ContentslistsavailableatScienceDirect
Journal
of
Computational
Science
j o u r n al ho me p a g e :w w w . e l s e v i e r . c o m / l o c a t e / j o c s
Flexible
composition
and
execution
of
large
scale
applications
on
distributed
e-infrastructures
Stefan
J.
Zasada,
David
C.W.
Chang
1,
Ali
N.
Haidar
2,
Peter
V.
Coveney
∗CentreforComputationalScience,UniversityCollegeLondon,20GordonStreet,LondonWC1H0AJ,UnitedKingdom
a
r
t
i
c
l
e
i
n
f
o
Articlehistory:Received18February2013
Receivedinrevisedform9September2013 Accepted24October2013
Availableonline1November2013 Keywords:
E-infrastructure
Highperformancecomputing Applicationvirtualization Usability
a
b
s
t
r
a
c
t
Computersimulationisfindingaroleinanincreasingnumberofscientificdisciplines,concomitantwith theriseinavailablecomputingpower.Marshallingthispowerfacilitatesnew,moreeffectiveanddifferent researchthanhasbeenhithertopossible.Realizingthisinevitablyrequiresaccesstocomputationalpower beyondthedesktop,makinguseofclusters,supercomputers,datarepositories,networksanddistributed aggregationsoftheseresources.Theuseofdiversee-infrastructurebringswithittheabilitytoperform distributedmultiscalesimulations.Accessingonesuchresourceentailsanumberofusabilityandsecurity problems;whenmultiplegeographicallydistributedresourcesareinvolved,thedifficultyiscompounded. Inthispaperwepresentasolution,theApplicationHostingEnvironment,3whichprovidesaSoftwareasa
Servicelayerontopofdistributede-infrastructureresources.Wedescribetheperformanceandusability enhancementspresentinAHEversion3,andshowhowthesehaveledtoahighperformance,easyto usegatewayforcomputationalscientistsworkingindiverseapplicationdomains,fromcomputational physicsandchemistry,materialssciencetobiologyandbiomedicine.
©2013ElsevierB.V.Allrightsreserved.
1. Introduction
Today’scomputationalscientistsfaceagrowingnumberof chal-lengeswhichaffecttheirabilitytofullyexploitthecomputational resources,madeavailabletothemviasocallede-infrastructures (suchasPRACE,EGIorEUDATinEurope,orXSEDEintheUSA). Firstly, they have an unprecedented amount of computational poweravailabletothem,whichwillcontinuetogrowinexorablyin thefuture,presentingmanyopportunitiesaswellaschallengesto anincreasingnumberofscientificdisciplinesthatrelyoncomputer basedmodellingandsimulation.
Secondly, the architecturesof these largescale high perfor-mance computing(HPC) machinespoint to a growingtrend of computerscomprisedofhybridsofscalarandvectorprocessors
[1,2].Thisrequiresapplicationscientists toensuretheircodeis optimizedtotakefulladvantageofthehybridarchitectureofa specificmachine.Gridcomputing[3,4]hassoughttosimplifyend useraccesstoanduseofHPCresources,butthemiddlewaretools developedtorealizethecomputationalgridconcepthaveseldom
∗ Correspondingauthor.
E-mailaddress:[email protected](P.V.Coveney).
1 Nowat:TheGraduateSchoolofBiomedicalEngineering,UniversityofNew SouthWales,Sydney,Australia.
2 Nowat:HSBC,CanadaSquare,London,UK.
3AHEisavailabletodownloadundertheLGPLlicensefrom:https://sourceforge. net/projects/ahe3/.
provided the transparency and ease of use envisaged [5]. The challengesdescribedabovearecompoundedwhenoneattempts toinvokemultipleresources,inordertoachievemorethanjust thesumoftheirindividualparts[6].
Alongsidegridcomputingwehavewitnessedthedevelopment ofcloudcomputing.Cloudcomputingrepresentsafastgrowing businessmodelthat seekstocommoditize computational infra-structure,andprovideaccesstovariousdistributedresourcessuch asCPU, memoryand storage(knownas infrastructureservices) andapplications(softwareasservices).Itisarapidlygrowingarea duetomajorstrategicinvestmentsfromglobalsoftwarecompanies suchasMicrosoft,Amazon,GoogleandIBM.Cloudstoragetodayis growinginpopularity,particularlyduetoitsshareddataatlowcost capabilities.Nonetheless,therearemanysecurityandlegalissues incloudcomputingthatareyettoberesolved.
