Secure and Trusted Virtual Organization Management
by Adomas Svirskas, Alvaro Arenas, Michael Wilson and Brian Matthews
TrustCoM is a European Integrated Project that aims to develop a framework for trust, security and contract management in dynamic Virtual Organizations.
The TrustCoM framework will enable the secure enactment of collaborative business processes in self-managed and dynamic value-chains of businesses and governments. One of the central aspects of TrustCoM research is VO (virtual organization) management, which aims to support dynamic virtual communities throughout their entire life cycle. Although proprietary implementations of VO management tools exist, secure tools based on interoperating open standards are not yet available. The open standards on which to build them are just being released as reliable implementations. The TrustCoM project provides an answer to these problems with its VO Management framework, based on the open Service-Oriented Architecture and open Web Services standards.
Current Grid-based VO management supports only the VO memberships function listing VO members who are entitled to use VO resources. It does not support the management of the risks associated with VO membership through:
- the identification of potential VO partners through reputation management
- the roles defined in business process models that VO partners perform to limit resource access and reputation transfer
- the contractual or SLA obligations on the VO for security and privacy
- the enforcement of policies derived from contracts for quality and timeliness of business process enactment.
The VO management subsystem should provide the services necessary for maintaining the VO structures, monitoring members' performance, enforcing VO policies, assigning members to play certain roles and perform tasks and so forth. In essence, the VO management process involves ensuring that the members of a VO play by commonly agreed-upon rules and that members' behaviour is observable, thus allowing these rules to be enforced.
The TrustCoM VO management component will not only provide a membership function but will also provide life-cycle and context management functions. These will provide a generic VO management layer that records membership as well as addressing the management of the risks of VO membership.
TrustCoM is following the life-cycle model developed in the VO roadmap project (Camarinha-Matos and Afsarnabesh, 2003), including phases such as identification, formation, operation/evolution and dissolution. The identification phase deals with setting up the VO; this includes selection of potential business partners by using search engines or looking up registries. VO formation involves partnership formation, including the VO configuration by a VO manager (who distributes information such as policies, Service Level Agreements (SLAs) etc), and the binding of the selected candidate partners into the actual VO. After the formation phase, the VO can be considered to be ready to enter the operation phase where the identified and properly configured VO members perform according to their role. Membership and structure of VOs may evolve over time in response to changes of objectives or to adapt to new opportunities in the business environment. Finally, the dissolution phase is initiated when the objectives of the VO have been fulfilled.
Making the creation, operation and dissolution processes rapidly responsive requires both the appropriate legal mechanisms and dynamic management of the VO. There appears to be an obvious match between the business-driven desire to create and manage dynamic VOs, and the technological solution available in composable Web services. Although proprietary IT implementations of composable Web service tools exist, secure tools for VO management (VOM) based on interoperating open standards are not yet available, let alone those that also address legal issues. Consequently, IT based dynamic VOM is confined to closed communities that have adopted a single proprietary solution. Although proprietary implementations of VO management tools can operate either within single organizations or across cooperative organizations, they also pose substantial adoption costs, which in turn are only justified by long-term relationships within the closed community using the proprietary approach.
In addition, the TrustCoM VO management solution will use, where appropriate, declarative specifications of VO management processes. This approach will allow the publishing of and access to commonly understood and approved protocols of VO management and VO members' interactions. Having these interactions explicitly choreographed will reduce the complexity of end-point software components of VO members' software, thus increasing the robustness, sustainability and efficiency of VO management procedures. TrustCoM is using WS-CDL specification (a candidate W3C standard) to specify choreographies and emerging open-source tools, which allow modelling and validation of the protocols as well as end-point generation for WSDL-based and BPEL-enabled services.
Tools for managing the identified risks are being developed in the TrustCoM framework for the trust, business process management, contracts and policy components respectively. Putting them together to manage the risks of joining and operating within a VO is the TrustCoM's innovation for VO management. The TrustCoM VO management component represents a generic VO application layer that ties together these TrustCoM components, and it is upon these components that individual VOs can build and incorporate specific applications (eg aerospace modelling tools, remote learning tools). By defining the standard VO management protocols based on open standards, TrustCoM is contributing to the establishment of VO management patterns that may be useful beyound the scope of the project itself.
Michael Wilson, CCLRC,
Tel: +44 1235 446619