FP6-511513

OntoGrid: Paving the way for Knowledgeable Grid Services and Systems FP6-511513 www.ontogrid.net Semantic-OGSAA Reference Architecture for the Semantic Grid Oscar Corcho The University of Manchester Sheffield, 21st February 2006

Content • What is the Grid and the Semantic Grid? • S-OGSA • Authorisation scenario • General architecture • Collaboration diagrams • Use of S-OGSA OntoGrid-specific infrastructure • VO ontology and reasoning service • Ontology service: WS-DAIOnt-RDF(S) • Metadata service: Atlas • Project details: URLs, CVS, etc. S-OGSA

The Grid Grid computing has emerged as an important new field, distinguished from conventional distributed computing by its focus on large-scale resource sharing, innovative applications...we [define] the "Grid problem”…as flexible, secure, coordinated resource sharing among dynamic collections of individuals, institutions, and resources - what we refer to as virtual organizations Middleware for establishing, managing and evolving multi-organisational federations. On-demand distributed computing • The Anatomy of the Grid: Enabling Scalable Virtual Organizations • Foster, Kesselman and Tuecke S-OGSA

Grid Computing trajectory Virtual organisations with dynamic access to unlimited resources cost For all Sharing of apps and know-how With controlled set of unknown clients Sharing standard scientific process and data, sharing of common infrastructure Between trusted partners CPU intensive workload Grid as a utility, data Grids, robust infrastructure Intra-company, intra community e.g. Life Science Grid CPU scavenging time • The Semantic Grid: Myth Busting and Bridge Building • Carole Goble. Keynote speech. ECAI04. S-OGSA

Computationally intensive File access/transfer Bag of various heterogeneous protocols & toolkits Monolithic design Recognised internet, ignored Web Academic teams Generation Game X.509, LDAP, FTP, … Globus Toolkit Condor, Unicore Defacto standards GridFTP, GSI App-specific Services Open Grid Services Architecture Web services Increased functionality, standardization Data and knowledge intensive Open services-based architecture Builds on Web services GGF + OASIS + W3C Multiple implementations Global Grid Forum Industry participation Custom solutions Time S-OGSA (adapted from Ian Foster GGF7 Plenary)

Categories of Services Infrastructure Data Resource Management Execution Management Security Self Management Information Open Grid Service Architecture • XML based vocabularies & XSD based typing dominate • Cross cutting • Interoperable • VO level • Optimized • Reliable • Certain QoS Guarantee • Scalable • Available • Extensible S-OGSA

Grid Services • References • “The Physiology of the Grid: An Open Grid Service Architecture for Distributed Systems Integration” • “The Anatomy of the Grid: Enabling Scalable Virtual Organizations” • Grid Service definition • A Web service that provides a set of well-defined interfaces and that follows specific conventions. • Interfaces: discovery, dynamic service creation, lifetime management, notification, and manageability • Conventions: naming and upgradeability. S-OGSA

From OGSI to WSRF • OGSI (Open Grid Service Interface) fomalised these concepts... • Grid service instances identified by Grid service handlers (GSH) • A permanent network pointer to a Grid service instance. • Grid service references (GSR) used to contact Grid service instances • OGSI provides mechanisms for mapping a GSH to a GSR. • However, OGSI did not succeed • Too much stuff in one specification. • Does not work well with existing Web service and XML tooling. • Too object oriented. • Since January 2004, WS-RF (Web Service Resource Framework) • It is simply a re-factoring of OGSI. • Inheritance is not used. • WS-Resources instead of Grid service instances. S-OGSA

WS-Resource Counter counterID=1 Destroy CounterResource counterID=2 Counter Resource WS-Addressing EPR add createResource Web Service add Client S-OGSA

Categories of Services Infrastructure Data Resource Management Execution Management Security Self Management Information Open Grid Service Architecture • XML based vocabularies & XSD based typing dominate • What can semantics provide? • Flexible and extensible schemas, Data fusion support (e.g. Provided by RDF) • Resistance to frequent syntactic changes • Formalization & Reasoning support • Eliminate chronic dependence on human-intervention • Cross cutting • Interoperable • VO level • Optimized • Reliable • Certain QoS Guarantee • Scalable • Available • Extensible S-OGSA

The Semantic Grid The Semantic Grid is an extension of the current Grid in which information and services are given well-defined and explicitly represented meaning, better enabling computers and people to work in cooperation SemanticWeb SemanticGrid Scale of Interoperability ClassicalWeb ClassicalGrid Scale of data and computation • Research Agenda for the Semantic Grid: a Future e-Science InfrastructureD. De Roure, N.R. Jennings, N. Shadbolt S-OGSA

