Presentation is loading. Please wait.

Presentation is loading. Please wait.

Policy Based Data Management Environments (iRODS) Reagan W. Moore Arcot Rajasekar Mike Wan Mike Conway Antoine de Torcy Richard Marciano Jewel Ward

Published byMadlyn Patterson Modified over 8 years ago

Similar presentations

Presentation on theme: "Policy Based Data Management Environments (iRODS) Reagan W. Moore Arcot Rajasekar Mike Wan Mike Conway Antoine de Torcy Richard Marciano Jewel Ward"— Presentation transcript:

1 Policy Based Data Management Environments (iRODS) Reagan W. Moore Arcot Rajasekar Mike Wan Mike Conway Antoine de Torcy Richard Marciano Jewel Ward {moore,sekar,mwan}@diceresearch.org http://irods.diceresearch.org

2 Data Management Applications Data grids - Share data – RENCI regional data grid – Teragrid – Australian Research Collaboration Service Digital Libraries - Publish data – Texas Digital Library – French National Library Persistent archives - Preserve data – Carolina Digital Repository – NARA Transcontinental Persistent Archive Prototype Data processing pipelines – analyze data

3 Data Processing Pipelines Preservation Environment Ocean Observatories Initiative NARA Transcontinental Persistent Archive Prototype Carolina Digital Repository Large Synoptic Survey Telescope Digital Library Texas Digital Library French National Library Data Grid Teragrid Temporal Dynamics of Learning Center Australian Research Collaboration Service Taiwan National Archive

4 Cloud Storage Institutional Repositories Federal Repositories Carolina Digital Repository Texas Digital Library National Climatic Data Center National Optical Astronomy Observatory

5 5 User w/ Client Can Search, Access, Add and Manage Data & Metadata Access distributed data with Web-based Browser or iRODS GUI or Command Line clients. Overview of iRODS Architecture iRODS Data Server Disk, Tape, etc. iRODS Metadata Catalog Track information iRODS Data System iRODS Rule Engine Tracks Policies

6 Shared Collection

7 Ocean Observatories Initiative Sensors Cloud Computing External Repositories Cloud Storage Cache Message Bus Aggregate sensor data in cache SuperComputer Event Detection Remote locations Simulations Digital LibraryArchive Clients Remote Users Data Grid Multiple Protocols

8 8 8 Policy-based Data Management integrated Rule Oriented Data System Purpose - reason a data collection is assembled Properties- attributes needed to ensure the purpose Policies - controls for enforcing desired properties Procedures - functions that implement the policies State information - results of applying the procedures Assessment criteria - validation that state information conforms to the desired purpose Federation - controlled sharing of logical name spaces These are the essential elements for policy-based data management

9 Data Life Cycle Project Collection Private Local Policy Data Grid Shared Distribution Policy Digital Library Published Description Policy Data Processing Pipeline Analyzed Service Policy Reference Collection Preserved Representation Policy Federation Sustained Re-purposing Policy Stages correspond to addition of new policies for a broader community Virtualize the stages of the data life cycle through policy evolution The driving purpose changes at each stage of the data life cycle

10 Infrastructure Independence Storage System Storage Protocol Access Interface Policy Enforcement Points Standard Micro-services Map from the actions requested by the client to multiple policy enforcement points. Map from policy to standard micro-services. Map from micro-services to standard Posix I/O operations. Map from standard Posix I/O operations to the protocol supported by the storage system Standard I/O Operations Data Grid

11 Lessons Learned Scalability / Reliability / Robustness – Maintain interactivity through appropriate catalog indexing – Manage network outages at the client level – Minimize memory used Assessment / Audit trails – Query preservation metadata to validate properties – Map audit trails to standard events – Track actions from policy enforcement to procedure execution Federation / Extensibility / Ease of Use – Replicate metadata and records to a deep archive – Extensible architecture that enables software evolution – Provide simplest possible mapping from policies to record series

12 Level of Sophistication How many different access mechanisms are needed? How many different policy enforcement points should be checked? How many standard functions are needed to implement preservation procedures? How many preservation metadata attributes are needed to track preservation properties? How many preservation policies are needed?

