1 Trusted Coordination in Dynamic Virtual Organisations Santosh Shrivastava School of Computing Science Newcastle University, UK santosh.shrivastava@ncl.ac.uk e-Science Meeting March 2004 2 Virtual Organisations • Organisations want to create composite services using services of other organisations – This leads to resource sharing across organisational boundaries – Such sharing needs to be encoded as business relationships (“virtual organisations (VOs)” ) – You need to be able to set up, manage and terminate VOs – A VO however, blurs the distinction between 'outsiders' and 'insiders' – A central problem in VO management is therefore how organisations can regulate access to their resources by other organisations – So you need Middleware for regulated interactions » this is a core requirement e-Science Meeting March 2004 3 Regulated interactions • Approach: – Follow the practices of the paper based world where contracts are used – relationships between organisations for information access and sharing will need to be regulated by electronic contracts – Interactions need to be traceable (auditable), monitored, and only those that are OK wrt the contract are permitted • So, Middleware for regulated interactions requires: – Non-repudiable service invocation and data sharing mechanisms » We call these “trusted coordination” mechanisms » Trust is achieved through regulation – Contract management services » Ways of representing contracts as executable objects, trusted (possibly third party) services for monitoring contract compliance,… e-Science Meeting March 2004 4 Regulated interactions Non-repudiable interactions require creation of a trust domain through intermediaries e-Science Meeting March 2004 5 Regulated interactions Many ways of creating a trust domain: TTP: Trusted Third Party e-Science Meeting March 2004 6 Regulated interactions Let us consider 2-party, client-server interaction • Server needs evidence that: – The request originated at the client: non-repudiation of origin (NRO) of the request – The response was received by the client: non-repudiation of receipt (NRR) of the response • Client needs evidence that: – The request was received by the server (NRR req.) – The response originated at the server (NRO resp.) e-Science Meeting March 2004 7 Regulated interactions EXAMPLE: service invocation client interceptor -> server interceptor : req, NROreq server interceptor -> client interceptor : resp, NRRreq, NROresp client interceptor -> server interceptor : NRRresp e-Science Meeting March 2004 8 Regulated interactions • Information Sharing B • • update A update i Multi-party, peer-peer interaction For an update proposed by A: – – – update C e-Science Meeting March 2004 B and C need evidence that update originated at A (NRO update) A needs evidence that B and C received the update (NRR update) A, B and C need evidence that, after update, the information will be in a consistent, agreed state (NRO agreement, NRR agreement) 9 • Use of Interceptors.. B Evidence required: • • • A upd (1) i upd (5) C e-Science Meeting March 2004 State transition proposed by A (propose: step 2) Decisions on validity of transition from B and C (respond: step 3) Collective decision (resolve: step 4) Shared information is only updated if the collective decision is that A’s proposal is valid Incentives to good behaviour stronger than for one-off service invocation 10 Regulated interactions • Infrastructure Requirements: • Cryptographic primitives – Digital signatures, secure message digest (hash), secure random number generation • Credential (certificate) management • Access control services – Intra-organisation: map user to role – Inter-organisation: map credential to role • Non-repudiation log – protocol-specific – include signed hash of state in evidence • State store – map hash of state to persistent representation of state e-Science Meeting March 2004 11 Regulated interactions • Infrastructure Requirements (contd.): • Coordination service to execute NR protocols (configurable to specific protocol) • Membership service (for information sharing only) – Maintain group membership information (mapping members to credentials) – Membership is coordinated using NR protocols executed by coordination service • Communication subsystem • Trusted time-stamping service – To verify a signing key was not compromised at time of use (evidence generation) e-Science Meeting March 2004 12 Virtual Organisations • Contract Management – Contracts as executable objects (“active contracts”) » Declarative ways of specifying rights and obligations » Converting declarative specifications into imperative programs (cross-organisation ‘business processes’) that control and coordinate multiparty interactions using trusted coordination mechanisms – Workflow enactment facilities for business process execution – Contract monitoring and violation detection services • See the poster for additional details – Parts of workflow, contract representation, non-repudiation subsystems have been designed and implemented (with the help of other EPSRC, EU projects) • Technologies will be demonstrated through the GOLD project – See the poster on GOLD project e-Science Meeting March 2004 Recent Papers • • • • • • C. Molina-Jimenez, S.K. Shrivastava, E. Solaiman and J. Warne, “Contract Representation for Run-time Monitoring and Enforcement”, IEEE Conference on Electronic Commerce (CEC’03), Newport Beach, CA, June 2003, pp. 103-110. Paul D Ezhilchelvan and Santosh K Shrivastava, “Systematic Development of a Family of Fair Exchange Protocols”, Seventeenth Annual IFIP WG 11.3 Working Conference on Data and Applications Security, Estes Park, Colorado, August 2003. Ellis Solaiman, Carlos Molina-Jimenez, and Santosh Shrivastava, “Model Checking Correctness Properties of Electronic Contracts”, International Conference on Service Oriented Computing 2003, LNCS 2910, pp. 303-318, 2003. Nick Cook, Paul Robinson and Santosh Shrivastava, “Component Middleware to Support Non-repudiable Service Interactions”, IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 04, Florence, June 2004. Carlos Molina-Jimenez, Santosh Shrivastava, Jon Crowcroft and Panos Gevros, “On the Monitoring of Contractual Service Level Agreements”, IEEE International Workshop on Electronic Contracting (WEC), July 2004, San Diego. S.J.Woodman, D.J.Palmer, S.K.Shrivastava, S.M.Wheater, “A System for Distributed Enactment of Composite Web Services”, Forum Session at International Conference on Service Oriented Computing 2003, Tech Report DIT 03 056, University of Trento, Department of Information and Communication Technology e-Science Meeting March 2004 13