SlideShare a Scribd company logo

Overview of Policies for Security and Data Sharing in PALMS System

Download as PPT, PDF
B
bdemchak

This document provides an overview of policies for security and data sharing in the Physical Activity Location Measurement System (PALMS). PALMS aims to support data collection and analysis for exposure biology studies while being extensible, flexible, and HIPAA compliant. It discusses PALMS' logical architecture and policy composition, as well as the relationship between PALMS and the cancer Biomedical Informatics Grid (caBIG) framework. Key topics covered include identity management, access control policies, and integrating PALMS with caBIG services and tools for enforcing security policies in enterprise grids.

Software
1 of 36
Overview of Policies for Security and Data Sharing Ingolf Krüger Barry Demchak March 16, 2010
Roadmap • PALMS (Physical Activity Location Measurement System) • SOA Review • PALMS Logical Architecture • Policy and its composition • Policy execution – relationship with caBIG Feel free to ask questions!
PALMS Objectives • Support data collection and analysis for exposure biology studies – Data capture from multiple devices – Multiple analyses and recombination of data – Sharing of data between investigators and projects – Support multiple visualizations (local and remote) • Extensible and Flexible – Scalable for large data flows – Support large number of investigators and studies – Customizable datasets, calculations, and visualizations • HIPAA Compliant and Secure
PALMS Organization and Data Flow (CI) Authorable & Discoverable
Study Repository Study Repository Visualizatio n Repository Visualizatio n Repository Calculation Repository Calculation Repository PALMS Community PI Study Study Study PI Study Study PI Study PALMSPALMS StudyStudyStudy Study StudyStudy PI PI PI Community • Policy-driven access control – Subject data – Study data – Calculations – Visualizations • Secure • HIPAA Compliance • Customized Studies • Collaboration • Data Reuse Browser Excel, Matlab…
Study Repository Study Repository Visualizatio n Engine Visualizatio n Engine Calculation Engine Calculation Engine Data Flow PALMSPALMS StudyStudyStudy Study StudyStudy PI RA Define Enter Subjects Enter Observations Refine & Start Refine & Create Guest
Study Repository Study Repository Visualizatio n Engine Visualizatio n Engine Calculation Engine Calculation Engine Policy PALMSPALMS StudyStudyStudy Study StudyStudy PI RA Guest Policy Policy Admin Defines Policy (def.): Permission for someone to act on something Uses Applies Policy (alt def.): Conditional replacement of one workflow with another
Services and SOA • Loose Coupling • Late Binding • Scalability • Composition • Interoperability • Testability Network Implementation Single Server, Multiple Processes Single Application, Linked Modules Logical Deployment • Malleability • Manageability • Dependability • Incremental development
Logical Architecture (Preview)
Composing Workflow and Policy • Define and implement Policy Concerns – A class of policy decision embedded in a workflow – Characterized by a contract for workflow and dataflow – Supports reasoning regarding application correctness, completeness, and contradiction – Instantiated as policies inserted by stakeholders at either design time or runtime If user in [“PIs”, “RAs”, “Guests”] Continue Else Reply “Failure”
Groups and Roles If user in [“PIs”, “RAs”, “Guests”] Continue Else Reply “Failure” • Internet2 Grouper – Hierarchical group management – Single point of control – Permission-based administration – Virtual organizations (VOs)
Identity If user in [“PIs”, “RAs”, “Guests”] Continue Else Reply “Failure” • Establishing – What I have (token) – What I know (password) – What I am (biometric) • Referencing – Trust relationships (certification authorities) – X509 Certificate – SAML Certificate – OpenID Browser Application 3 2 1 Certificate 4 5 User ID & Password Confirm ID Provider
caBIG cancer Biomedical Informatics Grid – Connects scientists & practitioners: shareable & interoperable infrastructure – Develop standard rules & common language: easily share information – Tools: collecting, analyzing, integrating, disseminating cancer information – Cornerstones – Federation – Open development – Open access – Open source – Workspaces – Clinical Trial Management – Integrative Cancer Research – Tissue Banks and Pathology – Vocabularies & Common Data Elements – Architecture – Strategic Planning – Data Sharing and Intellectual Capital – Training
caGrid & GAARDS • Grid Authentication & Authorization with Reliably Distributed Services – Services & Tools for enforcement of security policy in enterprise grid – Developed on Globus Toolkit – Provides – grid user management – identity federation – trust fabric provisioning and management – group/VO management – access control policy management and enforcement – credential delegation – web SSO – integration between security domains & grid security domain
caGrid & GAARDS
Relationship to PALMS • Pros – Well supported – caGrid Knowledge Center (Justin Permer/Ohio State Bioinformatics) – Professionally managed – Well developed governance and development models – Standards-based – Security: X509 & SAML – Ontologies: Thesaurus and Metathesaurus – Sharing infrastructure – Growing community • Cons – Key infrastructure out of our direct control
Questions??
Backup slides
Composing Workflow and Policy Scenario: Add Policy to Existing Workflow (CNN | BBC) > story > if(authorized) > email(story,”x@ucsd.edu”) • Key issues – What is policy to compose? – Where to insert policy? ... capture all paths? – How to compose multiple policies? – How to guarantee integrity of workflow? – Preview: We have to address these • Current methodologies – Requirement discovery and hand coding – Policy-based design & Inversion of Control – Aspect Oriented Programming – UML sequence chart composition • New methodology (preview) – ORCA
Architecture Definition Methodology Rich Services VirtualNetwork Rich Services RAS4 Services Service S 1 Roles U1 U2 U3 U4 U5 Use Case Graph Concerns C1 C2 C3 C4 CC1 CC2CC3 Domain Model R1 R2 R3 R4 R5 R6 R1 R2 msg R3 CC1 CC2 Role Domain Model R1 R2 R3 R4 R5 R6 CC1 CC2 CC3 Router/Interceptor Messenger /Communicator RAS1 RAS2 CC1 CC4 CC5 Router /Interceptor Messenger / Communicator RAS5 RAS6RAS3 S / D S / D RIS: RIS: ServiceElicitationRichServiceArchitecture RAS7 Systemof Systems Topology H1 H2 H3 H5 H6 H7 H8 H9 H4 RAS1 RAS2 RAS3 RAS5 RAS6 RAS7 Infrastructure Mapping H1:RAS1 H2:RAS2 H3:CC1 H5:RAS2 H6:RAS5 H7:RAS7H8:RAS7 H9:RAS6 H4:RAS3Optimization Implementation RAS1 RAS 2 RAS3 RAS 4 RAS5 RAS 6 RAS7 CC1 CC2 CC3 CC4 CC5 Analysis Synthesis Analysis Identification Definition Consolidation Refinement Hierarchic composition Refinement Logical Model SystemArchitecture Definition Logical Architecture Loop DeploymentLoop
User View
Data Flow (Today)
Data Flow (Analysis-centric)
Data Flow (Algebraic)
Artifacts • User Stories • Use Cases • Access Control Patterns • Domain Modeling • Dataflow • Low Fidelity UI • Service Definitions • Rich Service Requirements Modeling Service Modeling
Use Cases
Use Case Attributes • ID • Name • Priority • Complexity • Release Number • Last Revised • Description • Actors (Primary and Secondary) • Stakeholders • Pre-Conditions • Constraints • Post-Conditions • Triggers • Cross References • Flow of Events – Basic Flow – Alternative Flows – Exceptions • Extensions • Information Requirements • Special Requirements • Frequency of Use • Assumptions • Issues and Considerations – Issues – Consideration • Process Flows • Related Use Cases RA signs in RA selects study RA uploads .CSV and .GPX files PALMS displays summary RA confirms summary PALMS commits dataset PALMS abandons dataset Display error Display error All files missing or invalid Time range overlaps accept decline
Low Fidelity User Interface
Domain Modeling (Overview)
Domain Modeling
Rich Service
Service Interactions (AAI)
Service Interactions (Calculation) alt alt Web Browser PALMS Study Calculation Engine StartCalculation(study, protocolID, paramBlockID, resultName) StartResult - study + study Start Calculation Results Repository Initiate Result AddResult(resultName, protocolID, paramBlock) AddResult Protocol Repository GetProtocolParams(protocolID, paramBlockID) Get Param Block ParamBlockResult
The Road ForwardComponent Interactions Client Server Server Google Web Toolkit (GWT) Mule Enterprise Service Bus
PALMS Products • Integration – Mapping Engines – Data Mining Engines – Social Networks – Disaster Management • Alerts and Events • Data Subscriptions • Data Flow Analysis (provenance flow) • Scalable and Configurable Calculations • Collaboration
Questions??

