Working Group 3 – Collaborative Working, VO’s, business models, security Chair: Glenn Gapper (BAE), Co-Chairs: Josep Vallés Sanchez (Schlumberger- Sema) , Boas Betzler (IBM) Report by Rapporteur John Brooke (U. of Manchester UK) Day 1 (29/01/2003) 1. Presentation of Proposals The meeting began with presentations of project proposals or information. Firstly John Brooke (U. of Manchester) presented REALISTE a proposal for an NoE for Realistic Modelling of Environmental and Life Science processes via e-Science. Life and Environmental Sciences are both characterised by complex data which is in multiple formats. Simulation requires coordination of resources for computation, data searching and directly from experiment. This requires the ability to compose and store complex workflows and to provide tools for teams of scientists to collaborate from multiple locations, for example as provided by the Access Grid. Francis Wray (U of Edinburgh) posed the question of whether the available workflow was sufficiently flexible for a dynamic view of a virtual organisation where partners can come in and leave. JB responded that Access Grid already provides this and the intention is to extend this to the more complex workflows discussed. Luigi Ciminiera (Politecnico di Torino) presented a proposal to develop tools for collaborative working regardless of the lifetime of the virtual organisation, i.e. able to cope with very transient VOs. Luigi Fusco of ESA described the nature of the European Space Agency (ESA) with over 700 application projects, in many of which data still moves via CD rather than via networks. They have developed an Earth Observation Grid Engine based on Web services. Images are sent via servers as compressed JPEG and cached, then recorded in a very large catalogue. They have developed generic tools for resource sharing around Europe based on three levels of Grid, local, campus and European Grid. They are looking to extend this generic 3 level architecture to data policy, so that same datasets can also be used by commercial applications. Their business model is information provision. Data access catalogue allows access to metadata freely accessible to check quality of data before purchase. They also see a business in selling access to their data to provide a cheap test-bed for research projects developing new middleware or data access middleware, especially in areas where the actual data of the application domain may be very expensive, e.g. bioinformatics. Luigi gave an online demonstration of some of their Web services technology. A discussion ensued as to what is a virtual organisation (VO)? How much infrastructure does it need, how much coupling does it need via meetings and tying working practices and agreements together. What about resource accounting, supercomputing centres have this problem since their resources are not free. Luigi thinks this can be done via bi-lateral agreements, at least in the governmental and academic domains. Some industrial participants noted that the ESA data sharing infrastructure was based around its status as an organisation funded by governments to provide a service and to make data as freely available as possible. This does not apply to VOs where commercial interests are critically tied up with data or organisations where data is security sensitive. Ladislav Hluchy (Slovak Academy of Science) described a proposal to create a VO for flood prediction linked to the Central European Grid Consortium. They wish to include mobile users and lots of different agencies. There are many different channels of information. They need to enable a cascade of simulations, with real-time collaboration. A flood plain is a complex system, with multiple inputs and multiple points to look at the results of the particular conditions. Damage limitation is a possible benefit of the VO. They propose data fusion with Chinese flood simulation and data. They require a resource broker for resource discovery at short notice and rapid collaboration on a human level. The question was raised as to how this could be said to be generic enabling technology since it is for a very specific application. A possible answer is that flood plains are all unique so the general flood prediction should give the basis for doing this on any river basin. Paul McKee (BT Exact Technologies) spoke on experience of commercial uptake and intra-organisational Grids. Security is a very big issue, possible solutions are VPNs which are secure and configurable. Issues include billing, trust, policy based management, brokering of resources, selective access of 3rd parties. They are interested in exposing bandwidths from the Grid application so that bandwidth can be allocated in a virtual way. What is the GRID unit of billing? Their participation in the iGRID (Amsterdam Sept. 2002) demonstrations showed that building high-bandwidth applications involves a lot of coordination and special reservation. Transatlantic bandwidth is very expensive, it is a commodity to be taken into account in Grid Computing. Connectivity is not free. The real-time constraint in radio-astronomy is an example which is bandwidth critical. There was discussion of the role of the telcos, managed bandwidth or bandwidth and services? Theo Dimitrakos (CLRC RAL) spoke on business and information technology. GRASP is a project providing Grid and service oriented paradigms for ASPs. iTrust is an application of trust management, LeGE-WG is providing an infrastructure for a European Learning Grid. They are interested in social science networks. TD described a Digital Economy EoI to provide support for dynamically created VOs. They propose fine grained security and identify three levels of application, metacomputing, autonomic computing, utility computing. An aim is to enable selfmanaged VOs. Their architecture has a Collaborative Process layer. TrustCoM. Grid services are dynamic and stateful, built on OGSI infrastructure but can be implemented in many different ways. Annette Weisbecker (Fraunhofer IAO) described a proposal for a European Resource Grid. This would enable workflow and collaborative work. It would also identify business models for grid applications, e.g. a component marketplace. This is not an exhaustive list of presentations but it indicates points of relevance to the next section, namely the generic questions from the discussion. 