Dynamism Gloom and Doom? - TUISR - University of Tulsa

donkeycheerfulInternet και Εφαρμογές Web

7 Αυγ 2012 (πριν από 5 χρόνια και 3 μήνες)

317 εμφανίσεις

© R. Gamble, The University of Tulsa, 2004


Dynamism Gloom and Doom?

T. Gamble D. Flagg R. Baird R. Gamble




Software Engineering & Architecture Team

Dept. of Mathematical & Computer Sciences

The University of Tulsa


gamble@utulsa.edu

www.seat.utulsa.edu

Slide
2


© R. Gamble, The University of Tulsa, 2004


Implications and Aspects


Dynamic implies


changes to the network topology


processor mobility


participating client processes


processor and network failures


timing variations


Key aspects


how much change can occur


how much is known before the change


where and how the change is controlled.

Slide
3


© R. Gamble, The University of Tulsa, 2004


Prevalence


Architecture reconfiguration


Component creation (insertion) and destruction
(deletion)


Foreknowledge of possibilities


Central configurator with global information


Context
-
aware connectors


Agent
-
based systems


Reactive vs. proactive


Discovery


Mobile systems


Resource constraints


Location changes


Discovery

Slide
4


© R. Gamble, The University of Tulsa, 2004


Application Integration


Dynamism is a key aspect of application
integration design and development


Integrating COTS products


commercially
-
supported middleware generally
forms the backbone of the system


Components are constrained by


communication protocols


service descriptions


management policies


data types

Slide
5


© R. Gamble, The University of Tulsa, 2004


Middleware Frameworks


Three popular middleware frameworks


CORBA


Borland VisiBroker


Message Queuing


IBM Websphere MQ


The Grid


Globus Toolkit


Need the pertinent features of
middleware that prohibit/promote
dynamism within integrated systems

Slide
6


© R. Gamble, The University of Tulsa, 2004


Dynamic Features


Registration


the act of the component and the middleware
becoming aware of each other


Data typing


the collection of capabilities for type definition


Asynchrony


a middleware feature that is based on the context
of interactions between components


Security


there are many considerations, but we are
concerned with authentication, confidentiality,
integrity, and non
-
repudiation

Slide
7


© R. Gamble, The University of Tulsa, 2004


Registration and Dynamism


Components establish a connection with middleware


May or may not retain explicit knowledge of the middleware


Examples


Inclusion in a directory service


Establishment of a programmatic reference


Publication of an interface specification


For dynamism


registration must support binding and rebinding at runtime

Middleware
Registration
Service
Component
1
2
3
1. Initiate Registration
2. Confirm Registration
3. Begin Communication
Slide
8


© R. Gamble, The University of Tulsa, 2004


Evaluating Registration


IBM WebSphere MQ


Identify queues and pub/sub topics


Establish callbacks or polling mechanisms for event
processing


Borland VisiBroker


Components specifically state what is transferred and
which services they offer or require


Registration requests are processed by local
instances of broker servers


Globus Grid Toolkit


Service components submit a WDSL document that
describes its services and what is transferred


Clients submit a WSDL document in order to submit
jobs

Slide
9


© R. Gamble, The University of Tulsa, 2004


Data Typing and Dynamism


Required for enforcement of type safety across
component interactions


Depends largely on the programming model that is
assumed within the component
-
level interfaces to
middleware


For dynamism


Important when interactions are loosely defined prior to runtime

Middleware
Component
Strongly Typed
Loosely Typed
Slide
10


© R. Gamble, The University of Tulsa, 2004


Evaluating Data Typing


IBM WebSphere MQ


No explicit checking of data types


Message payloads consist of raw bytes


Borland VisiBroker


Registration checks


Ensures information to be transferred between
components matches predefined data types


Globus Grid Toolkit


Same as VisiBroker

Slide
11


© R. Gamble, The University of Tulsa, 2004


Asynchrony and Dynamism


Allows components to communicate, but operate
independently


Loose coupling reduces dependencies between
components


For dynamism


Loose coupling facilitates interaction management

Middleware
Component
Synchronous
Asynchronous
Channel
Channel
request
reply
message
...wait...
message
Slide
12


© R. Gamble, The University of Tulsa, 2004


Evaluating Asynchrony


IBM WebSphere MQ


Communication is inherently asynchronous


Borland VisiBroker


Communication is inherently synchronous


Components may use supplied connectors to
support polling and callback of services


Globus Grid Toolkit


Clients can submit and be asynchronously
notified by the services when processing has
completed

Slide
13


© R. Gamble, The University of Tulsa, 2004


Security and Dynamism


Focus on confidentiality and integrity


Transport level security



Middleware assures the overall connection and all data that travels over it


Message level security


Middleware allows component
-
to
-
component interactions to be secured


For dynamism


Any unexpected change can lead to added risks for secure systems


Unauthorized access


Denial of service

Middleware
Component
Transport Level Security
Message Level Security
Slide
14


© R. Gamble, The University of Tulsa, 2004


Evaluating Security

Transport Level



IBM WebSphere MQ


Communication channels between queue
managers can be encrypted


Borland VisiBroker


SSL is used between ORB instances on
separate host environments


Globus Grid Toolkit


A private protocol (httpg) is implemented
between Globus containers (aka servers) on
remote machines

Slide
15


© R. Gamble, The University of Tulsa, 2004


Evaluating Security

Message Level


IBM WebSphere MQ


No inherent capability


Borland VisiBroker


Encryption is at the transport level, but message level
integrity can be ensured using checksums


Globus Grid Toolkit


Message level security is based on WS
-
Security, XML
Encryption and XML Signature standards using either
a pre
-
established security or credentials supplied
inside the calling parameters

Slide
16


© R. Gamble, The University of Tulsa, 2004


Conclusion


Commercial middleware is still not prepared to
support dynamism


Sets impractical expectations for component interaction that
impedes dynamism


Code customization


Interface interoperability


Much
a priori

knowledge is needed by the


Component being inserted


Established middleware


Other components interacting with the system


How can a priori knowledge be reduced yet
control not be forfeited


Standards


Middleware designated wrappers


Adaptable component connectors

© R. Gamble, The University of Tulsa, 2004


Questions?

Dr. R.F. Gamble, Director

Software Engineering and Architecture Team

Department of Mathematical and Computer
Sciences

The University of Tulsa


gamble@utulsa.edu

www.seat.utulsa.edu