Recommended

Smart migration Solution overview
Smart migration Solution overviewSmart migration Solution overview
Smart migration Solution overviewMarc St-Pierre
 
PhD Projects in Weka Research Help
PhD Projects in Weka Research Help PhD Projects in Weka Research Help
PhD Projects in Weka Research Help PhD Services
 
PhD Projects in Software Defined Networking Research Help
PhD Projects in Software Defined Networking Research HelpPhD Projects in Software Defined Networking Research Help
PhD Projects in Software Defined Networking Research HelpPhD Services
 
PhD Projects in Visual Cryptography Research Guidance
PhD Projects in Visual Cryptography Research GuidancePhD Projects in Visual Cryptography Research Guidance
PhD Projects in Visual Cryptography Research GuidancePhD Services
 
NIX Case Study: ARTIFACTS - A Blockchain Platform for Scientific Research Dat...
NIX Case Study: ARTIFACTS - A Blockchain Platform for Scientific Research Dat...NIX Case Study: ARTIFACTS - A Blockchain Platform for Scientific Research Dat...
NIX Case Study: ARTIFACTS - A Blockchain Platform for Scientific Research Dat...NIX
 
II-SDV 2016 Patrick Beaucamp - Data Science with R and Vanilla Air
II-SDV 2016 Patrick Beaucamp - Data Science with R and Vanilla AirII-SDV 2016 Patrick Beaucamp - Data Science with R and Vanilla Air
II-SDV 2016 Patrick Beaucamp - Data Science with R and Vanilla AirDr. Haxel Consult
 
Scalable policy-aware Linked Data architecture for prIvacy, transparency and ...
Scalable policy-aware Linked Data architecture for prIvacy, transparency and ...Scalable policy-aware Linked Data architecture for prIvacy, transparency and ...
Scalable policy-aware Linked Data architecture for prIvacy, transparency and ...Sabrina Kirrane
 
II-SDV 2016 - QWAM Content Intelligence
II-SDV 2016 - QWAM Content IntelligenceII-SDV 2016 - QWAM Content Intelligence
II-SDV 2016 - QWAM Content IntelligenceDr. Haxel Consult
 

Recommended

Smart migration Solution overview
Smart migration Solution overviewSmart migration Solution overview
Smart migration Solution overviewMarc St-Pierre
 
PhD Projects in Weka Research Help
PhD Projects in Weka Research Help PhD Projects in Weka Research Help
PhD Projects in Weka Research Help PhD Services
 
PhD Projects in Software Defined Networking Research Help
PhD Projects in Software Defined Networking Research HelpPhD Projects in Software Defined Networking Research Help
PhD Projects in Software Defined Networking Research HelpPhD Services
 
PhD Projects in Visual Cryptography Research Guidance
PhD Projects in Visual Cryptography Research GuidancePhD Projects in Visual Cryptography Research Guidance
PhD Projects in Visual Cryptography Research GuidancePhD Services
 
NIX Case Study: ARTIFACTS - A Blockchain Platform for Scientific Research Dat...
NIX Case Study: ARTIFACTS - A Blockchain Platform for Scientific Research Dat...NIX Case Study: ARTIFACTS - A Blockchain Platform for Scientific Research Dat...
NIX Case Study: ARTIFACTS - A Blockchain Platform for Scientific Research Dat...NIX
 
II-SDV 2016 Patrick Beaucamp - Data Science with R and Vanilla Air
II-SDV 2016 Patrick Beaucamp - Data Science with R and Vanilla AirII-SDV 2016 Patrick Beaucamp - Data Science with R and Vanilla Air
II-SDV 2016 Patrick Beaucamp - Data Science with R and Vanilla AirDr. Haxel Consult
 
