Presentation is loading. Please wait.

Presentation is loading. Please wait.

Monitoring, Security, and Dynamic Configuration with the dynamicTAO Reflective ORB Fabio Kon, Manuel Roman, Ping Liu, Jina Mao, Tomonori Yamane, Luiz C.

Published byMelinda Higgins Modified over 8 years ago

Similar presentations

Presentation on theme: "Monitoring, Security, and Dynamic Configuration with the dynamicTAO Reflective ORB Fabio Kon, Manuel Roman, Ping Liu, Jina Mao, Tomonori Yamane, Luiz C."— Presentation transcript:

1 Monitoring, Security, and Dynamic Configuration with the dynamicTAO Reflective ORB Fabio Kon, Manuel Roman, Ping Liu, Jina Mao, Tomonori Yamane, Luiz C. Magalhaes, and Roy H. Campbell {f-kon,roy}@cs.uiuc.edu Department of Computer Science University of Illinois at Urbana-Champaign http://choices.cs.uiuc.edu/2K/dynamicTAO

2 IFIP/ACM Middleware’2000 2 Introduction Network Operating System: l Facilitate management in modern computing environments l Heterogeneity: embedded sys., PDAs, laptops, workstations l Dynamism: rapid software evolution, mobile users & computers l Users must maintain different accounts in each platform l GOAL: l Facilitate management by building a middleware-level operating system on top of this heterogeneous world

3 IFIP/ACM Middleware’2000 3 Requirements l Run on multiple hardware platforms l Run on top of different OSes l Support different programming languages l Support dynamism, late binding, components l Solution: l OMG IDL l CORBA ORBs l Standard CORBA Services

4 IFIP/ACM Middleware’2000 4 But There’s A Problem! l Conventional ORBs are static: l Fixed threading model l Fixed transport protocol: IIOP (over TCP/IP) l Fixed security strategy (typically no security) l Fixed scheduling l Inadequate for a wide range of applications: l Multimedia l Mobile Computing l Adaptive Applications

5 IFIP/ACM Middleware’2000 5 Proposed Solution: Reflective ORB l Reflective Systems [Smith 84] l Meta-Object Protocol [Kiczales 91] l Reflective ORBs [Singhai and Campbell 97] l The ORB maintains a representation of its own internal structure and allows: l Inspection l Dynamic Reconfiguration

6 IFIP/ACM Middleware’2000 6 dynamicTAO l Built as an extension of the TAO ORB [Schmidt et al] l Written in C++ l Modular design based on object-oriented design patterns l TAO already supported startup configuration, configuration file specifies strategies for l concurrency (threading model) l request demultiplexing l scheduling l connection management

7 IFIP/ACM Middleware’2000 7 Adding Support for Dynamic Configuration dynamicTAO exports an interface called DynamicConfigurator, supporting 1. Transfer of components across the distributed system 2. Loading and unloading components 3. Inspecting and modifying the configuration of the ORB (and of applications running on top it)

8 IFIP/ACM Middleware’2000 8 Reifying the ORB Structure ComponentConfigurator framework l Stores inter-component dependencies l Allows browsing, inspection, and reconfiguration l Can be customized through inheritance

9 IFIP/ACM Middleware’2000 9 dynamicTAO Structure

10 IFIP/ACM Middleware’2000 10 DynamicConfigurator IDL Interface interface DynamicConfigurator { stringList list_categories (); stringList list_implementations (in string categoryName); stringList list_loaded_implementations () stringList list_hooks (in string componentName); string get_hooked_comp (in string componentName, in string hookName); string get_comp_info (in string componentName);.

11 IFIP/ACM Middleware’2000 11 Manage Component Implementations loaded in memory long load_implementation (in string categoryName, in string impName, in string params,...); void hook_implementation (in string loadedImpName, in string componentName, in string hookName); void suspend_implementation (in string loadedImpName); void resume_implementation (in string loadedImpName); void remove_implementation (in string loadedImpName); void configure_implementation (in string loadedImpName, in string message);

12 IFIP/ACM Middleware’2000 12 Manage the ORB Persistent Component Repository void upload_implementation (in string categoryName, in string impName, in implCode binCode); void download_implementation (in string categoryName, inout string impName, out implCode binCode); void delete_implementation (in string categoryName, in string impName); };

13 IFIP/ACM Middleware’2000 13 Example of Dynamic Configuration 1. myRemoteOrb->upload_implementation (“Security”, “superSAFE”, superSAFE_impl); 2. newSecurityStrategy = myRemoteOrb->load_implementation (“Security”, “superSAFE”); 3. oldSecurityStrategy = myRemoteOrb->get_hooked_comp (“dynamicTAO”, “Security_Strategy”); 4. myRemoteOrb->hook_implementation (newSecurityStrategy, “dynamicTAO”, “Security_Strategy”); 5. myRemoteOrb->remove_implementation (oldSecurityStrategy);

14 IFIP/ACM Middleware’2000 14 Consistency l Dynamic reconfiguration may break the consistency of the internal ORB engine. l Consistency must be ensured by the ORB developer and by the component developer. Achieved by creating customized subclasses of the ComponentConfigurator class: l TAOConfigurator l Servant1Configurator l MonitoringStrategyConfigurator l...

