Trust and Security for Next Generation Grids, Usage Control in Action: Controlling Resource Usage in a Grid-Based Supply Chain Lorenzo Blasi HP Italy Innovation Center February 2009
Trust and Security for Next Generation Grids, Agenda Business context / Grid proposal Business context / Grid proposal Solving the Vehicle Routing Problem Solving the Vehicle Routing Problem Security issues / GridTrust solution Security issues / GridTrust solution Architecture Architecture Future evolution Future evolution
Trust and Security for Next Generation Grids, Agenda Business context / Grid proposal Business context / Grid proposal Solving the Vehicle Routing Problem Solving the Vehicle Routing Problem Security issues / GridTrust solution Security issues / GridTrust solution Architecture Architecture Future evolution Future evolution
Trust and Security for Next Generation Grids, Business Context / Producers Competitiveness in the Pharmaceuticals market has increased Competitiveness in the Pharmaceuticals market has increased appearance of "generic" pharma products pressure from public institutions pharma products can now be sold in large retailers Producers' and Distributors' margins decrease Producers' and Distributors' margins decrease Transportation costs have big influence on final product price Transportation costs have big influence on final product price To reduce costs and maintain profit margins big industries have created their own e-procurement auctioning system for transportation services To reduce costs and maintain profit margins big industries have created their own e-procurement auctioning system for transportation services This leverages competition by searching the lowest possible price on each single transportation task This leverages competition by searching the lowest possible price on each single transportation task
Trust and Security for Next Generation Grids, Business Context / Transporters Small transporters, to avoid being crushed between raising prices and competitive pressure Small transporters, to avoid being crushed between raising prices and competitive pressure must increase the optimization level of their business The Transporters' Association proposes to its members a common Grid system that can optimize both routes and scheduling of their whole vehicles' fleets The Transporters' Association proposes to its members a common Grid system that can optimize both routes and scheduling of their whole vehicles' fleets Daily optimization is already a big leap forward for most transporters, but a Grid allows more than that: Daily optimization is already a big leap forward for most transporters, but a Grid allows more than that: to re-optimize the allocation of transportation tasks to vehicles every time that a quotation for a new one has to be produced, thus calculating the lowest possible price for each offer
Trust and Security for Next Generation Grids, The Transporters’ Association Grid Users Users Transporters Service Providers Service Providers 3 rd parties, e.g. Utility computing vendors Managing Application Managing Application TAportal, used by Transporters’ Association Computing Application Computing Application TAportal used by Transporters to submit computational jobs Supporting software Supporting software An implementation of Operational Research optimization algorithms (VrpSolve library) A standard format for representing the problem’s input/output data Example optimizer application
Trust and Security for Next Generation Grids, Agenda Business context / Grid proposal Business context / Grid proposal Solving the Vehicle Routing Problem Solving the Vehicle Routing Problem Security issues / GridTrust solution Security issues / GridTrust solution Architecture Architecture Future evolution Future evolution
Trust and Security for Next Generation Grids, The Vehicle Routing Problem (VRPTW) input data A fleet of M vehicles of capacity C A fleet of M vehicles of capacity C A central depot with coordinates (x 0, y 0 ) A central depot with coordinates (x 0, y 0 ) A list of N transportation tasks, where each task T i is defined by: A list of N transportation tasks, where each task T i is defined by: Destination vertex v i with coordinates (x i, y i ) Quantity q i of goods to be delivered Time window (r i, d i ) within which the node should be served r i defines the ready time or start time d i defines the due date or end time Service time s i for unloading goods
Trust and Security for Next Generation Grids, VRPTW problem and goal Can be formulated as a mathematical programming problem: objective function + constraints Can be formulated as a mathematical programming problem: objective function + constraints Problem: find a set of NV vehicle routes, originating from and terminating at the depot, such that Problem: find a set of NV vehicle routes, originating from and terminating at the depot, such that Each vehicle services one route Each vertex v i i=1..N is visited only once Quantity of goods on each vehicle never exceeds its capacity C Start time of each route is >= r 0 End time of each route is <= d 0 Time of beginning of service at vertex i is >= r i If arrival time t i at vertex i is < r i then the vehicle waits for a waiting time w i = (r i - t i ) Time of ending of service at vertex i is <= d i Goal: minimize NV and then the total distance TD Goal: minimize NV and then the total distance TD Complexity: NP-hard (for optimal solution) Complexity: NP-hard (for optimal solution) Benchmark problems of size up to 100 customers have been proposed [Solomon 1987] Benchmark problems of size up to 100 customers have been proposed [Solomon 1987]
Trust and Security for Next Generation Grids, Example: Solomon benchmark R103 VEHICLE NUMBER CAPACITY CUSTOMER CUST NO. XCOORD. YCOORD. DEMAND READY TIME DUE DATE SERVICE TIME
Trust and Security for Next Generation Grids, MACS - Multiple Ants Colony Systems MACS-VRPTW algorithm [Gambardella et al 1999] allows multi-objective optimization MACS-VRPTW algorithm [Gambardella et al 1999] allows multi-objective optimization Algorithm defines two ant colonies, ACS-TIME and ACS-VEI Algorithm defines two ant colonies, ACS-TIME and ACS-VEI Each ants colony is dedicated to optimizing a different objective function Each ants colony is dedicated to optimizing a different objective function ACS-VEI minimizes the number of vehicles ACS-TIME minimizes the total travel time (cost) The two ants colonies cooperate exchanging information through the update of a single pheromone matrix The two ants colonies cooperate exchanging information through the update of a single pheromone matrix Number of vehicles minimization takes precedence over travel time minimization (when comparing solutions) Number of vehicles minimization takes precedence over travel time minimization (when comparing solutions)