Scalable policy-aware Linked Data architecture for prIvacy, transparency and ...
Scalable policy-aware Linked Data architecture for prIvacy, transparency and ...Scalable policy-aware Linked Data architecture for prIvacy, transparency and ...
Scalable policy-aware Linked Data architecture for prIvacy, transparency and ...Sabrina Kirrane
 
II-SDV 2016 - QWAM Content Intelligence
II-SDV 2016 - QWAM Content IntelligenceII-SDV 2016 - QWAM Content Intelligence
II-SDV 2016 - QWAM Content IntelligenceDr. Haxel Consult
 
Big data
Big dataBig data
Big dataPalash Jain
 
Security bigdata
Security bigdataSecurity bigdata
Security bigdataJitendra Chauhan
 
Big data security challenges and recommendations!
Big data security challenges and recommendations!Big data security challenges and recommendations!
Big data security challenges and recommendations!cisoplatform
 
Information Security in Big Data : Privacy and Data Mining
Information Security in Big Data : Privacy and Data MiningInformation Security in Big Data : Privacy and Data Mining
Information Security in Big Data : Privacy and Data Miningwanani181
 
Big Data: Its Characteristics And Architecture Capabilities
Big Data: Its Characteristics And Architecture CapabilitiesBig Data: Its Characteristics And Architecture Capabilities
Big Data: Its Characteristics And Architecture CapabilitiesAshraf Uddin
 
What is Big Data?
What is Big Data?What is Big Data?
What is Big Data?Bernard Marr
 
Jisc Research Data Shared Service - Spring Update
Jisc Research Data Shared Service - Spring UpdateJisc Research Data Shared Service - Spring Update
Jisc Research Data Shared Service - Spring UpdateJisc RDM
 
Palms v
Palms vPalms v
Palms vbdemchak
 
Hicss 2012 presentation
Hicss 2012 presentationHicss 2012 presentation
Hicss 2012 presentationbdemchak
 
Architecture and Standards
Architecture and StandardsArchitecture and Standards
Architecture and StandardsARDC
 
Ncicbiit
NcicbiitNcicbiit
Ncicbiitimgcommcall
 
Jisc research data shared service overview IDCC 2016
Jisc research data shared service overview IDCC 2016Jisc research data shared service overview IDCC 2016
Jisc research data shared service overview IDCC 2016Jisc RDM
 
RDM shared services at IDCC
RDM shared services at IDCCRDM shared services at IDCC
RDM shared services at IDCCJisc RDM
 
SMART Seminar Series: SMART Data Management
SMART Seminar Series: SMART Data ManagementSMART Seminar Series: SMART Data Management
SMART Seminar Series: SMART Data ManagementSMART Infrastructure Facility
 
Data governance datalakes_multitenancy
Data governance datalakes_multitenancyData governance datalakes_multitenancy
Data governance datalakes_multitenancySathish K S
 
Design patterns
Design patternsDesign patterns
Design patternsACCESS Health Digital
 
MPLS/SDN 2013 Intercloud Standardization and Testbeds - Sill
MPLS/SDN 2013 Intercloud Standardization and Testbeds - SillMPLS/SDN 2013 Intercloud Standardization and Testbeds - Sill
MPLS/SDN 2013 Intercloud Standardization and Testbeds - SillAlan Sill
 
Multi-faceted Classification of Big Data Use Cases and Proposed Architecture ...
Multi-faceted Classification of Big Data Use Cases and Proposed Architecture ...Multi-faceted Classification of Big Data Use Cases and Proposed Architecture ...
Multi-faceted Classification of Big Data Use Cases and Proposed Architecture ...Geoffrey Fox
 
Competency framework: engineers, statisticians, data scientists, librarians, ...
Competency framework: engineers, statisticians, data scientists, librarians, ...Competency framework: engineers, statisticians, data scientists, librarians, ...
Competency framework: engineers, statisticians, data scientists, librarians, ...African Open Science Platform
 
Data Domain-Driven Design
Data Domain-Driven DesignData Domain-Driven Design
Data Domain-Driven DesignKiran Kumar Chittoori
 
State of Florida Neo4j Graph Briefing - Cyber IAM
State of Florida Neo4j Graph Briefing - Cyber IAMState of Florida Neo4j Graph Briefing - Cyber IAM
State of Florida Neo4j Graph Briefing - Cyber IAMNeo4j
 
Cloud e-Genome: NGS Workflows on the Cloud Using e-Science Central
Cloud e-Genome: NGS Workflows on the Cloud Using e-Science CentralCloud e-Genome: NGS Workflows on the Cloud Using e-Science Central
Cloud e-Genome: NGS Workflows on the Cloud Using e-Science CentralPaolo Missier
 

More Related Content

Viewers also liked

Big data security challenges and recommendations!
Big data security challenges and recommendations!Big data security challenges and recommendations!
Big data security challenges and recommendations!cisoplatform
 
Information Security in Big Data : Privacy and Data Mining
Information Security in Big Data : Privacy and Data MiningInformation Security in Big Data : Privacy and Data Mining
Information Security in Big Data : Privacy and Data Miningwanani181
 
Big Data: Its Characteristics And Architecture Capabilities
Big Data: Its Characteristics And Architecture CapabilitiesBig Data: Its Characteristics And Architecture Capabilities
Big Data: Its Characteristics And Architecture CapabilitiesAshraf Uddin
 

Viewers also liked (6)

Big data
Big dataBig data
Big data
 
Security bigdata
Security bigdataSecurity bigdata
Security bigdata
 
Big data security challenges and recommendations!
Big data security challenges and recommendations!Big data security challenges and recommendations!
Big data security challenges and recommendations!
 
Information Security in Big Data : Privacy and Data Mining
Information Security in Big Data : Privacy and Data MiningInformation Security in Big Data : Privacy and Data Mining
Information Security in Big Data : Privacy and Data Mining
 
Big Data: Its Characteristics And Architecture Capabilities
Big Data: Its Characteristics And Architecture CapabilitiesBig Data: Its Characteristics And Architecture Capabilities
Big Data: Its Characteristics And Architecture Capabilities
 
What is Big Data?
What is Big Data?What is Big Data?
What is Big Data?
 