2. Generic Questions From the Discussion 2.1. Strategic options Luigi Fusco asked what is the shared vision. Do we start from the application domain then come to the discussion? What does a Virtual Organisation mean? Is it logistics, resource sharing, virtual presence? Roles of providers and consumers need to be differentiated. The group’s role is not to define VOs but to discuss the Grid architecture to enable them. Fabrizio Gagliardi (CERN) of the DataGrid project described how current Grid technology (in this case GLOBUS) does not scale to thousands of machines from 100 or so. Is there a role for Grid Service Providers? To what degree can the manufacture of workflows be made completely automatic, how dynamic and open should they be and how necessary is it that they be open and dynamic (this may depend on the type of VO or application domain). The discussion revisited the question of what a VO is. Is it different companies coming together for a time for a common task? Is it an organisational problem as the number of users of data services multiplies. An ideal is an easy to use Grid for VOs? Marina Bouianov from CSC (Finland) raised the question of large organisations providing HPC and networking support, are their users of a VO? EDF were interested in the VO concept within their organisation. The French aerospace industry identified the issue of shared use of computers and working with other European Centres, security is a big issue in defence and industry before resource sharing can be enabled. NEC were interested in the quick building of VOs in a few days rather much longer lived organisations (e.g. CERN). It was pointed out that there had been many previous attempts to form VOs, can we identify why they failed and why Grids may give more hope? 2.2. Cross-domain requirements Most of the participants from industry were from aerospace or other industries where security is critical. Project bids are an example of VOs where such industries come together in shared collaborations. There was also interest on the enabling technology side from telecommunications providers. Their interests were in on-demand services for creating networks dynamically, an interesting question concerns whether network control is similar to grid control. There were some people from eLearning. A question was raised as to whether there is a killer application for Grids. A bioinformatics graduate Gianluca De Leo (University of Genoa) was interested in cycles and databases. There was strong representation from academic or academic support institutions involved in Grid research. There was evidence of cross-disciplinary work, e.g. French CEA, involved in HealthGrid. Luigi Fusco from ESA suggested that the community involved in analysing spatial data would be a good focus for an enabling infrastructure group. Specialised tools for particular application domains are important, we should not just see things from Grid perspective but look to already existing virtual collaborations (several preceded current interest in Grids) e.g. DT International Project Centre. Consortium management experience is to be found in such collaborations. Day 2 (30/01/2003) The discussion focussed around the following questions. What are VOs? What are the services required by VOs? What sectors need to be mobilised? What business models can be identified? Identification of follow-up actions Identification of possible IPs, NoEs, CAs, SSAs? Suggestions for a route map (strategy). 3. VOs and the Grid Services they require The following bullet points capture the main points of the discussion. The attempt was made to identify the services necessary to the creation and maintenance of Virtual Organisations (VOs). • • • • • • Trust and security including the ability to enter and leave VO dynamically. There are different methods of joining a VO. Ad–hoc where participants come in as required via some authentication process. There is also the possibility of controlled joining, e.g. via formally signing up to some VO consortium policy. Brokering of shared resources was an important question. Once the resources have been donated to the VO pool they need to be made available to VO participants. Resource brokers provide the means to do this. Like membership access, these can operate in an ad-hoc (allocation to immediate requests according to availability) or controlled (e.g. via a model for controlled resource allocation to individuals or groups in the VO). How is membership of VO decided? Membership can be as an individual or as a group member. For example in product design, there might be a design group, a simulation group, a human-interaction group. Dr X may access resources according to his/her membership of one of these groups. Equally Dr X may be working on some specific resources (e.g. a database) as an individual in his/her right since it directly concerns Dr X’s individual work within the VO. Thus to be a member of a VO is not a simple yes/no question. Consolidated accounting and billing is necessary for resource sharing on an economic basis. Non-repudiation and contract compliance are essential features of any VO trading economy. Customizable user interfaces need to be provided that also need to support mobility. VO members should find it easy and convenient to use the shared resources of the VO to their particular needs. Composition and orchestration of services from component services will be necessary for VOs. Workflow management of the use of services enables the resources of the VO to be available persistently for important tasks. The alternative is to laboriously construct the necessary network of resources and • • • • • • services on a per-use basis. This is a waste of both machine and human resources in the VO. The ability to integrate legacy services is vital in most real-life VOs. Redesigning services from scratch to fit a Grid framework is not an economic or realistic option. The ability to manage policies and associate policies with members. Do we have community membership, e.g. group membership? If so tools need to be provided to express access rights to resources based on levels of membership. Any VO consortium agreement and usage policy must be enforceable and the enabling Grid infrastructure must be able to support this. Quality assurance of resources is necessary. Examples are integrity of information from databases (non-corrupted), assurance that all components involved in a workflow are working to accepted tolerances. Interoperability of middleware, resources, etc. Uniformity of architecture and software will be a very rare exception in VOs. Discovery of services is necessary for scalable VOs. Intra-group communications must be facilitated. This is a very important question in VOs across dispersed sites. Efficient tools for group collaboration, shared and persistent workspaces, virtual project meetings are some examples. 