Service Oriented Knowledge Utilities • Converged vision of Next Generation Grids and Service Oriented Knowledge Utilities • Service Oriented–services may be instantiated and assembled dynamically • Knowledge –knowledge-assisted to facilitate automation, and processing and delivering knowledge • Utility–directly and immediately useable service with established functionality, performance and dependability Ecosystem of Dependable, Knowledge-aware, Societal, Autonomic, Stateful services • Next Generation Grids Expert Group Report 3 (NGG3). January 2006D. De Roure (ed) S-OGSA

Desiderata – a thing of elegance and beauty Architecture as lightweight as possible: minimise the impact Extensible and customisable as opposed to complete and generic architecture Mixed ecosystem of Grid andSemantic Grid services Everything is OGSA compliant Any resource can have multiple descriptions andany description can be in different formalisms Straightforward migration path S-OGSA Conceptual: reference architecture that can be applied to any grounding (GT4, etc.)

S-OGSA • Semantic-OGSA (S-OGSA) is... • Our proposed Semantic Grid reference architecture • Alow-impact extension of OGSA • Mixed ecosystem of Grid and Semantic Grid services • Services ignorant of semantics • Services aware of semantics but unable to process them • Services aware of semantics and able to process (part of) them • Everything is OGSA compliant • Defined by • Information model • Capabilites • Mechanisms Model provide/ consume expose Capabilities Mechanisms use S-OGSA

S-OGSA Model and Capabilities S-OGSA

METADATAas Semantic Annotations S-OGSA

From OGSA to the S-OGSA Application 1 Application N Security Optimization Data OGSA Execution Management Semantic-OGSA Semantic Services Resource management Information Management Infrastructure Services S-OGSA

From OGSA to the S-OGSA Semantic Provisioning Services Semantic binding Knowledge Metadata Ontology Annotation Reasoning Application 1 Application N Security Optimization Data OGSA Execution Management Semantic-OGSA Semantic Services Resource management Information Management Infrastructure Services S-OGSA

S-OGSA Mechanisms: S-StatefulServices 5 4 3 1 2 Metadata can be distributed(and may be inconsistent) Query/Retrieval Result Metadata Service Ontology Service Metadata Service Ontology Service Metadata Retrieval/Query Request Obtain schema for Semantic Bindings Client Semantic Binding IdsRetrieval Request Lifetime Notification Resource State/properties metadata Semantic Binding Ids . . . Service • WSRF defined operations • getProperties • queryProperties S-OGSA

OntoKit: Refactored and additional components Coordinationandnegotiation Coordinationandnegotiation Semantically Aware IntelligentDebugging IntelligentDebugging S-OGSA

Business scenario – supporting the authorization model InterInsurance Portal BestInsurerCarFraudService(PEP) InterInsuranceCarFraudService(PEP) BestInsurer Portal Common objective: improve operations and prevent frauds OntoKit Infrastructure for authorisation getInsurancePolicy getInsurancePolicy Result or Exception DENY ACCEPTINDETERMINATE Insurance DB federation … … Partial sharing of customer information (previous insurance details, claims, etc.) Driver John Doe Insurance DB federation OntoKit Infrastructure for authorisation getInsurancePolicy getInsurancePolicy Result or Exception DENY ACCEPTINDETERMINATE S-OGSA

Policy Enforcement Point (according to GT4) InterInsurance Portal InterInsuranceCarFraudService(PEP) InterInsuranceCarFraudService(PEP) BestInsurerCarFraudService(PEP) BestInsurer Portal OntoKit Infrastructure for authorisation getInsurancePolicy getInsurancePolicy Result or Exception DENY ACCEPTINDETERMINATE Insurance DB federation … … Partial sharing of customer information (previous insurance details, claims, etc.) Driver John Doe Insurance DB federation OntoKit Infrastructure for authorisation getInsurancePolicy getInsurancePolicy Result or Exception DENY ACCEPTINDETERMINATE S-OGSA

Policy Decision Point (OntoKit infrastructure) InterInsurance Portal InterInsuranceCarFraudService(PEP) BestInsurerCarFraudService(PEP) BestInsurer Portal OntoKit Infrastructure for authorisation getInsurancePolicy getInsurancePolicy Result or Exception DENY ACCEPTINDETERMINATE Insurance DB federation … … Partial sharing of customer information (previous insurance details, claims, etc.) Driver John Doe Insurance DB federation OntoKit Infrastructure for authorisation getInsurancePolicy getInsurancePolicy Result or Exception DENY ACCEPTINDETERMINATE S-OGSA

Demonstrator. Collaboration Diagram Mapping Role Op CarFraudService (PEP) 1 getInsurancePolicy PIP Proxy PDP Proxy Result or Exception 8 XACML AuthZ Request XACML AuthZ Response 3 7 Lookup whether the ROLE that is inferred permits or not XACML_AuthZService(PDP) 6 2 Obtain Semantic Bindings of John Doe Obtain all classes that are subclass of ROLE 4 Classify John Doe wrt VO ont 5 Atlas WS-DAIOnt VO Ontology Class Hierarchy -RDFS Pellet Reasoner RDF John Doe has had 2 distinct accidents VO OntologyOWL S-OGSA