Similar to Overview of Policies for Security and Data Sharing in PALMS System

Jisc Research Data Shared Service - Spring Update
Jisc Research Data Shared Service - Spring UpdateJisc Research Data Shared Service - Spring Update
Jisc Research Data Shared Service - Spring UpdateJisc RDM
 
Hicss 2012 presentation
Hicss 2012 presentationHicss 2012 presentation
Hicss 2012 presentationbdemchak
 
Architecture and Standards
Architecture and StandardsArchitecture and Standards
Architecture and StandardsARDC
 
Jisc research data shared service overview IDCC 2016
Jisc research data shared service overview IDCC 2016Jisc research data shared service overview IDCC 2016
Jisc research data shared service overview IDCC 2016Jisc RDM
 
RDM shared services at IDCC
RDM shared services at IDCCRDM shared services at IDCC
RDM shared services at IDCCJisc RDM
 
Data governance datalakes_multitenancy
Data governance datalakes_multitenancyData governance datalakes_multitenancy
Data governance datalakes_multitenancySathish K S
 
MPLS/SDN 2013 Intercloud Standardization and Testbeds - Sill
MPLS/SDN 2013 Intercloud Standardization and Testbeds - SillMPLS/SDN 2013 Intercloud Standardization and Testbeds - Sill
MPLS/SDN 2013 Intercloud Standardization and Testbeds - SillAlan Sill
 
Multi-faceted Classification of Big Data Use Cases and Proposed Architecture ...
Multi-faceted Classification of Big Data Use Cases and Proposed Architecture ...Multi-faceted Classification of Big Data Use Cases and Proposed Architecture ...
Multi-faceted Classification of Big Data Use Cases and Proposed Architecture ...Geoffrey Fox
 
Competency framework: engineers, statisticians, data scientists, librarians, ...
Competency framework: engineers, statisticians, data scientists, librarians, ...Competency framework: engineers, statisticians, data scientists, librarians, ...
Competency framework: engineers, statisticians, data scientists, librarians, ...African Open Science Platform
 
State of Florida Neo4j Graph Briefing - Cyber IAM
State of Florida Neo4j Graph Briefing - Cyber IAMState of Florida Neo4j Graph Briefing - Cyber IAM
State of Florida Neo4j Graph Briefing - Cyber IAMNeo4j
 
Cloud e-Genome: NGS Workflows on the Cloud Using e-Science Central
Cloud e-Genome: NGS Workflows on the Cloud Using e-Science CentralCloud e-Genome: NGS Workflows on the Cloud Using e-Science Central
Cloud e-Genome: NGS Workflows on the Cloud Using e-Science CentralPaolo Missier
 
Bitkom Cray presentation - on HPC affecting big data analytics in FS
Bitkom Cray presentation - on HPC affecting big data analytics in FSBitkom Cray presentation - on HPC affecting big data analytics in FS
Bitkom Cray presentation - on HPC affecting big data analytics in FSPhilip Filleul
 
Marlabs Capabilities Overview: Cyber Security Services
Marlabs Capabilities Overview: Cyber Security Services Marlabs Capabilities Overview: Cyber Security Services
Marlabs Capabilities Overview: Cyber Security Services Marlabs
 
Countering Threats with the Elastic Stack at CERDEC/ARL
Countering Threats with the Elastic Stack at CERDEC/ARLCountering Threats with the Elastic Stack at CERDEC/ARL
Countering Threats with the Elastic Stack at CERDEC/ARLElasticsearch
 
Identity and User Access Management.pptx
Identity and User Access Management.pptxIdentity and User Access Management.pptx
Identity and User Access Management.pptxirfanullahkhan64
 

Similar to Overview of Policies for Security and Data Sharing in PALMS System (20)

Jisc Research Data Shared Service - Spring Update
Jisc Research Data Shared Service - Spring UpdateJisc Research Data Shared Service - Spring Update
Jisc Research Data Shared Service - Spring Update
 
Palms v
Palms vPalms v
Palms v
 
Hicss 2012 presentation
Hicss 2012 presentationHicss 2012 presentation
Hicss 2012 presentation
 
Architecture and Standards
Architecture and StandardsArchitecture and Standards
Architecture and Standards
 
Ncicbiit
NcicbiitNcicbiit
Ncicbiit
 
Jisc research data shared service overview IDCC 2016
Jisc research data shared service overview IDCC 2016Jisc research data shared service overview IDCC 2016
Jisc research data shared service overview IDCC 2016
 
RDM shared services at IDCC
RDM shared services at IDCCRDM shared services at IDCC
RDM shared services at IDCC
 
SMART Seminar Series: SMART Data Management
SMART Seminar Series: SMART Data ManagementSMART Seminar Series: SMART Data Management
SMART Seminar Series: SMART Data Management
 
Data governance datalakes_multitenancy
Data governance datalakes_multitenancyData governance datalakes_multitenancy
Data governance datalakes_multitenancy
 
Design patterns
Design patternsDesign patterns
Design patterns
 
MPLS/SDN 2013 Intercloud Standardization and Testbeds - Sill
MPLS/SDN 2013 Intercloud Standardization and Testbeds - SillMPLS/SDN 2013 Intercloud Standardization and Testbeds - Sill
MPLS/SDN 2013 Intercloud Standardization and Testbeds - Sill
 
Multi-faceted Classification of Big Data Use Cases and Proposed Architecture ...
Multi-faceted Classification of Big Data Use Cases and Proposed Architecture ...Multi-faceted Classification of Big Data Use Cases and Proposed Architecture ...
Multi-faceted Classification of Big Data Use Cases and Proposed Architecture ...
 
Competency framework: engineers, statisticians, data scientists, librarians, ...
Competency framework: engineers, statisticians, data scientists, librarians, ...Competency framework: engineers, statisticians, data scientists, librarians, ...
Competency framework: engineers, statisticians, data scientists, librarians, ...
 