The Application HostingEnvironment [7,8] is a middleware layerdesignedtosimplifytheuser’sabilitytoexploit computa-tionalresourcesbeyondthedesktop,greatlyfacilitatingtheuseof e-infrastructure.Ithasbeendeployedinsupportofadiverseset ofprojects,includingHIV-1proteasemodelling[9],immune sys-temsimulation[6],andlargescalematerialsmodelling[10].AHE seekstoconvergetheSoftwareasaServicemodelofcloud com-putingwithhighperformancegridcomputing.Inthispaperwewill discusstheconceptsbehindAHE,anddescribeindetailthelatest versionoftheApplicationHostingEnvironment,AHE3.0,whichhas beenreimplementedusingRESTfulservices[11]ratherthanWSRF services[12].Wewilldemonstratehowtheworkwehavedoneto redesignAHE3.0hasledtoasignificantincreaseinperformance
1877-7503/$–seefrontmatter©2013ElsevierB.V.Allrightsreserved. http://dx.doi.org/10.1016/j.jocs.2013.10.009
comparedtoAHE2.0[8],andweshowhowthisnewversionof AHEisbenefitingvariousongoingresearchprojects.
2. Serviceorientedcomputationalscience
Virtualization is a broad term used in computer science to describethe abstraction of resources.Application virtualization describesarangeoftechnologiesdesignedtoseparatean appli-cationfromtheoperatingsystemthatitrunson.Inmanycases thisisachievedbyintroducingcompatibilitylayersaround under-lyingoperatingsystemfeaturesandlibraries,forexampletheWINE systemusedtorunWindowsapplicationsonUNIXsystems[13].
Thekeyaimofvirtualizationistoabstractawayallthedetails ofanunderlyinghardwareorsoftwaresystemfromtheconcernof theuser.Thebenefitsaremanifold:developerscancodetoasingle virtualizedinterfaceorsystemratherthanforaspecifichardware implementation;multiplevirtualinstancesofasystemcanoften berunsidebysideonasinglephysicalsystem(inmachine virtu-alizationforexample);andphysicalresourcescanbeprotected.
Thegrowthofvirtualizationtechnologies, alongwithservice orientedarchitectures(SOA),hasalsodriventhedevelopmentof cloudcomputing.The useofvirtualizedinterfaces and systems meansthatthespecificdetailsofacloud’sarchitecturearehidden fromconsumersofthecloudresources.Severalcloudcomputing modelsexist;theInfrastructureasaService(IaaS)cloudparadigm typicallytakestheformofvirtualizedserversrunningonhardware platformsmanagedbythecloudhostingcompany,whereeachuser isgivenaccesstooneormorevirtualservers,solelyundertheir con-trol.Thisalsoprovidesadegreeofelasticity,asthenumberofvirtual machinesinacloudenvironmentcanbegreaterthanthenumber ofphysicalserversavailabletothehostingentities.TheSoftware asaService(SaaS)cloudparadigmdeliversaccesstoapplications centrallyhostedonacloudplatform,typicallyviaawebbrowser.
While virtualization technologiescertainly reduce the com-plexityof using a system,and especially when workingacross multipleheterogeneous computing environments, they are not widelydeployedinhighperformancecomputingscenarios.Asits namesuggest,HPCseekstoobtainmaximumperformancefrom computingplatforms.Extrasoftwarelayersimpactdetrimentally onperformance,meaningthatinHPCscenariosuserstypicallyrun theapplicationsasclosetothe‘baremetal’aspossible.Inaddition totheperformancedegradationintroducedbyvirtualization tech-nologies,choosingwhatdetailstoabstractinavirtualizedinterface isitselfveryimportant.Gridandcloudcomputingsupportdifferent interactionmodels.Ingridcomputing,theuserinteractswithan individualresource(orsometimesabroker)inordertolaunchjobs intoaqueuingsystem.Incloudcomputing,usersinteractwitha vir-tualserver,ineffectputtingthemincontroloftheirowncomplete operatingsystem.Bothoftheseinteractionmodelsputtheonuson theusertounderstandveryspecificdetailsofthesystemthatthey aredealingwith,makinglifedifficultfortheenduser,typicallya scientistwhowantstoprogresshisorherscientificinvestigations withoutanyspecificusabilityhurdlesobstructingthepathway.