Demonstrator. Collaboration Diagram Mapping Role Op CarFraudService (PEP) 1 getInsurancePolicy PIP Proxy PDP Proxy Result or Exception 8 XACML AuthZ Request XACML AuthZ Response 3 7 Lookup whether the ROLE that is inferred permits or not XACML_AuthZService(PDP) 6 2 Obtain Semantic Bindings of John Doe Obtain all classes that are subclass of ROLE 4 Classify John Doe wrt VO ont 5 Atlas WS-DAIOnt VO Ontology Class Hierarchy -RDFS Pellet Reasoner RDF John Doe has had 2 distinct accidents VO OntologyOWL Ignorant of semantics Semantic aware but unable to process semantics S-OGSA Semantic aware and able to process semantics

Demonstrator. Collaboration Diagram Mapping Role Op CarFraudService (PEP) 1 getInsurancePolicy /C=GB/O=PERMIS/CN=User0 PIP Proxy PDP Proxy Result or Exception 8 XACML AuthZ Request XACML AuthZ Response 3 7 Lookup whether the ROLE that is inferred permits or not XACML_AuthZService(PDP) 6 2 Obtain Semantic Bindings of John Doe Obtain all classes that are subclass of ROLE 4 Classify John Doe wrt VO ont 5 Atlas WS-DAIOnt VO Ontology Class Hierarchy -RDFS Pellet Reasoner RDF John Doe has had 2 distinct accidents VO OntologyOWL S-OGSA

Demonstrator. Collaboration Diagram Mapping Role Op CarFraudService (PEP) 1 getInsurancePolicy PIP Proxy PDP Proxy Result or Exception 8 XACML AuthZ Request XACML AuthZ Response ............ 3 7 Lookup whether the ROLE that is inferred permits or not XACML_AuthZService(PDP) 6 2 Obtain Semantic Bindings of John Doe Obtain all classes that are subclass of ROLE 4 Classify John Doe wrt VO ont 5 Atlas WS-DAIOnt VO Ontology Class Hierarchy -RDFS Pellet Reasoner RDF John Doe has had 2 distinct accidents VO OntologyOWL S-OGSA

Demonstrator. Collaboration Diagram Mapping Role Op CarFraudService (PEP) 1 getInsurancePolicy PIP Proxy PDP Proxy Result or Exception 8 ............ XACML AuthZ Request XACML AuthZ Response 3 7 Lookup whether the ROLE that is inferred permits or not XACML_AuthZService(PDP) 6 2 Obtain Semantic Bindings of John Doe Obtain all classes that are subclass of ROLE 4 Classify John Doe wrt VO ont 5 Atlas WS-DAIOnt VO Ontology Class Hierarchy -RDFS Pellet Reasoner RDF John Doe has had 2 distinct accidents VO OntologyOWL S-OGSA

Content • What is the Grid and the Semantic Grid? • S-OGSA • Authorisation scenario • General architecture • Collaboration diagram • Use of S-OGSA OntoGrid-specific infrastructure • VO ontology and reasoning service • Ontology service: WS-DAIOnt-RDF(S) • Metadata service: Atlas • Project details: URLs, CVS, etc. S-OGSA

The VO ontology and the reasoning service. Configuration Mapping Role Op Configurable pieces CarFraudService (PEP) 1 getInsurancePolicy PIP Proxy PDP Proxy Result or Exception 8 XACML AuthZ Request XACML AuthZ Response 3 7 Lookup whether the ROLE that is inferred permits or not XACML_AuthZService(PDP) 6 2 Obtain Semantic Bindings of John Doe Obtain all classes that are subclass of ROLE 4 Classify John Doe wrt VO ont 5 Atlas WS-DAIOnt VO Ontology Class Hierarchy -RDFS Pellet Reasoner RDF John Doe has had 2 distinct accidents VO OntologyOWL S-OGSA

The VO ontology and the reasoning service (I) • VO ontology based on... • KaOS ontologies (Actors, Groups and Actions) • UNICORE ontology (Entities, Identities and Roles) • Joint development between NextGrid, UniGrids and OntoGrid • Policy definition • Role-based • Actors or groups of actors have a set of roles in the VO • Tasks: • Extend ontology with domain-specific classes and properties • Define roles wrt these extensions • E.g., a blacklistedDriver is a driver that has had at least 3 accident claims in the past • E.g., a goodReputationDriver is a driver that has been insured at least by one trusted company and that has had at most 2 accident claims • PDP uses a DL classifier to obtain roles of a subject • Mapping roles-operations • Available in a lookup table S-OGSA