Data Domain-Driven Design
Data Domain-Driven DesignData Domain-Driven Design
Data Domain-Driven Design
 
State of Florida Neo4j Graph Briefing - Cyber IAM
State of Florida Neo4j Graph Briefing - Cyber IAMState of Florida Neo4j Graph Briefing - Cyber IAM
State of Florida Neo4j Graph Briefing - Cyber IAM
 
Cloud e-Genome: NGS Workflows on the Cloud Using e-Science Central
Cloud e-Genome: NGS Workflows on the Cloud Using e-Science CentralCloud e-Genome: NGS Workflows on the Cloud Using e-Science Central
Cloud e-Genome: NGS Workflows on the Cloud Using e-Science Central
 
Bitkom Cray presentation - on HPC affecting big data analytics in FS
Bitkom Cray presentation - on HPC affecting big data analytics in FSBitkom Cray presentation - on HPC affecting big data analytics in FS
Bitkom Cray presentation - on HPC affecting big data analytics in FS
 
Marlabs Capabilities Overview: Cyber Security Services
Marlabs Capabilities Overview: Cyber Security Services Marlabs Capabilities Overview: Cyber Security Services
Marlabs Capabilities Overview: Cyber Security Services
 
Countering Threats with the Elastic Stack at CERDEC/ARL
Countering Threats with the Elastic Stack at CERDEC/ARLCountering Threats with the Elastic Stack at CERDEC/ARL
Countering Threats with the Elastic Stack at CERDEC/ARL
 
Identity and User Access Management.pptx
Identity and User Access Management.pptxIdentity and User Access Management.pptx
Identity and User Access Management.pptx
 

More from bdemchak

Cytoscape Network Visualization and Analysis
Cytoscape Network Visualization and AnalysisCytoscape Network Visualization and Analysis
Cytoscape Network Visualization and Analysisbdemchak
 
The New CyREST: Economical Delivery of Complex, Reproducible Network Biology ...
The New CyREST: Economical Delivery of Complex, Reproducible Network Biology ...The New CyREST: Economical Delivery of Complex, Reproducible Network Biology ...
The New CyREST: Economical Delivery of Complex, Reproducible Network Biology ...bdemchak
 
Cytoscape Cyberinfrastructure
Cytoscape CyberinfrastructureCytoscape Cyberinfrastructure
Cytoscape Cyberinfrastructurebdemchak
 
No More Silos! Cytoscape CI Enables Interoperability
No More Silos! Cytoscape CI Enables InteroperabilityNo More Silos! Cytoscape CI Enables Interoperability
No More Silos! Cytoscape CI Enables Interoperabilitybdemchak
 
Cytoscape CI Chapter 2
Cytoscape CI Chapter 2Cytoscape CI Chapter 2
Cytoscape CI Chapter 2bdemchak
 
Composable Chat Introduction
Composable Chat IntroductionComposable Chat Introduction
Composable Chat Introductionbdemchak
 
Rich Services: Composable chat
Rich Services: Composable chatRich Services: Composable chat
Rich Services: Composable chatbdemchak
 
Ucsd tum workshop bd
Ucsd tum workshop bdUcsd tum workshop bd
Ucsd tum workshop bdbdemchak
 
Rich Feeds for RESCUE and PALMS
Rich Feeds for RESCUE and PALMSRich Feeds for RESCUE and PALMS
Rich Feeds for RESCUE and PALMSbdemchak
 
Iscram 2008 presentation
Iscram 2008 presentationIscram 2008 presentation
Iscram 2008 presentationbdemchak
 
Rich feeds policy, the cloud, and CAP
Rich feeds policy, the cloud, and CAPRich feeds policy, the cloud, and CAP
Rich feeds policy, the cloud, and CAPbdemchak
 
Rich services to the Rescue
Rich services to the RescueRich services to the Rescue
Rich services to the Rescuebdemchak
 
Policy 2012 presentation
Policy 2012 presentationPolicy 2012 presentation
Policy 2012 presentationbdemchak
 
Rich feeds for rescue an integration story
Rich feeds for rescue an integration storyRich feeds for rescue an integration story
Rich feeds for rescue an integration storybdemchak
 
Background scenario drivers and critical issues with a focus on technology ...
Background scenario drivers and critical issues with a focus on technology ...Background scenario drivers and critical issues with a focus on technology ...
Background scenario drivers and critical issues with a focus on technology ...bdemchak
 
Rich feeds for rescue, palms cyberinfrastructure integration stories
Rich feeds for rescue, palms cyberinfrastructure integration storiesRich feeds for rescue, palms cyberinfrastructure integration stories
Rich feeds for rescue, palms cyberinfrastructure integration storiesbdemchak
 
Data quality and uncertainty visualization
Data quality and uncertainty visualizationData quality and uncertainty visualization
Data quality and uncertainty visualizationbdemchak
 
Web programming in clojure
Web programming in clojureWeb programming in clojure
Web programming in clojurebdemchak
 
Structure and interpretation of computer programs modularity, objects, and ...
Structure and interpretation of computer programs modularity, objects, and ...Structure and interpretation of computer programs modularity, objects, and ...
Structure and interpretation of computer programs modularity, objects, and ...bdemchak
 
Requirements engineering from system goals to uml models to software specif...
Requirements engineering from system goals to uml models to software specif...Requirements engineering from system goals to uml models to software specif...
Requirements engineering from system goals to uml models to software specif...bdemchak
 

More from bdemchak (20)

Cytoscape Network Visualization and Analysis
Cytoscape Network Visualization and AnalysisCytoscape Network Visualization and Analysis
Cytoscape Network Visualization and Analysis
 
The New CyREST: Economical Delivery of Complex, Reproducible Network Biology ...
The New CyREST: Economical Delivery of Complex, Reproducible Network Biology ...The New CyREST: Economical Delivery of Complex, Reproducible Network Biology ...
The New CyREST: Economical Delivery of Complex, Reproducible Network Biology ...
 