15 IFIP/ACM Middleware’2000 15 Example of Consistent Dynamic Reconfiguration l Concurrency strategies 1. Reactive (single-threaded) 2. Thread-per-Connection 3. Thread-Pool l Switching from 1 or 2 to any other: OK l Switching from Thread-Pool: problematic

16 IFIP/ACM Middleware’2000 16 Implementing Reconfigurable ORB Components l Two major things to consider: 1. Transferring the state from the old component to the new component 2. Making sure that no dangling references to the old component remain Must customize TAOConfigurator or strategy configurator ( e.g. ThreadPoolConfigurator )

17 IFIP/ACM Middleware’2000 17 Accessing the ORB Reconfiguration Interface 1. Local or remote code through IDL 2. Telnet 3. Java GUI 4. Reconfiguration Agents

18 IFIP/ACM Middleware’2000 18 DOCTOR D ynamic O RB C onfiguration T ool

19 IFIP/ACM Middleware’2000 19 Reconfiguration with Mobile Agents l Suitable for Large-Scale Systems l Agents may carry l graph l reconfiguration script l state l results

20 IFIP/ACM Middleware’2000 20 Applications of Reflective ORBs l Completed Prototypes: l Flexible Object Monitoring Service l Dynamic Security Service l Ongoing work: l Multimedia applications l CORBA File System

21 IFIP/ACM Middleware’2000 21 Monitoring Distributed Object Interactions l dynamicTAO shows how to adapt l Applications also need to know when to adapt l Monitoring Service: l Can be dynamically loaded and unloaded l No modifications in the applications l Totally transparent to applications l Uses the CORBA request-level interceptor [OMG98a]

22 IFIP/ACM Middleware’2000 22 Monitoring Service Architecture

23 IFIP/ACM Middleware’2000 23 Monitoring Service Overhead l String getHello (); l Overhead: when monitoring getHello : 10.1% with Monitoring Service on, but without monitoring getHello : 2.0% Ultra-2 Ultra-60 ClientServer Fast Ethernet

24 IFIP/ACM Middleware’2000 24 Dynamic Security Service Prototype l Can be dynamically loaded and unloaded l Uses l CORBA request-level interceps. for access control l Cherubim Security Framework [Campbell & Qian 98] l Java Active Capabilities flexible dynamic policies l implemented: DAC, MAC l working on: RBAC, ABAC (?)

25 IFIP/ACM Middleware’2000 25 Related Work l Lancaster University [Blair et al 98] l Python implementation of a Reflective ORB l AspectIX [Hauck et al 98] l Configurable ORB using Aspect-Oriented Programming l COMERA [Wang and Lee 98] l Configurable COM middleware

26 IFIP/ACM Middleware’2000 26 Future and Ongoing Work l LegORB: a component-based reflective ORB l select only the ORB functionality you need l minimal configuration for client: 6KB l Implement a framework to support consistency in dynamic configuration: l state transfer l inter-component dependency management

27 IFIP/ACM Middleware’2000 27 Conclusions dynamicTAO is a powerful mechanism for l implementing non-functional ORB services l security l monitoring l communication mechanisms l clean separation of concerns, transparency l dynamic reconfiguration l adaptive applications

28 IFIP/ACM Middleware’2000 28 How to contact us e-mail: f-kon@cs.uiuc.edu 2K Web site: http://choices.cs.uiuc.edu/2K

29 IFIP/ACM Middleware’2000 29 The 2K Architecture

30 IFIP/ACM Middleware’2000 30 Security Architecture l Java Active Capabilities l Flexible Security Policies l Caching of Authorization Decisions l Auditing

31 IFIP/ACM Middleware’2000 31 Switching Thread-Pool  Thread-per-Connection (Example) l Problem 1: queued incoming connections waiting for a thread to execute them. l Solution: encapsulated the queue in an object and pass as an argument to the new strategy. l Problem2 : strategy code cannot be unloaded because threads return to it. l Solution: ThreadPoolConfigurator that keeps track of the threads handling client connections.

32 IFIP/ACM Middleware’2000 32 Future and Ongoing Work l Improve Security Service l how to provide security for millions of distributed objects efficiently? l Monitoring Service tools: l Specify what should be monitored l Visualize monitored data graphically

33 IFIP/ACM Middleware’2000 33 dynamicTAO Architecture

Download ppt "Monitoring, Security, and Dynamic Configuration with the dynamicTAO Reflective ORB Fabio Kon, Manuel Roman, Ping Liu, Jina Mao, Tomonori Yamane, Luiz C."