The VO ontology and the reasoning service (II) S-OGSA

S-OGSA Model and Capabilities (reminder) VOMS Annotation Service Metadata Service Ontology Service IDT Grid Service Semantic BindingProvisioning Service Is-a Knowledge Provisioning Service Reasoning Service Is-a Atlas Is-a Is-a Is-a Is-a Knowledge Entity Semantic ProvisioningService Grid Entity 1..m 1..m SAML uses Ontology Is-a Is-a Semantic aware Grid Service Knowledge Resource Grid Resource DFDL file Rule set 1..m 1..m produce consume JSDL file 0..m 0..m Semantic Binding 0..m 0..m Is-a Grid Knowledge Semantic Grid S-OGSA

Ontology services • Adapt and extend ontology services to be Grid compliant • Access heterogeneus and distributed ontology sources as a homogeneous logical resources • Provide homogeneous service interfaces • Modular design to ease extensibility WS-DAI Message Patterns Behavioural Properties WS-DAIR Relational WS-DAIOnt WS-DAIX XML WS-RDF WS-DAIOnt-RDF RDF Specific WS-DAIOnt-OWL OWL specific Jena Sesame S-OGSA

RDFS model S-OGSA

Component Description Jena .... S-OGSA

S-OGSA Model and Capabilities (reminder) VOMS Annotation Service Metadata Service Ontology Service IDT Grid Service Semantic BindingProvisioning Service Is-a Knowledge Provisioning Service Reasoning Service Is-a Atlas Is-a Is-a Is-a Is-a Knowledge Entity Semantic ProvisioningService Grid Entity 1..m 1..m SAML uses Ontology Is-a Is-a Semantic aware Grid Service Knowledge Resource Grid Resource DFDL file Rule set 1..m 1..m produce consume JSDL file 0..m 0..m Semantic Binding 0..m 0..m Is-a Grid Knowledge Semantic Grid S-OGSA

Atlas • Atlas is a P2P system for the distributed storage and querying of RDF(S) data using DHTs. • State of implementation • Base technology: Bamboo DHT (http://bamboo-dht.org) • Model: RDF (eventually RDFS as well) • Query and update languages: RQL (subset of data queries) and RUL (not yet implemented) • Functionality: one-time queries (implemented), publish/subscribe (under development). S-OGSA

Atlas and the Metadata Service ATLAS I want to publish information about a resource METADATA SERVICE INTERFACE Web service protocols METADATA SERVICE INTERFACE I want to discover a resource that meets my needs Web service protocols S-OGSA

Content • What is the Grid and the Semantic Grid? • S-OGSA • Authorisation scenario • General architecture • Collaboration diagram • Use of S-OGSA OntoGrid-specific infrastructure • VO ontology and reasoning service • Ontology service: WS-DAIOnt-RDF(S) • Metadata service: Atlas • Project details: URLs, CVS, etc. S-OGSA

Project details • OntoGrid • Publications at http://www.ontogrid.net/ • CTWatch • Journal of Web Semantics (Special issue on Semantic Grid) • GGF16 Semantic Grid Workshop (http://www.semanticgrid.org/) • Source code • http://www.ontogrid.net/, Downloads • Not very user-friendly yet • Access to CVS • Connection type: pserver • user: ontogrid • password: not needed • Host: rpc262.cs.man.ac.uk • Port: 2401 • Repository path: /local/ontogrid/cvsroot • module: prototype S-OGSA

Acknowledgements • The OntoGrid team at Manchester • Pinar Alper, Ioannis Kotsiopoulos, Paolo Missier, Sean Bechoffer, Carole Goble • The OntoGrid team at other sites • UPM: WS-DAIOnt-RDF(S) • NKUA: Atlas • Others already acknowledged in the slides S-OGSA

More References • http://www.globus.org/wsrf • Modeling Stateful Resources with Web Services • The WS-Resource Framework • From Open Grid Services Infrastructure to WS-Resource Framework: Refactoring and Extension • WSRF OASIS working group • http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=wsrf • WS-Notification OASIS working group • http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=wsn S-OGSA

OntoGrid: Paving the way for Knowledgeable Grid Services and Systems FP6-511513 www.ontogrid.net Semantic-OGSAA Reference Architecture for the Semantic Grid Oscar Corcho The University of Manchester Sheffield, 21st February 2006

FP6-511513

FP6-511513

Presentation Transcript

FP6

IST in FP6

Fast detectors FP6

EWICS and FP6

FP6 Project ICING

FP6-004381

FP6-511513

FP6 Contractual issues

EUFAR FP6

The FP6 Process

FP6 WEB-SITE

FP6-511513

FP6 AM

FP6-511513

(FP6-IST-045069)

FP6

FP6 into perspective

“FP6 New instruments”