Cytoscape Cyberinfrastructure
Cytoscape CyberinfrastructureCytoscape Cyberinfrastructure
Cytoscape Cyberinfrastructure
 
No More Silos! Cytoscape CI Enables Interoperability
No More Silos! Cytoscape CI Enables InteroperabilityNo More Silos! Cytoscape CI Enables Interoperability
No More Silos! Cytoscape CI Enables Interoperability
 
Cytoscape CI Chapter 2
Cytoscape CI Chapter 2Cytoscape CI Chapter 2
Cytoscape CI Chapter 2
 
Composable Chat Introduction
Composable Chat IntroductionComposable Chat Introduction
Composable Chat Introduction
 
Rich Services: Composable chat
Rich Services: Composable chatRich Services: Composable chat
Rich Services: Composable chat
 
Ucsd tum workshop bd
Ucsd tum workshop bdUcsd tum workshop bd
Ucsd tum workshop bd
 
Rich Feeds for RESCUE and PALMS
Rich Feeds for RESCUE and PALMSRich Feeds for RESCUE and PALMS
Rich Feeds for RESCUE and PALMS
 
Iscram 2008 presentation
Iscram 2008 presentationIscram 2008 presentation
Iscram 2008 presentation
 
Rich feeds policy, the cloud, and CAP
Rich feeds policy, the cloud, and CAPRich feeds policy, the cloud, and CAP
Rich feeds policy, the cloud, and CAP
 
Rich services to the Rescue
Rich services to the RescueRich services to the Rescue
Rich services to the Rescue
 
Policy 2012 presentation
Policy 2012 presentationPolicy 2012 presentation
Policy 2012 presentation
 
Rich feeds for rescue an integration story
Rich feeds for rescue an integration storyRich feeds for rescue an integration story
Rich feeds for rescue an integration story
 
Background scenario drivers and critical issues with a focus on technology ...
Background scenario drivers and critical issues with a focus on technology ...Background scenario drivers and critical issues with a focus on technology ...
Background scenario drivers and critical issues with a focus on technology ...
 
Rich feeds for rescue, palms cyberinfrastructure integration stories
Rich feeds for rescue, palms cyberinfrastructure integration storiesRich feeds for rescue, palms cyberinfrastructure integration stories
Rich feeds for rescue, palms cyberinfrastructure integration stories
 
Data quality and uncertainty visualization
Data quality and uncertainty visualizationData quality and uncertainty visualization
Data quality and uncertainty visualization
 
Web programming in clojure
Web programming in clojureWeb programming in clojure
Web programming in clojure
 
Structure and interpretation of computer programs modularity, objects, and ...
Structure and interpretation of computer programs modularity, objects, and ...Structure and interpretation of computer programs modularity, objects, and ...
Structure and interpretation of computer programs modularity, objects, and ...
 
Requirements engineering from system goals to uml models to software specif...
Requirements engineering from system goals to uml models to software specif...Requirements engineering from system goals to uml models to software specif...
Requirements engineering from system goals to uml models to software specif...
 

Recently uploaded

办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样umasea
 
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASEBATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASEOrtus Solutions, Corp
 
Unveiling the Future: Sylius 2.0 New Features
Unveiling the Future: Sylius 2.0 New FeaturesUnveiling the Future: Sylius 2.0 New Features
Unveiling the Future: Sylius 2.0 New FeaturesŁukasz Chruściel
 
chapter--4-software-project-planning.ppt
chapter--4-software-project-planning.pptchapter--4-software-project-planning.ppt
chapter--4-software-project-planning.pptkotipi9215
 
MYjobs Presentation Django-based project
MYjobs Presentation Django-based projectMYjobs Presentation Django-based project
MYjobs Presentation Django-based projectAnoyGreter
 
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)jennyeacort
 
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...stazi3110
 
Unveiling Design Patterns: A Visual Guide with UML Diagrams
Unveiling Design Patterns: A Visual Guide with UML DiagramsUnveiling Design Patterns: A Visual Guide with UML Diagrams
Unveiling Design Patterns: A Visual Guide with UML DiagramsAhmed Mohamed
 
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer DataAdobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer DataBradBedford3
 
SuccessFactors 1H 2024 Release - Sneak-Peek by Deloitte Germany
SuccessFactors 1H 2024 Release - Sneak-Peek by Deloitte GermanySuccessFactors 1H 2024 Release - Sneak-Peek by Deloitte Germany
SuccessFactors 1H 2024 Release - Sneak-Peek by Deloitte GermanyChristoph Pohl
 
What is Fashion PLM and Why Do You Need It
What is Fashion PLM and Why Do You Need ItWhat is Fashion PLM and Why Do You Need It
What is Fashion PLM and Why Do You Need ItWave PLM
 
英国UN学位证,北安普顿大学毕业证书1:1制作
英国UN学位证,北安普顿大学毕业证书1:1制作英国UN学位证,北安普顿大学毕业证书1:1制作
英国UN学位证,北安普顿大学毕业证书1:1制作qr0udbr0
 
React Server Component in Next.js by Hanief Utama
React Server Component in Next.js by Hanief UtamaReact Server Component in Next.js by Hanief Utama
React Server Component in Next.js by Hanief UtamaHanief Utama
 
Software Project Health Check: Best Practices and Techniques for Your Product...
Software Project Health Check: Best Practices and Techniques for Your Product...Software Project Health Check: Best Practices and Techniques for Your Product...
Software Project Health Check: Best Practices and Techniques for Your Product...Velvetech LLC
 
EY_Graph Database Powered Sustainability
EY_Graph Database Powered SustainabilityEY_Graph Database Powered Sustainability
EY_Graph Database Powered SustainabilityNeo4j
 
Cloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEECloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEEVICTOR MAESTRE RAMIREZ
 
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...soniya singh
 
Recruitment Management Software Benefits (Infographic)
Recruitment Management Software Benefits (Infographic)Recruitment Management Software Benefits (Infographic)
Recruitment Management Software Benefits (Infographic)Hr365.us smith
 
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideBuilding Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideChristina Lin
 
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptxKnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptxTier1 app
 

Recently uploaded (20)

办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
 
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASEBATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
 
Unveiling the Future: Sylius 2.0 New Features
Unveiling the Future: Sylius 2.0 New FeaturesUnveiling the Future: Sylius 2.0 New Features
Unveiling the Future: Sylius 2.0 New Features
 
chapter--4-software-project-planning.ppt
chapter--4-software-project-planning.pptchapter--4-software-project-planning.ppt
chapter--4-software-project-planning.ppt
 