Similar presentations

MicroKernel Pattern Presented by Sahibzada Sami ud din Kashif Khurshid.

MicroKernel Pattern Presented by Sahibzada Sami ud din Kashif Khurshid.
COM vs. CORBA.

COM vs. CORBA.
1 Secure Dynamic Reconfiguration of Scalable Systems with Mobile Agents Fabio Kon, Binny Gill, Manish Anand, Roy Campbell, and M. Dennis Mickunas

1 Secure Dynamic Reconfiguration of Scalable Systems with Mobile Agents Fabio Kon, Binny Gill, Manish Anand, Roy Campbell, and M. Dennis Mickunas
Next Generation Distributed Systems: The and dynamicTAO approach Fabio Kon Department of Computer Science University of São Paulo, Brazil.

Next Generation Distributed Systems: The and dynamicTAO approach Fabio Kon Department of Computer Science University of São Paulo, Brazil.
©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 12 Slide 1 Distributed Systems Design 2.

©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 12 Slide 1 Distributed Systems Design 2.
©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 9 Distributed Systems Architectures Slide 1 1 Chapter 9 Distributed Systems Architectures.

©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 9 Distributed Systems Architectures Slide 1 1 Chapter 9 Distributed Systems Architectures.
Lecturer: Sebastian Coope Ashton Building, Room G.18 COMP 201 web-page: Lecture.

Lecturer: Sebastian Coope Ashton Building, Room G.18 COMP 201 web-page: Lecture.
GridRPC Sources / Credits: IRISA/IFSIC IRISA/INRIA Thierry Priol et. al papers.

GridRPC Sources / Credits: IRISA/IFSIC IRISA/INRIA Thierry Priol et. al papers.
Gaia: A Middleware Platform for Active Spaces 2008.07.16 Summarized by Dongjoo Lee, IDS Lab., Seoul National University.

Gaia: A Middleware Platform for Active Spaces Summarized by Dongjoo Lee, IDS Lab., Seoul National University.
1 Automatic Configuration of Component-Based Distributed Systems Ph.D. Thesis Defense Fabio Kon Advisor: Prof. Roy H. Campbell May 17, 2000.

1 Automatic Configuration of Component-Based Distributed Systems Ph.D. Thesis Defense Fabio Kon Advisor: Prof. Roy H. Campbell May 17, 2000.
Technical Architectures

Technical Architectures
Distributed Systems Architectures

Distributed Systems Architectures
Persistent State Service 1 Performance, Scalability and Management  Topic  Refining the object model  Threading models  Distributed callbacks  Iterators.

Persistent State Service 1 Performance, Scalability and Management  Topic  Refining the object model  Threading models  Distributed callbacks  Iterators.
CORBA Case Study By Jeffrey Oliver March 2003. March 17, 2003CORBA Case Study by J. T. Oliver2 History The CORBA (Common Object Request Broker Architecture)

CORBA Case Study By Jeffrey Oliver March March 17, 2003CORBA Case Study by J. T. Oliver2 History The CORBA (Common Object Request Broker Architecture)
CS 501: Software Engineering Fall 2000 Lecture 16 System Architecture III Distributed Objects.

CS 501: Software Engineering Fall 2000 Lecture 16 System Architecture III Distributed Objects.
Software Engineering and Middleware: a Roadmap by Wolfgang Emmerich Ebru Dincel Sahitya Gupta.

Software Engineering and Middleware: a Roadmap by Wolfgang Emmerich Ebru Dincel Sahitya Gupta.
Terminal Bridge Extension Over Distributed Architecture MSc. Sami Saalasti.

Terminal Bridge Extension Over Distributed Architecture MSc. Sami Saalasti.
Performance Management 1 Performance, Scalability and Management  Topic  Refining the object model  Threading models  Distributed callbacks  Iterators.

Performance Management 1 Performance, Scalability and Management  Topic  Refining the object model  Threading models  Distributed callbacks  Iterators.
Software Engineering Module 1 -Components Teaching unit 3 – Advanced development Ernesto Damiani Free University of Bozen - Bolzano Lesson 2 – Components.

Software Engineering Module 1 -Components Teaching unit 3 – Advanced development Ernesto Damiani Free University of Bozen - Bolzano Lesson 2 – Components.
Object Based Operating Systems1 Learning Objectives Object Orientation and its benefits Controversy over object based operating systems Object based operating.

Object Based Operating Systems1 Learning Objectives Object Orientation and its benefits Controversy over object based operating systems Object based operating.

Similar presentations

Ads by Google