PoSecCo: modelling services  for the Future Internet          Antonio Lioy      Politecnico di Torino        <lioy@polito....
Posecco scenario: Future Internet seenfrom a Service Provider (SP)           security reqs                                ...
PoSecCo view: services in FI                               3
What to model? companies run business processes/services   the interesting ones are the ones implemented using IT resource...
Main requirements … business services (BS) can be implemented by a number of different IT services (i.e., abstract service...
A quick look at Posecco meta-models        Services                        Policies                                      B...
A quick look at Posecco meta-models                                  current service                                   met...
Service modelling layersIT layerInfrastructure                                 8
Some more details: the concepts                                              business        business          business   ...
Business layer: business services business services (BS) are structured in processes     terminology from TUe and not in c...
Business layer: institutions BP customers     several customers can buy the same BS and every customer may use one or     ...
Business layer: business info very abstract concepts to be further instantiated and adapted roles     not the same as the ...
IT layer: the service models IT service model: abstract definition corresponding to the interface it exposes IT services i...
IT layer: data first class entities in the access control meta-model need to be customized in the model      according to ...
Catalog: what an SP sells used to enumerate all the service models sold by a SP   Crossgate requirement: modern way of man...
Infrastructure layer: running services  every IT service model may be implemented      using different physical or virtual...
Infrastructure layer: the landscape virtual and physical nodes connected through interfaces      located somewhere (for de...
The PoSecCo ontology(ies)                                      business meta-model                                      bu...
Tools and formats meta-models as standard UML class diagrams from meta-models to models   constrain the model derivation p...
PoSecCo and EffectPlus PoSecCo will provide:   meta-models for services in a SP-oriented scenario   layered architecture: ...
THANK YOU!
DisclaimerEU DisclaimerPoSecCo project (project no. 257129) is partially supported/co-funded by the EuropeanCommunity/ Eur...
23
24
Upcoming SlideShare
Loading in …5
×

Posecco cluster meeting

549 views

Published on

Published in: Technology, Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
549
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
3
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Posecco cluster meeting

