This document discusses using policy-driven development to empower stakeholders of cyberinfrastructures (CIs). It proposes expressing stakeholder requirements as executable policies that can constrain and augment data and control flows within the CI. Key challenges include enabling stakeholders to author complex policies and refining and enacting those policies within the CI. The approach is demonstrated in a case study of the PALMS physical activity monitoring system where a policy restricts which users can add devices to a study.

1. Policy-driven Development
Leveraging Rich Services to Empower Stakeholders
Barry Demchak (bdemchak@ucsd.edu) & Ingolf Krüger
California Institute for Telecommunications and Information Technology, San Diego Division
Problem
Cyberinfrastructure (CI)† † context
• 100s of stakeholders (e.g., producers,
consumers, operators, etc.)
• Stakeholders opt in only when CI
satisfies their requirements
• Requirements frequently change &
often mis-implemented
• CIs have long delivery times
Consequence
• More stakeholders  requirement
churn, even longer delivery times
Contradiction
• More stakeholders  fewer
stakeholders opt in
∴ lower likelihood CI will satisfy
community requirements
Result
• CI underserves stakeholders
Solution
CI as scaffolding supporting:
• basic data and control flows
• high availability & reliability
• scalability (bandwidth/storage/…)
Policy definition/execution
• stakeholder authorable
• injected directly into CI
• constrains/augments data & control
flows
Challenges
Requirement elicitation
• Enable stakeholders to articulate
requirements as policies
• Enable complex/compound policies
Policy enactment
• Refine policies into executable code
• Compose and coordinate policy
execution
Policy deployment
• Verify completeness/correctness
• Maintain system consistency
This material is based upon work supported by the National Institutes of Health
Under Grant No 1U01CA130771-01 (Project PALMS: Kevin Patrick, PI)
and the National Science Foundation under Grant No CNS-0932403
f
† †Cyberinfrastructures (CI)
f
f
†PALMS References
Physical Activity Location Measurement System to understand where activity-related energy expenditure occurs in
humans as a function of time and space. Harvests data from wearable devices on small and large scales, provides
framework for research and analysis, and has ultimate goal of discovering methods for engineering better health.
An Internet-based research computing environment that supports data acquisition, data storage, data
management, data integration, data mining, data visualization, and other computing and information processing
services. Different stakeholders produce, consume, manage, and govern a CI, and their requirements must be
simultaneously met or else the integrity of the CI degrades.
1. J. Juerjens. Security Systems Development with UML. Springer-Verlag Berlin Heidelberg, 2003.
2. T. Lodderstedt, D. Basin, and J. Doser. SecureUML: A UML-Based Modeling Language for Model-Driven Security. Proceedings
of the 5th International Conference on The Unified Modeling Language. pp426-441. Springer Verlag, 2002.
3. M. Arrott, B. Demchak, V. Ermagan, C. Farcas, E. Farcas, I. H. Krüger, and M. Menarini. Rich Services: The Integration Piece
of the SOA Puzzle. In Proceedings of the IEEE International Conference on Web Services (ICWS), Salt Lake City, Utah, USA.
IEEE, Jul. 2007, pp. 176-183.
4. A. Bhattacharjee and R. Shyamasundar. Activity Diagrams: A Formal Framework to Model Business Processes and Code
Generation. Journal of Object Technology. Vol 8, No 1, Jan 2009.
5. M. Fowler. Domain-Specific Languages. Boston, MA: Addison-Wesley, Pearson Education, Inc. Sept 2010.
6. K. Jensen and L. Kristensen. Coloured Petri Nets: Modeling and Validation of Concurrent Systems. Berlin: Springer-Verlag.
2009.
Techniques
Model-driven engineering
• Stakeholders specify policies
directly1,2 on workflow models (UML
Activity Diagrams4) using visual
Domain Specific Language (DSL5)
• Refinement follows Rich Service3
decomposition & logical/deployment
transformation
• Policies specify alternate workflows
& data flow transformations
• Model checking using CPN Tools6
Service Oriented Architecture-
based execution & deployment
• Leverage standard patterns3:
strategy, messaging, routing, &
composite pattern
• Leverage role-based interaction,
choreography & interceptor
techniques
PALMS† Case Study
Sensor Data Data Storage Calculations Visualization
Overall Requirements
Register with Study Add to Device List
User,
Dev
List Devices Select Device Add to Study
User,
Dev
User
User,
Devs
Create Study Add Device
Return Error
1: Only RA can
add device
2: User ∈ {“RA”}
3: User ∈ {“RA”}
 normal flow,
else error flow
PALMS-CI
Service Data
Connector
User
Access
Policies
Study
GlobalDeviceList
Study
Service Data
Connector
StudyDeviceList
3a. Constraint finally
expressed as
interceptor on
data flow
1.Stakeholder
expresses
constraint on
high level
workflow activity 2.Constraint is re-
expressed in each
workflow refinement
Conditional replacement of data flow or control flow
A Policy is …
Refinement Driven by …
Rich Service
Decomposition
3b. Policy executed
by Interceptor
OK
Study GlobalDeviceList
AddDeviceToStudy
User PALMS-CI
AddStudy
OK
GetAvailDevices
AvailDeviceList
AddDeviceToStudy
OK
Select
Device
StudyDeviceList
AddDeviceToStudy
OK
GetAvailDevices
AvailDeviceList