MYjobs Presentation Django-based project
MYjobs Presentation Django-based projectMYjobs Presentation Django-based project
MYjobs Presentation Django-based project
 
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)
 
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
 
Unveiling Design Patterns: A Visual Guide with UML Diagrams
Unveiling Design Patterns: A Visual Guide with UML DiagramsUnveiling Design Patterns: A Visual Guide with UML Diagrams
Unveiling Design Patterns: A Visual Guide with UML Diagrams
 
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer DataAdobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
 
SuccessFactors 1H 2024 Release - Sneak-Peek by Deloitte Germany
SuccessFactors 1H 2024 Release - Sneak-Peek by Deloitte GermanySuccessFactors 1H 2024 Release - Sneak-Peek by Deloitte Germany
SuccessFactors 1H 2024 Release - Sneak-Peek by Deloitte Germany
 
What is Fashion PLM and Why Do You Need It
What is Fashion PLM and Why Do You Need ItWhat is Fashion PLM and Why Do You Need It
What is Fashion PLM and Why Do You Need It
 
英国UN学位证,北安普顿大学毕业证书1:1制作
英国UN学位证,北安普顿大学毕业证书1:1制作英国UN学位证,北安普顿大学毕业证书1:1制作
英国UN学位证,北安普顿大学毕业证书1:1制作
 
React Server Component in Next.js by Hanief Utama
React Server Component in Next.js by Hanief UtamaReact Server Component in Next.js by Hanief Utama
React Server Component in Next.js by Hanief Utama
 
Software Project Health Check: Best Practices and Techniques for Your Product...
Software Project Health Check: Best Practices and Techniques for Your Product...Software Project Health Check: Best Practices and Techniques for Your Product...
Software Project Health Check: Best Practices and Techniques for Your Product...
 
EY_Graph Database Powered Sustainability
EY_Graph Database Powered SustainabilityEY_Graph Database Powered Sustainability
EY_Graph Database Powered Sustainability
 
Cloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEECloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEE
 
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
 
Recruitment Management Software Benefits (Infographic)
Recruitment Management Software Benefits (Infographic)Recruitment Management Software Benefits (Infographic)
Recruitment Management Software Benefits (Infographic)
 
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideBuilding Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
 
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptxKnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
 