4. Grid enabling Technology for VOs The group then discussed the Grid technology that is able to support the requirements of VOs listed in Section 1 above. • • • There is a need for an ontology of organisational structure specifying roles, resources, rights, obligations, licensing. To establish such an ontology if is necessary to perform an analysis of use cases for VOs to establish roles and services required. VO structure may be different for e.g. scientific problem solving, business process, etc. There is a need to develop a model of knowledge within a VO. This maybe links to the ontology discussed above * Provision of the ability to identify electronically the position of actors within the VO, e.g. when messages are received the recipients can identify the role of the sender in the VO. This may be necessary since the recipient may not know the originator of the message personally. He/she needs to make decisions as to how to act on the message which may depend on whether it is a legitimate message according to the sender’s role in the VO. This may be crucial in emergency situations (e.g. a VO for disaster management). Note that the sender may be in a different organisation or company to the recipient, thus it is the VO role that is critical in this situation not the company or organisation role. 5. Sectors for Grid Technology enabled VO Case Studies (Rapporteur’s note, the group did not seem clear on this point. Ontologies of organisational structure and of the knowledge created and managed in the VO do not appear to be the same thing.) * It was felt that it would be a useful exercise to consider enabling Grid Technology suitable for VOs formed in the following sectors. We did not have time to extend this to a discussion of business models. Disaster and crisis management, environment Manufacturing and engineering (e.g. aerospace, automobile) Publishing and media Medicine and health, bio and pharma. Learning Banking and finance Large scale data-intensive and scientific collaborations. IT Service Provision 6. Follow-Up Actions These follow-up actions were recommended. Creation of use-case scenarios for different types of VOs both static, dynamic and evolving, for all potential uses and levels of security, quality of service and internal economy (e.g. are resources charged or free?, is knowledge charged or free?) and risk management. (See list of sectors in previous Section) Matching use cases against user requirements and Grid enabling technology for VO. Listing different business models and drivers. Match potentialities of Grid technology against use-cases to drive both new forms of collaboration in VO and new Grid technology requirements. Abstract generic grid functionality across application domains as much as possible. Note it may sometimes be better to abstract across a cluster of domains with similar functionality rather than always searching for full functionality across all domains, although clearly a considerable subset of resource-sharing Grid technology will be general across a very wide range of applications. The group was not able to fully consider what sort of further immediate actions apart from a series of workshops to continue this ongoing discussion and also a mailing list. As a start the group suggested to use the GRIDSTART Web pages for ideas and proposal sharing and that an email list be created. 7. Specific Support Actions identified The group identified the need for planning specific support actions to co-ordinate future Grid projects (IPs, NoEs etc..) from FP6 Call 1 onwards with FP5 projects. The purpose of an extremely useful Specific Support Action would be the identification of specification of common enabling application technologies, interface layer between applications and middleware, common grid services as needed by different application sectors building on the GRIDSTART survey of technologies developed within FP5 projects and soon to be delivered. 8. Notes from the Chair about the Route Map There was insufficient time to address this question. More work is needed. These notes were not discussed in the meeting but are personal suggestions from the Chair, Glenn Gapper. We require a vision of Grid technology that we both “Need & Want” Need end-user/market pull But we also need to manage expectations, risks, and we need to achieve success! Structure programme over time such that priority is given earlier to develop applications where data is not sensitive (security issues less important) or to local/enterprise scale Grids (where security can be better managed) research regarding security is required from outset of programme. 9. Additional Information Here is also a summary of some of the views expressed by participants in the meeting regarding VOs. It was clear from the meeting that defining a VO more clearly is an urgent task in the context of Grid enabling Technology. It is a collaboration across organisational boundaries, either between different organisations or between different parts within an organisation. It is assembled for a specific purpose. It can evolve and may be transient. Membership can be dynamic with participants entering and leaving. It has a formal or an informal collaboration agreement. Spans boundaries in a political, organisational and administrative sense. Can have an internal economy with accounting and billing for service and/or resource use. Partners in the VO are aware of each others presence, this may be via a variety of electronic means, video-conferencing, messaging, chat rooms etc.. Membership of different VOs can overlap. Scientific VOs may have different needs from commercial VOs. Legal issues within the VO are problematic, does the enabling infrastructure support the legal framework of the VO? All of the usual issues in organisations, trust, security, resource sharing, reliability have to be enabled via communications networks and software. What is the relationship of a VO to a Virtual Market? ___________________________