188 \end{frame}
189
190 \begin{frame}
191 \frametitle{Plug-in API}
192 \begin{itemize}
193 \item plugin\_initialize()
194 \item plugin\_run()
195 \item plugin\_terminate()
196 \end{itemize}
197 \end{frame}
198
199 \begin{frame}
200 \frametitle{AOS API}
201 \begin{itemize}
202 \item set\_attribute(label, value)
203 \item get\_attribute(label)
204 \item set\_obligation(label, value)
205 \item get\_obligation(label)
206 \item destroy\_obligation(label)
207 \end{itemize}
208 \end{frame}
209
210 \begin{frame}
211 \frametitle{Relational AOS API}
212 \begin{itemize}
213 \item get\_node(label)
214 \item add\_child(label, child node)
215 \item get\_child(label)
216 \item get\_parent(label)
217 \item get\_value\_by\_node(node)
218 \end{itemize}
219 \end{frame}
220
221 \begin{frame}
222 \frametitle{eef\_init}
223 \begin{figure}[hp]
224 \centering
225 \includegraphics[width=\textwidth]{ees_seq_init.pdf}
226 \end{figure}
227 \end{frame}
228
229 \begin{frame}
230 \frametitle{eef\_run}
231 \begin{figure}[hp]
232 \centering
233 \includegraphics[width=\textwidth]{ees_seq_run.pdf}
234 \end{figure}
235 \end{frame}
236
237 \begin{frame}
238 \frametitle{eef\_term}
239 \begin{figure}[hp]
240 \centering
241 \includegraphics[width=\textwidth]{ees_seq_term.pdf}
242 \end{figure}
243 \end{frame}
244
245 \subsection{Future development}
246 \begin{frame}
247 \frametitle{Future development}
248 \begin{itemize}
249 \item Expose the EEF as a service
250 \item Multi-threading support
251 \item Plug-ins to support new use cases
252 \item SAML2-XACML2 parsing
253 \item Patch existing plug-ins
254 \end{itemize}
255 \end{frame}
256
257 \begin{frame}
258 \frametitle{Proposed plug-ins: acquisition}
259 \begin{itemize}
260 \item X.509 certificate
261 \item VOMS AC
262 \item XACML request
263 \item SAML statements
264 \end{itemize}
265 \end{frame}
266
267 \begin{frame}
268 \frametitle{LCMAPS plug-ins: enforcement}
269 \begin{itemize}
270 \item Unix local account
271 \item Unix pool account
272 \item POSIX enforcement
273 \item LDAP enforcement
274 \end{itemize}
275 \end{frame}
276
277 \begin{frame}
278 \frametitle{Proposed plug-ins: enforcement}
279 \begin{itemize}
280 \item Interact with Local Resource Management System
281 \item Enforce reconfiguration of a batch queue scheduler like Maui
282 \item Interface with virtualization frameworks like OCCI or OpenNebula
283 \item Execute arbitrary scripts local to the site for management purposes
284 \end{itemize}
285 \end{frame}
286
287 \begin{frame}
288 \frametitle{Questions?}
289 \huge{?}
290 \end{frame}
291
292 %\begin{frame}[fragile]
293 %\frametitle{Sample first slide}
294 %Usual \LaTeX\ stuff goes here... up to you now.
295 %\end{frame}
296
297
298 \end{document}

grid.support@nikhef.nl
ViewVC Help
Powered by ViewVC 1.1.28