  1. 1. PoSecCo: modelling services for the Future Internet Antonio Lioy Politecnico di Torino <lioy@polito.it> Amsterdam - July 4-5, 2011
  2. 2. Posecco scenario: Future Internet seenfrom a Service Provider (SP) security reqs security reqs from from customers SP-customers laws and regulations security reqs Provider Service sec reqs Service Service Service service from suppliersfrom mgmt application application application application application DB DB Supplier Supplier SP-staff system system system network 2
  3. 3. PoSecCo view: services in FI 3
  4. 4. What to model? companies run business processes/services the interesting ones are the ones implemented using IT resources SP main goal? reducing costs infrastructure re-use existing services avoid re-implementing a service for each customer … if the policy allows it implementation and maintenance integrated policy refinement using the “policy chain” … with a higher level of security PoSecCo aims at supporting SPs with models and tools 4
  5. 5. Main requirements … business services (BS) can be implemented by a number of different IT services (i.e., abstract service profiles) several customers can buy the same BS and every customer may use one or more instances of an IT service IT service = components + choreography IT services interact with other IT services or use other IT services as sub-components every IT service may have different instantiations using different physical or virtual resources (running services) and sub- services running services can execute several components of the same IT service running services can execute several components from different IT services SP can outsource (sub-)services, applications, or HW (hosting providers) 5
  6. 6. A quick look at Posecco meta-models Services Policies Business policy Business meta-model meta-model IT policy (access control, IT service meta-model confidentiality, filtering, …) configurations for policy Infrastructure meta-model enabled security elements 6
  7. 7. A quick look at Posecco meta-models current service meta-model Services Business meta-model IT service meta-model Infrastructure meta-model 7
  8. 8. Service modelling layersIT layerInfrastructure 8
  9. 9. Some more details: the concepts business business business institutions service process information service hosting customers providers providers IT Resource IT service IT service Links Data model interface model IT resource IT resource IT service interface channel node IT resource interface physical virtual node node 9
  10. 10. Business layer: business services business services (BS) are structured in processes terminology from TUe and not in contrast with BPMN BS are not necessarily the ones implemented using IT technologies implemented by a number of different IT services (i.e., abstract service profiles) 10 business processes (BP) may be structured in hierarchies and may depend on other BPs
  11. 11. Business layer: institutions BP customers several customers can buy the same BS and every customer may use one or more instances of an IT service service providers (SP) and their relationships: SPs buying services from other SPs hosting providers 11
  12. 12. Business layer: business info very abstract concepts to be further instantiated and adapted roles not the same as the standard “access control role”, described in the IT policy meta-model more abstract, associated to company-dependent functions 12
  13. 13. IT layer: the service models IT service model: abstract definition corresponding to the interface it exposes IT services interact with other IT services or use them as sub-components IT service models are described by components: IT resources (the Applications) choreography: a link connects a resource to an interface IT resource is an abstract definition of the component/application web server, FTP server, Invoice application, EDI, … every IT service may have different implementations using different physical or virtual resources (running services) and sub-services13
  14. 14. IT layer: data first class entities in the access control meta-model need to be customized in the model according to customer and SP needs 14
  15. 15. Catalog: what an SP sells used to enumerate all the service models sold by a SP Crossgate requirement: modern way of managing It services instead of defining a general service model with configurable parameters (e.g., communication protocols, web server types) good for academia e.g., if the SP sells two versions of the “invoicing BS”, one allowing access to the front end using SFTP and one HTTPS, the catalog will include two instances of ITServiceProfile 15
  16. 16. Infrastructure layer: running services every IT service model may be implemented using different physical or virtual resources (running services) and sub-services to re-use components and save time and money:… running services can execute several components of the same IT service running services can execute several components from different IT services e.g., web servers running front ends, DBs 16
  17. 17. Infrastructure layer: the landscape virtual and physical nodes connected through interfaces located somewhere (for dependability and risk analysis purposes) full topology information may be described according to the required level of details PoSecCo uses full topology view for the configuration generation e.g., to configure all the firewalls and VPN terminators in the landscape 17
  18. 18. The PoSecCo ontology(ies) business meta-model business ontology (?) IT layer meta-model IT layer ontology infrastructure meta-model infrastructure ontology extend concepts in meta-models with a semantically richer tool use the “inclusion” and “equivalence” features to link the separated ontologies 18
  19. 19. Tools and formats meta-models as standard UML class diagrams from meta-models to models constrain the model derivation process to avoid integration issues XML representation in the PoSecCo repository meta-models models instances …ongoing effort ontologies represented in OWL 19
  20. 20. PoSecCo and EffectPlus PoSecCo will provide: meta-models for services in a SP-oriented scenario layered architecture: business, IT and infrastructure full details in a document that will come soon inputs: test your service description with our model and provide us the missing requirements e.g., more info on service virtualization collaboration: a service modelling working group? common output: unified meta-model for Future Internet … agreed and adopted by all the EffectPlus partners (at least) 20
  21. 21. THANK YOU!
  22. 22. DisclaimerEU DisclaimerPoSecCo project (project no. 257129) is partially supported/co-funded by the EuropeanCommunity/ European Union/EU under the Information and Communication Technologies (ICT)theme of the 7th Framework Programme for R&D (FP7).This document does not represent the opinion of the European Community, and the EuropeanCommunity is not responsible for any use that might be made of its content.PoSecCo DisclaimerThe information in this document is provided "as is", and no guarantee or warranty is given thatthe information is fit for any particular purpose. The above referenced consortium members shallhave no liability for damages of any kind including without limitation direct, special, indirect, orconsequential damages that may result from the use of these materials subject to any liabilitywhich is mandatory due to applicable law. 22
  23. 23. 23
  24. 24. 24

×