Trust and Security for Next Generation Grids, R103 routes The strange rings / butterfly wings are due to the need to avoid or minimize waiting time in nodes where the goods are not yet ready
Trust and Security for Next Generation Grids, Ants Colony System algorithms Ant Colony Algorithms are inspired by observation of real ants [Dorigo Maniezzo Colorni 1991] Ant Colony Algorithms are inspired by observation of real ants [Dorigo Maniezzo Colorni 1991] Real ants are insects organized in colonies Real ants are insects organized in colonies Ants search for food by parallel exploration of the environment Ants search for food by parallel exploration of the environment Ants coordinate their activity by an indirect form of communication based on pheromone laying Ants coordinate their activity by an indirect form of communication based on pheromone laying Ants follow pheromone trails and lay more of it on their way Ants follow pheromone trails and lay more of it on their way
Trust and Security for Next Generation Grids, How ants find food Ants explore the environment randomly while laying pheromone on their trail Ants explore the environment randomly while laying pheromone on their trail When an ant finds food it follows its own pheromone trail back to the nest while laying more pheromone on the trail When an ant finds food it follows its own pheromone trail back to the nest while laying more pheromone on the trail Other ants crossing the reinforced trail follow it and lay even more pheromone Other ants crossing the reinforced trail follow it and lay even more pheromone
Trust and Security for Next Generation Grids, How ants optimize the nest-food path More than one path may be found from nest to food More than one path may be found from nest to food The shortest path receives more pheromone and more frequently The shortest path receives more pheromone and more frequently Thus sooner or later all the ants follow the shortest path Thus sooner or later all the ants follow the shortest path
Trust and Security for Next Generation Grids, Agenda Business context / Grid proposal Business context / Grid proposal Solving the Vehicle Routing Problem Solving the Vehicle Routing Problem Security issues / GridTrust solution Security issues / GridTrust solution Architecture Architecture Future evolution Future evolution
Trust and Security for Next Generation Grids, Security Issues By default, in a business environment, Users and Service Providers By default, in a business environment, Users and Service Providers Don’t KNOW each other Don’t TRUST each other The Transporter Association must The Transporter Association must Ensure that only its members use the Grid resources Guarantee a secure environment for competing transporters using the same resources Guarantee Service Providers that their security policies will not be violated by Grid (transporters) users A B C
Trust and Security for Next Generation Grids, GridTrust Solution Ensure that only TA members use the Grid resources Ensure that only TA members use the Grid resources TA members form a Virtual Organization Guarantee a secure environment for competing transporters using the same resources Guarantee a secure environment for competing transporters using the same resources Select only (Grid)Trusted SPs which have suitable security policies Guarantee SPs that their security policies will not be violated by Grid users Guarantee SPs that their security policies will not be violated by Grid users Usage Control Service enforces SP policies A B C
Trust and Security for Next Generation Grids, Secure VO Operation: granting access to services VO Service 1 Denied Service 2 Non-VO user VO user SP1 Service 1 OK SP2 PKI A
Trust and Security for Next Generation Grids, Secure VO Operation: selecting secure services VO Manager VO SR B Select SPs SP1 SP2 Join VO Search SPs Register VBE Manager B
Trust and Security for Next Generation Grids, Secure VO Operation: usage control TRS VO Application 2 VO user SP1 Application 1 Denied OK SP2 Applications can open the HP libs if the user reputation is > 0.7 Applications can open files only in the user home directory C
Trust and Security for Next Generation Grids, Agenda Business context / Grid proposal Business context / Grid proposal Solving the Vehicle Routing Problem Solving the Vehicle Routing Problem Security issues / GridTrust solution Security issues / GridTrust solution Scenario / Architecture Scenario / Architecture Future evolution Future evolution
Trust and Security for Next Generation Grids, Scenario Transporters’ Association (TA) Administrator sets up TA Grid Portal and VO Transporters’ Association (TA) Administrator sets up TA Grid Portal and VO Create VO Select and add Computational providers Add VO users A good transporter A good transporter Submitting jobs to solve routing problem A malicious transporter A malicious transporter Trying to steal data from competitors Trying to steal data from providers
Trust and Security for Next Generation Grids, What if a bad transporter wants to steal data from competitors? Transporters using the same Grid services are in competition between them Transporters using the same Grid services are in competition between them All transporters are interested in competitors’ data, so let’s suppose that one of them wants to play bad All transporters are interested in competitors’ data, so let’s suppose that one of them wants to play bad The bad transporter writes an application (BadApp01) which tries to steal data of sibling applications in execution on the same Grid computational node The bad transporter writes an application (BadApp01) which tries to steal data of sibling applications in execution on the same Grid computational node The starting idea is that data for all calculations on the same node are hosted in temporary directories under the same root The starting idea is that data for all calculations on the same node are hosted in temporary directories under the same root BadApp01 so tries to navigate in sibling directories and pack all their contents in a single jar which will be then sent back as the application output, but… BadApp01 so tries to navigate in sibling directories and pack all their contents in a single jar which will be then sent back as the application output, but… …UCON policies of the computational node don’t allow it! …UCON policies of the computational node don’t allow it!