13 Data Grid Clients (35)

14 Policy Enforcement Points (71) ACTION acCreateUser acDeleteUser acGetUserbyDN acTrashPolicy acAclPolicy acSetCreateConditions acDataDeletePolicy acRenameLocalZone acSetRescSchemeForCreate acRescQuotaPolicy acSetMultiReplPerResc acSetNumThreads acVacuum acSetResourceList acSetCopyNumber acVerifyChecksum acCreateUserZoneCollections acDeleteUserZoneCollections acPurgeFiles acRegisterData acGetIcatResults acSetPublicUserPolicy acCreateDefaultCollections acDeleteDefaultCollections POST-ACTION POLICY acPostProcForCreateUser acPostProcForDeleteUser acPostProcForModifyUser acPostProcForModifyUserGroup acPostProcForDelete acPostProcForCollCreate acPostProcForRmColl acPostProcForModifyAVUMetadata acPostProcForModifyCollMeta acPostProcForModifyDataObjMeta acPostProcForModifyAccessControl acPostProcForOpen acPostProcForObjRename acPostProcForCreateResource acPostProcForDeleteResource acPostProcForModifyResource acPostProcForModifyResourceGroup acPostProcForCreateToken acPostProcForDeleteToken acPostProcForFilePathReg acPostProcForGenQuery acPostProcForPut acPostProcForCopy acPostProcForCreate PRE-ACTION POLICY acPreProcForCreateUser acPreProcForDeleteUser acPreProcForModifyUser acPreProcForModifyUserGroup acChkHostAccessControl acPreProcForCollCreate acPreProcForRmColl acPreProcForModifyAVUMetadata acPreProcForModifyCollMeta acPreProcForModifyDataObjMeta acPreProcForModifyAccessControl acPreprocForDataObjOpen acPreProcForObjRename acPreProcForCreateResource acPreProcForDeleteResource acPreProcForModifyResource acPreProcForModifyResourceGroup acPreProcForCreateToken acPreProcForDeleteToken acNoChkFilePathPerm acPreProcForGenQuery acSetReServerNumProc acSetVaultPathPolicy

15 Rules Applied at Each Policy Enforcement Point Example Disposition Procedure composed from micro-services acPurgeFiles() { msiGetIcatTime(*Time,unix); acGetIcatResults(remove,DATA_EXPIRY < '*Time',*List); forEachExec(*List) { msiDataObjUnlink(*List,*Status); msiGetValByKey(*List,DATA_NAME,*D); msiGetValByKey(*List,COLL_NAME,*E); writeLine(stdout,Purged File *E/*D at *Time ); }

16 iput../src/irm.cchecks 10 policy enforcement points srbbrick14:10900:ApplyRule#116:: acChkHostAccessControl srbbrick14:10900:GotRule#117:: acChkHostAccessControl srbbrick14:10900:ApplyRule#118:: acSetPublicUserPolicy srbbrick14:10900:GotRule#119:: acSetPublicUserPolicy srbbrick14:10900:ApplyRule#120:: acAclPolicy srbbrick14:10900:GotRule#121:: acAclPolicy srbbrick14:10900:ApplyRule#122:: acSetRescSchemeForCreate srbbrick14:10900:GotRule#123:: acSetRescSchemeForCreate srbbrick14:10900:execMicroSrvc#124:: msiSetDefaultResc(demoResc,null) srbbrick14:10900:ApplyRule#125:: acRescQuotaPolicy srbbrick14:10900:GotRule#126:: acRescQuotaPolicy srbbrick14:10900:execMicroSrvc#127:: msiSetRescQuotaPolicy(off) srbbrick14:10900:ApplyRule#128:: acSetVaultPathPolicy srbbrick14:10900:GotRule#129:: acSetVaultPathPolicy srbbrick14:10900:execMicroSrvc#130:: msiSetGraftPathScheme(no,1) srbbrick14:10900:ApplyRule#131:: acPreProcForModifyDataObjMeta srbbrick14:10900:GotRule#132:: acPreProcForModifyDataObjMeta srbbrick14:10900:ApplyRule#133:: acPostProcForModifyDataObjMeta srbbrick14:10900:GotRule#134:: acPostProcForModifyDataObjMeta srbbrick14:10900:ApplyRule#135:: acPostProcForCreate srbbrick14:10900:GotRule#136:: acPostProcForCreate srbbrick14:10900:ApplyRule#137:: acPostProcForPut srbbrick14:10900:GotRule#138:: acPostProcForPut srbbrick14:10900:GotRule#139:: acPostProcForPut srbbrick14:10900:GotRule#140:: acPostProcForPut