To address these problems, we have developed a software layer designed to implement the Software as a Service cloud paradigmforscientificapplicationsthatrelyonhighperformance computing,mediatedbytheApplicationInteractionModelwhich wedescribeinSection3,derivedfromtheuserrequirementsalso discussedinSection3.Thismodelisbasedontheinsightthatmany e-infrastructuresimposea steeplearning curveonthemajority ofend users,whodonotpossessthetechnicalexpertiseforthe mostparttocompile,optimize,install,debugandfinallylaunch theirapplications; they simply want to run theirapplications, obtainresultsandfocusontheirscientificendeavours.Whilean applicationmayconsistofasingleexecutionofacomputational code,itcouldalsoconsistofacomplexsetofoperationsinvolving
multiplecodes,connectedasaworkflow;AHEenablesallkindsof applicationstobetreatedassimple“atomic”units,helpingrealize theoriginalvisionofagridas“distributedcomputingperformed transparentlyacrossmultipleadministrativedomains”[14].
3. Userrequirements
Forsupercomputerclassapplications,theusergenerallyhasto install his/herown application,ifthat applicationis not oneof thefewcommunitycodespre-installedonthemachine;itisnot possiblesimplytostageanexecutabletothetargetresourceas itrequirestoomuchbespoketailoringtotheparticularhardware setupoftheresource.Generallyagroupofresearcherswillwant tousethesameapplicationonaresource.However,manyusers willnotknowwhereaparticularapplicationisinstalledona tar-getsystem,norwilltheynecessarilyknowthebestwaytorunthe applicationonaparticularsystem.Often,withsupercomputerclass systems,applicationshavetoberuninspecificwaystoachievethe bestperformance.Thecommunity’sexpertusersmustspendtime educatingotherusersonthevagariesofdifferentqueuingsystems andmachines.Typically,theenduserwillneedtostagedatatothe supercomputerbeforehe/sheisabletoexecuteherapplication. Therefore,thesupercomputermustprovideaccessibleinterfaces overwhichdatacanbestaged.Inordertolaunchanapplication, theusershavetoprepareadescriptionofthejobthattheywant torun,whichissubmittedtothequeuemanagementsystemon theirtargetresource,inaformatthatthequeuemanagement sys-temunderstandsandwhichispotentiallyincompatiblewithother instancesofthesamequeuemanagementsystemrunningonother resources.Once thejobhasbeen submitted,usersmonitorthe progressoftheirjobsthroughthequeuingsystem,usinginterfaces providedbytheresources.
Distributedapplicationscanconsistofmultiplecomputational codeslaunchedonmultipleresources,connectedtogetheras work-flowsof operations, aswellas singlecodes launchedonsingle resources.Applicationscangettheirdatafrommultiplesources, suchas online datarepositories and databases, and store their outputdatainsimilarresources.Typically,userswillbegiven allo-cationsoftimeonindividualgridresources,orthee-infrastructure asawhole,throughawardsmadetotheirproject’sprincipal investi-gator.Theseallocationswillhaveanotionalassociatedcost,thecost perCPUhour,derivedbytheresourceoperatorfromtheirrunning costsandaprojectedresourceutilization.Suchallocationmodels inhibitthemostcreativeuseofandwaysofexploitingdistributed e-infrastructure.
Thescientificenduser’sprimaryconcernisrunningtheir appli-cationinatimelyfashion,inordertoobtainresultsthatfurther theirscientificobjectives.Alltheservicesandfacilitiesprovidedby agridshouldbesubservienttothisend.Typically,theuserdoesnot evencarewhichmachineonthegridtheirapplicationisrunon,as longasresultsaredeliveredwithinatimeframethatmakesthem useful,whetherthatisthetimetopublishascientificpaper,orthe timetoconductapotentiallylife-savingmedicalsimulation[15].