Trust and Security for Next Generation Grids, What if a bad transporter wants to steal data from providers? Routing optimization algorithm ideally uses a map, which has an associated DT matrix giving Distance (or Time) between any pair of locations Routing optimization algorithm ideally uses a map, which has an associated DT matrix giving Distance (or Time) between any pair of locations Solution precision depends on the quality of the DT matrix data Solution precision depends on the quality of the DT matrix data DT matrix (map) data is precious and local to each SP DT matrix (map) data is precious and local to each SP SPs make money from DT matrix data and allow clients to access it only after payment of a fee SPs make money from DT matrix data and allow clients to access it only after payment of a fee Reselling DT matrix data is prohibited by the license agreement Reselling DT matrix data is prohibited by the license agreement The bad transporter writes an application (BadApp02) which tries to steal DT matrix data and make it available over the net, with the idea of reselling it The bad transporter writes an application (BadApp02) which tries to steal DT matrix data and make it available over the net, with the idea of reselling it BadApp02 is built as a web server, accepting connections from Internet clients and providing DT matrix data as answer to requests, but… BadApp02 is built as a web server, accepting connections from Internet clients and providing DT matrix data as answer to requests, but… …UCON policies of the computational node don’t allow it! …UCON policies of the computational node don’t allow it!
Trust and Security for Next Generation Grids, Architecture TA portal / VOM operated by VO admin TA portal / VOM operated by VO admin VO user VO user Computational providers (GRAM+UCON) Computational providers (GRAM+UCON) VBE Manager + CA VBE Manager + CA SRB + TRS + PPM SRB + TRS + PPM Graphical Reputation Monitor Graphical Reputation Monitor
Trust and Security for Next Generation Grids, Service Deployment for the Supply Chain Demo SRB C-UCON VO MGT GridTrust CA TRS PPM
Trust and Security for Next Generation Grids, Libraries GRAM UCON Libraries GRAM UCON VBEM GRAM SP registr register create VO SearchSP SelectSP SRB PPM TR VO User SearchSP JoinVO JoinUserToVO Transporter Association Portal VO library VOM Submit job JoinSPToVO JoinVBE TR Monitor GUI VO Admin create VO JoinUserToVO JoinSPToVO CA Java Appl DATA Feedback
Trust and Security for Next Generation Grids, Agenda Business context / Grid proposal Business context / Grid proposal Solving the Vehicle Routing Problem Solving the Vehicle Routing Problem Security issues / GridTrust solution Security issues / GridTrust solution Architecture Architecture Future evolution Future evolution
Trust and Security for Next Generation Grids, Future evolution of the scenario Auctioning system Auctioning system Transporter’s automated bidding system Transporter’s automated bidding system Get new task from each auction Add task to current task list Re-route whole fleet Calculate incremental cost Produce bid N transporters in parallel N transporters in parallel To give a sample size to the scenario imagine: To give a sample size to the scenario imagine: 10 producers create an auction for each of their 50 daily transportation tasks 30 transporters that bid on every auction it is 500 auctions per day (nearly one every minute in working hours), spawning jobs of routing optimization every day
Trust and Security for Next Generation Grids, Auction based supply chain Fist-Price Sealed-Bid reverse auction model Fist-Price Sealed-Bid reverse auction model Producers (auction proponents) produce RfQs for transportation tasks Producers (auction proponents) produce RfQs for transportation tasks Transporters can recalculate routing exploiting routing computational services running on Grid resources Transporters can recalculate routing exploiting routing computational services running on Grid resources Auctioning system’s offers selection is based on customer requirements: best time / lowest price / transporter’s reputation / a combination of the above Auctioning system’s offers selection is based on customer requirements: best time / lowest price / transporter’s reputation / a combination of the above Producers create a Delivery VO (auction and delivery management) Producers create a Delivery VO (auction and delivery management) Transporters use Routing VO to compute best routes for answering the auction Transporters use Routing VO to compute best routes for answering the auction
Trust and Security for Next Generation Grids, Thanks! For more information please contact: Lorenzo Blasi - HP Italy Innovation Center