17 Micro-services - How many are needed?

18 Micro-services (229)

19 State Information Attributes - How Many?

20 State Information Attributes (205)

21 Management Policies Arrangement – Organize records in series, and manage policies on each series Authenticity – For every record, record provenance metadata Chain of custody – For every record, manage an audit trail Integrity – For every record, manage two replicas and verify checksums – For every record, enforce retention and disposition Trustworthiness – Fore each series, validate ISO MOIMS-rac assessment criteria

22 Create and Apply Management Policies Maintain a repository of rules in iRODS – Rules characterized as XML files with input parameters explicitly characterized as rule parameters Build policy template and save in policy repository – Select which rule sets will be applied Map policy template to a record series (collection) – Add policy parameters as metadata on the record series On ingestion of a file into the record series: – Retrieve policies and parameters from the record series metadata – Invoke associated rules and apply preservation procedures This decouples the choice of access interface from the execution of your preservation policies

23 iRODS Distributed Data Management

24 Supported Storage Systems File systems - Windows, Linux, Mac Tape archives - HPSS, Sam-QFS Repositories - Flickr, Web sites Cloud storage- Amazon S3, EC2 Relational database - PostgreSQL, Oracle, mySQL Under development – Table driven resources

25 Modular Architecture Authentication – GSI (PKI), Kerberos, Shibboleth, Challenge-response Authorization – Roles, user groups, resource groups, policy constraints, ACLs Transport – TCP/IP (parallel I/O streams), Reliable Blast UDP Metadata catalog – PostgreSQL, mySQL, Oracle Distributed rule engine – Scheduler, messaging system, execution engine, rule base

26 Data Management Environments Production Systems - archives – Carolina Digital Repository – NARA Transcontinental Persistent Archive Prototype Production Systems - digital libraries – French National Library – Texas Digital Library Production Systems - data grids – Australian Research Collaboration Service – French National Institute for Nuclear Physics and Particle Physics – NSF iPlant Collaborative – NSF Teragrid – RENCI regional data grid – NSF Temporal Dynamics of Learning Center – National Optical Astronomy Observatories

27 27 iRODS is a "coordinated NSF/OCI-Nat'l Archives research activity" under the auspices of the President's NITRD Program and is identified as among the priorities underlying the President's 2011 Budget Supplement in the area of Human and Computer Interaction Information Management technology research. Reagan W. Moore rwmoore@renci.org http://irods.diceresearch.org NSF OCI-0848296 “NARA Transcontinental Persistent Archives Prototype” NSF SDCI-0721400 “Data Grids for Community Driven Applications”

Download ppt "Policy Based Data Management Environments (iRODS) Reagan W. Moore Arcot Rajasekar Mike Wan Mike Conway Antoine de Torcy Richard Marciano Jewel Ward"

Similar presentations

Texas Digital Library Services Preservation Network.

Texas Digital Library Services Preservation Network.
3 September 2004NVO Coordination Meeting1 Grid-Technologies NVO and the Grid Reagan W. Moore George Kremenek Leesa Brieger Ewa Deelman Roy Williams John.

3 September 2004NVO Coordination Meeting1 Grid-Technologies NVO and the Grid Reagan W. Moore George Kremenek Leesa Brieger Ewa Deelman Roy Williams John.
National Partnership for Advanced Computational Infrastructure San Diego Supercomputer Center Data Grids for Collection Federation Reagan W. Moore University.

National Partnership for Advanced Computational Infrastructure San Diego Supercomputer Center Data Grids for Collection Federation Reagan W. Moore University.
GFS OGF-22 Global Resource Naming Developers: Reagan Moore Arcot Mike.

GFS OGF-22 Global Resource Naming Developers: Reagan Moore Arcot Mike.
Www.ogf.org OGF-23 iRODS Metadata Grid File System Reagan Moore San Diego Supercomputer Center.

OGF-23 iRODS Metadata Grid File System Reagan Moore San Diego Supercomputer Center.
© 2006 Open Grid Forum OGF19 Federated Identity Rule-based data management Wed 11:00 AM Mountain Laurel Thurs 11:00 AM Bellflower.