Afurtherproblem facedby end-usersand administrators of computational e-infrastructures arises in connection with the usability ofthe securitymechanismsusually deployed inthese environments, in particular identity management. Many of the existing computationalgrid environmentsusePublicKey Infra-structure(PKI)andX.509digitalcertificatesasacornerstonefor theirsecurityarchitecture.However,itiswelldocumentedthat security solutions based on PKI lack user friendliness for both administrators andend-users,which is essentialfor theuptake of any grid security solution [16,17]. The problems stem from theprocessofacquiringX.509digital certificates,whichcanbe alengthyone,andgeneratingproxycertificatestogetaccessto remoteresourcesaspartoftheauthenticationprocess[17].Asa
result,manyusersengageinpracticeswhichweakenthesecurity oftheenvironment,suchasthesharingoftheprivatekeyofasingle personalcertificate,togetonwiththeirtasks.
Frommanyyearsofworkingwithhigh-endcomputing appli-cations,wehavebeenabletoderiveasetofrequirementsfora systemdesignedtomaketheuseofdistributedandHPC applica-tionstransparenttotheenduser.Currente-infrastructuresfocus onsubmittingjobstobatchschedulersoncomputationalresources, meaningtheuser hastointeractatboth job andresource lev-els.Sinceusers’predominantinterestisrunningtheirapplication withinausefultimeframe,thefirstrequirementofourusability modelisthatitshouldpromoteapplicationsasafirstclassresource concept.Alluserinteractionsshouldbewiththeapplication,rather thanthemachine,schedulerandjob.
Currente-infrastructurejobsubmission mechanismsputthe onusontheusertomanageand curatetheirapplication’s out-putdata.Our modelpreservesthefullstateof eachinstanceof anapplication,includingallparametersanddatausedtolaunch theapplication,andallsimulationoutput.Thisassistswith trac-ingtheprovenanceofsimulationresults,andiskeytosimulation reproducibility.Currentgridmiddlewaretoolsrequiretheuserto performanumberofstepsinordertolaunchtheircode.Ourmodel reducesthenumber ofstepsrequiredtotheminimumnumber possibleinordertosuccessfullyrunanapplication.
Currentsystemsrequiretheusertogeneratecomplicatedjob descriptiondocumentsinordertosubmittheirapplication.Our modelallowstheusertolaunchtheirapplicationusingthesimplest setofrequirementspossible,andtakescareofgenerating what-everjobdescriptionsthemiddlewareontheunderlyingresource requires[17].Usersofsupercomputerclass resourcesmayhave accesstoanumberofsuchresourcesviadifferentcomputational grids, runningdifferent gridmiddlewarestacks,requiring them tolearn howtousedifferentmiddleware toolstosubmit their jobs [18]. Our model presents a uniform interface to users to access resourcesrunning differentmiddleware stacks, allowing themtotransparentlyaccessnotonlysinglegridsbutalsofederated resourcesfrommultiplegrids.
3.1. TheApplicationInteractionModel
Basedonouruserneedsanalysiswehavederivedthe Appli-cationInteractionModel,designedtoallowuserstoeasilycontrol virtualizedapplicationsrunningonremotee-infrastructures. Tra-ditionally,HPCfocusesontheconceptof‘jobs’todescribedistinct workloadssubmittedtoabatchqueue.Wepurposefullyfocuson theconceptofapplications.Anapplicationisa higherlevel con-ceptthana job;althoughan applicationcouldberealizedbya singleHPCjob,itcouldequallycorrespondtoacoupled simula-tion,wheretwocodes(launchedastwoHPCjobs)passparameters betweenthemselves,orasteeredapplicationwhichrequires steer-ingWebservicestobeinitializedbeforethecodeislaunched,ora workflowofarbitrarycomplexity.Howevertheapplicationis com-posedtheusershouldstillinteractwithasingleentitytocontrol theexecutionofallcomponentsoftheapplication.
WedefinetheApplicationInteractionModelasfollows:
(i)Thevirtualizedapplicationisthecentralentityinthe Applica-tionInteractionModel.