Overview of Policies for Security and Data Sharing in PALMS System

  • 1. Overview of Policies for Security and Data Sharing Ingolf Krüger Barry Demchak March 16, 2010
  • 2. Roadmap • PALMS (Physical Activity Location Measurement System) • SOA Review • PALMS Logical Architecture • Policy and its composition • Policy execution – relationship with caBIG Feel free to ask questions!
  • 3. PALMS Objectives • Support data collection and analysis for exposure biology studies – Data capture from multiple devices – Multiple analyses and recombination of data – Sharing of data between investigators and projects – Support multiple visualizations (local and remote) • Extensible and Flexible – Scalable for large data flows – Support large number of investigators and studies – Customizable datasets, calculations, and visualizations • HIPAA Compliant and Secure
  • 4. PALMS Organization and Data Flow (CI) Authorable & Discoverable
  • 5. Study Repository Study Repository Visualizatio n Repository Visualizatio n Repository Calculation Repository Calculation Repository PALMS Community PI Study Study Study PI Study Study PI Study PALMSPALMS StudyStudyStudy Study StudyStudy PI PI PI Community • Policy-driven access control – Subject data – Study data – Calculations – Visualizations • Secure • HIPAA Compliance • Customized Studies • Collaboration • Data Reuse Browser Excel, Matlab…
  • 6. Study Repository Study Repository Visualizatio n Engine Visualizatio n Engine Calculation Engine Calculation Engine Data Flow PALMSPALMS StudyStudyStudy Study StudyStudy PI RA Define Enter Subjects Enter Observations Refine & Start Refine & Create Guest
  • 8. Services and SOA • Loose Coupling • Late Binding • Scalability • Composition • Interoperability • Testability Network Implementation Single Server, Multiple Processes Single Application, Linked Modules Logical Deployment • Malleability • Manageability • Dependability • Incremental development
  • 10. Composing Workflow and Policy • Define and implement Policy Concerns – A class of policy decision embedded in a workflow – Characterized by a contract for workflow and dataflow – Supports reasoning regarding application correctness, completeness, and contradiction – Instantiated as policies inserted by stakeholders at either design time or runtime If user in [“PIs”, “RAs”, “Guests”] Continue Else Reply “Failure”
  • 11. Groups and Roles If user in [“PIs”, “RAs”, “Guests”] Continue Else Reply “Failure” • Internet2 Grouper – Hierarchical group management – Single point of control – Permission-based administration – Virtual organizations (VOs)
  • 12. Identity If user in [“PIs”, “RAs”, “Guests”] Continue Else Reply “Failure” • Establishing – What I have (token) – What I know (password) – What I am (biometric) • Referencing – Trust relationships (certification authorities) – X509 Certificate – SAML Certificate – OpenID Browser Application 3 2 1 Certificate 4 5 User ID & Password Confirm ID Provider
  • 13. caBIG cancer Biomedical Informatics Grid – Connects scientists & practitioners: shareable & interoperable infrastructure – Develop standard rules & common language: easily share information – Tools: collecting, analyzing, integrating, disseminating cancer information – Cornerstones – Federation – Open development – Open access – Open source – Workspaces – Clinical Trial Management – Integrative Cancer Research – Tissue Banks and Pathology – Vocabularies & Common Data Elements – Architecture – Strategic Planning – Data Sharing and Intellectual Capital – Training
  • 14. caGrid & GAARDS • Grid Authentication & Authorization with Reliably Distributed Services – Services & Tools for enforcement of security policy in enterprise grid – Developed on Globus Toolkit – Provides – grid user management – identity federation – trust fabric provisioning and management – group/VO management – access control policy management and enforcement – credential delegation – web SSO – integration between security domains & grid security domain
  • 16. Relationship to PALMS • Pros – Well supported – caGrid Knowledge Center (Justin Permer/Ohio State Bioinformatics) – Professionally managed – Well developed governance and development models – Standards-based – Security: X509 & SAML – Ontologies: Thesaurus and Metathesaurus – Sharing infrastructure – Growing community • Cons – Key infrastructure out of our direct control
  • 19. Composing Workflow and Policy Scenario: Add Policy to Existing Workflow (CNN | BBC) > story > if(authorized) > email(story,”x@ucsd.edu”) • Key issues – What is policy to compose? – Where to insert policy? ... capture all paths? – How to compose multiple policies? – How to guarantee integrity of workflow? – Preview: We have to address these • Current methodologies – Requirement discovery and hand coding – Policy-based design & Inversion of Control – Aspect Oriented Programming – UML sequence chart composition • New methodology (preview) – ORCA
  • 20. Architecture Definition Methodology Rich Services VirtualNetwork Rich Services RAS4 Services Service S 1 Roles U1 U2 U3 U4 U5 Use Case Graph Concerns C1 C2 C3 C4 CC1 CC2CC3 Domain Model R1 R2 R3 R4 R5 R6 R1 R2 msg R3 CC1 CC2 Role Domain Model R1 R2 R3 R4 R5 R6 CC1 CC2 CC3 Router/Interceptor Messenger /Communicator RAS1 RAS2 CC1 CC4 CC5 Router /Interceptor Messenger / Communicator RAS5 RAS6RAS3 S / D S / D RIS: RIS: ServiceElicitationRichServiceArchitecture RAS7 Systemof Systems Topology H1 H2 H3 H5 H6 H7 H8 H9 H4 RAS1 RAS2 RAS3 RAS5 RAS6 RAS7 Infrastructure Mapping H1:RAS1 H2:RAS2 H3:CC1 H5:RAS2 H6:RAS5 H7:RAS7H8:RAS7 H9:RAS6 H4:RAS3Optimization Implementation RAS1 RAS 2 RAS3 RAS 4 RAS5 RAS 6 RAS7 CC1 CC2 CC3 CC4 CC5 Analysis Synthesis Analysis Identification Definition Consolidation Refinement Hierarchic composition Refinement Logical Model SystemArchitecture Definition Logical Architecture Loop DeploymentLoop
  • 25. Artifacts • User Stories • Use Cases • Access Control Patterns • Domain Modeling • Dataflow • Low Fidelity UI • Service Definitions • Rich Service Requirements Modeling Service Modeling
  • 27. Use Case Attributes • ID • Name • Priority • Complexity • Release Number • Last Revised • Description • Actors (Primary and Secondary) • Stakeholders • Pre-Conditions • Constraints • Post-Conditions • Triggers • Cross References • Flow of Events – Basic Flow – Alternative Flows – Exceptions • Extensions • Information Requirements • Special Requirements • Frequency of Use • Assumptions • Issues and Considerations – Issues – Consideration • Process Flows • Related Use Cases RA signs in RA selects study RA uploads .CSV and .GPX files PALMS displays summary RA confirms summary PALMS commits dataset PALMS abandons dataset Display error Display error All files missing or invalid Time range overlaps accept decline
  • 28. Low Fidelity User Interface
  • 33. Service Interactions (Calculation) alt alt Web Browser PALMS Study Calculation Engine StartCalculation(study, protocolID, paramBlockID, resultName) StartResult - study + study Start Calculation Results Repository Initiate Result AddResult(resultName, protocolID, paramBlock) AddResult Protocol Repository GetProtocolParams(protocolID, paramBlockID) Get Param Block ParamBlockResult
  • 34. The Road ForwardComponent Interactions Client Server Server Google Web Toolkit (GWT) Mule Enterprise Service Bus
  • 35. PALMS Products • Integration – Mapping Engines – Data Mining Engines – Social Networks – Disaster Management • Alerts and Events • Data Subscriptions • Data Flow Analysis (provenance flow) • Scalable and Configurable Calculations • Collaboration

Editor's Notes

  1. <number> Thank the host!
  2. In the beginning: PIs have their studies, and their studies have their data, calculations, and visualizations ----- Insight: Studies can be managed centrally; calculations and visualizations can be reused; collaborations can occur with data, calculations, and visualizations Click 1: Enter PALMS, an Internet-based facility for managing research Click 2: The main features of PALMS: the study repository, calculation repository, and visualization repository Click 3: Community uses PALMS to manage studies, provide calculations, and provide visualizations Click 4: Policy -> HIPAA, Collaboration, etc
  3. PALMS is a role-based system. Data flows are associated with particular roles and particular targets Click 1: A PI can define what data a study retains, what calculations can be made, and what visualizations can be made Click 2: An RA can enter subject and observation information Click 3: Once the information exists in the study, the RA can send it to a calculation engine, and then to a visualizer Click 4: A guest cannot enter data, but can get calculations and visualizations All data flows and requests are subject to policy (next slide)
  4. Policy can be defined at both the PALMS system level and at the study level Click 1: What is a policy? Click 2: Who defines policies?? … it depends on the policy … (RAs can define policies that affect guests) Click 3: An example: A guest wants to run a calculation and get a visualization Click 4: Policy at both the PALMS and study level apply to allow/reject the operation, or to constrain or shape it Important points: - Policy can be used for access control and HIPAA enforcement. - Policy engines monitor all transactions. - Policy engines not only enforce permissions, but they also cause audit logging - Engines similar to the policy engines can also perform encryption, anonymization, decimation, failure management, and so on
  5. Current methodologies Requirement discovery and hand coding Policy-based design & Inversion of Control Aspect Oriented Programming UML sequence chart composition New methodology (preview) ORCA
  6. Add Authentication policy into CNN/BBC workflow … see red decision-making <<<<CLICK>>>> In ORC, see the same decision being inserted <<<<CLICK>>>> <<Go over key issues>> To solve the policy insertion problem, we have to solve these <<<<CLICK>>>> Show existing well-known solutions … not reactive to stakeholder policy insertion <<<<CLICK>>>> ORCA is part of solution … specifies WHAT and WHERE