© 2006 Open Grid Forum OGF19 Federated Identity Rule-based data management Wed 11:00 AM Mountain Laurel Thurs 11:00 AM Bellflower.
Data Management Systems Richard Marciano Reagan W. Moore Wayne Schroeder Arcot Rajasekar Mike Wan San Diego Supercomputer Center

Data Management Systems Richard Marciano Reagan W. Moore Wayne Schroeder Arcot Rajasekar Mike Wan San Diego Supercomputer Center
Data Grid: Storage Resource Broker Mike Smorul. SRB Overview Developed at San Diego Supercomputing Center. Provides the abstraction mechanisms needed.

Data Grid: Storage Resource Broker Mike Smorul. SRB Overview Developed at San Diego Supercomputing Center. Provides the abstraction mechanisms needed.
NATIONAL PARTNERSHIP FOR ADVANCED COMPUTATIONAL INFRASTRUCTURE SAN DIEGO SUPERCOMPUTER CENTER Particle Physics Data Grid PPDG Data Handling System Reagan.

NATIONAL PARTNERSHIP FOR ADVANCED COMPUTATIONAL INFRASTRUCTURE SAN DIEGO SUPERCOMPUTER CENTER Particle Physics Data Grid PPDG Data Handling System Reagan.
San Diego Supercomputer Center NARA Research Prototype Persistent Archive Building Preservation Environments with Data Grid Technology (NARA Research Prototype.

San Diego Supercomputer Center NARA Research Prototype Persistent Archive Building Preservation Environments with Data Grid Technology (NARA Research Prototype.
San Diego Supercomputer CenterNational Partnership for Advanced Computational Infrastructure1 Grid Based Solutions for Distributed Data Management Reagan.

San Diego Supercomputer CenterNational Partnership for Advanced Computational Infrastructure1 Grid Based Solutions for Distributed Data Management Reagan.
Integrated Rule Oriented Data System (iRODS) Reagan W. Moore Arcot Rajasekar Mike Wan

Integrated Rule Oriented Data System (iRODS) Reagan W. Moore Arcot Rajasekar Mike Wan
Wayne Schroeder, Paul Tooby Data Intensive Cyber Environments Team (DICE) DICE Center, University of North Carolina at Chapel Hill; Institute for Neural.

Wayne Schroeder, Paul Tooby Data Intensive Cyber Environments Team (DICE) DICE Center, University of North Carolina at Chapel Hill; Institute for Neural.
A Very Brief Introduction to iRODS

A Very Brief Introduction to iRODS
Towards a Federated Infrastructure for the Preservation and Analysis Archival Data Chien-Yi HOU Richard MARCIANO {chienyi, School.

Towards a Federated Infrastructure for the Preservation and Analysis Archival Data Chien-Yi HOU Richard MARCIANO {chienyi, School.
Extracting and Ingesting DDI Metadata and Digital Objects from a Data Archive into the iRODS extension of the NARA TPAP Using the OAI-PMH J. Ward, A. de.

Extracting and Ingesting DDI Metadata and Digital Objects from a Data Archive into the iRODS extension of the NARA TPAP Using the OAI-PMH J. Ward, A. de.
Applying Data Grids to Support Distributed Data Management Storage Resource Broker Reagan W. Moore Ian Fisk Bing Zhu University of California, San Diego.

Applying Data Grids to Support Distributed Data Management Storage Resource Broker Reagan W. Moore Ian Fisk Bing Zhu University of California, San Diego.
Brief Overview of Major Enhancements to PAWN. Producer – Archive Workflow Network (PAWN) Distributed and secure ingestion of digital objects into the.

Brief Overview of Major Enhancements to PAWN. Producer – Archive Workflow Network (PAWN) Distributed and secure ingestion of digital objects into the.
Robust Tools for Archiving and Preserving Digital Data Joseph JaJa, Mike Smorul, and Mike McGann Institute for Advanced Computer Studies Department of.

Robust Tools for Archiving and Preserving Digital Data Joseph JaJa, Mike Smorul, and Mike McGann Institute for Advanced Computer Studies Department of.
PAWN: A Novel Ingestion Workflow Technology for Digital Preservation

PAWN: A Novel Ingestion Workflow Technology for Digital Preservation

Similar presentations

Ads by Google