(ii)An application does not necessarily correspond to a sin-gle computationalcode– itcouldbecomposedofmultiple computational codes linked together in a workflow, or a computational code and associated steering Web services. However,itispresentedtotheuserasasingleapplication. (iii)Theapplicationencapsulatesallofthedetailsofhowtolaunch
it,suchaswherethebinariesthatconstitutetheapplication arelocated,howtointeractwithindividualresourcesandso
Fig. 1.The ApplicationInteraction Model underpinningAHE. Theapplication instanceisthecentralentityrepresentingeachinstanceofanapplicationthatauser launches.Alluserinteractionismediatedviatheapplicationinstance,which sup-portsoperationstolaunch,monitorandterminatetheapplication,andtomanage datasharing.
on.Thesedetailsareshieldedfromtheuser,whodoesnotneed toknowanythingabouttheunderlyingdetails.
(iv)Eachinstance of an applicationis controlled by a separate applicationinstance,throughwhichitiscontrolled.The appli-cationinstanceencapsulatesallofthestateassociatedwith thatrunoftheapplication,suchastheinputandoutputdata, theapplicationparametersandsoon.
(v)Alluserinteractionoccursthroughthevirtualizedapplication instance,whichcausesthecomputationalcode(s)that consti-tutetheapplicationtobelaunchedonback-endcomputational resources.
(vi)Operationsontheapplicationinstanceallowtheusertostage dataassociatedwiththeapplicationtotheresourcewhereitis needed,launch,monitorandterminatetheapplication.These operationshaveaneffectonthecodesrunningonremotegrid resources.
Aschematicrepresentationofthisinteractionmodelisshownin
Fig.1.Theprincipalmotivationbehindthisapproachistosimplify theuseofe-infrastructures,byintroducinganabstraction layer betweentheusersandthehighendcomputingresources avail-abletothemwhichhidesthecomplexityofthelatter,providingan abstractinterfacetoscientificapplicationsdeployedonagrid.This abstractionlayertakescareoftheprocessoflaunchingthe appli-cationononeormoreHPCresources,andreducestheinteraction withanapplicationtothoseoperationsmostrelevanttotheuser.
The Application Interaction Model implies that the task of deployingandconfiguringanapplicationistakencareofbya sys-temadministrator,ora community’s‘expertuser’.Thisdrawsa parallel withmanydifferentcommunities that useapplications onhighperformancecomputingresources,suchastheUK Col-laborativeComputationalProjects(CCPs)[19],wherea groupof programmers developa code, whichtheythen distributetoan end usercommunity.Oncetheexpert userhasconfiguredAHE toshareanapplication,enduserscaninvokeclientsinstalledon theirworkstation, tablet ormobile phonetolaunch and moni-tortheapplicationacrossavarietyofgeographicallydistributed computationalresources.
4. TheApplicationHostingEnvironment
TheApplicationHostingEnvironment(AHE)isour implemen-tationoftheApplicationInteractionModel.AHEisbasedontwo
keyconceptstopromoteusability:applicationvirtualizationand communityapplicationsharing.Applicationvirtualizationallows developerstocodeagainstasinglevirtualizedinterfaceinsteadof thespecificunderlyingsoftwareorhardwaresystem,anditalso allowsmultiplevirtualizedinstancestoberunsidebysideona sin-glephysicalsystem.TheconceptofanapplicationinAHEdoesnot necessarilyimplyasinglecomputationalcodeexecutedonasingle HPCresource.AvirtualizedapplicationinAHEcanbecomprised ofmorecomplexworkflows,suchascoupledsimulationswhere multipleapplicationsarerequiredtopassdatatoeachother,for examplecoupledquantumandmolecularlevelsimulations,made upofseparatecodesthatexchangedataviafiles[20].
AHEis builtaround theideaof a communitymodel. In this paradigm,anexpertuserisrequiredtosetupandconfigureAHE withdetailsofascientificapplication,thedistributed(grid) infra-structureitisdeployedonandthenusesAHE’sRESTfulinterface tosharethisscientificapplicationtransparentlywithagroupof endusers.Theresourcesthataparticularapplicationisdeployed ontoarechosenbasedonthecharacteristicsandrequirementsof theapplication.Anendusercanthenlaunchandmonitor applica-tionsthroughtheAHEdesktopGUIclient,webclientorcommand lineclient(describedinSection4.2),andanycombinationofthese clientscanbeusedsimultaneously.AHEhasgonethroughseveral softwarereleases,principallyAHE1.0[7]andAHE2.0[8].AHE3.0, whichwedescribeinthispaper,addsmanysignificantnewfeatures tothosefoundinAHE2.0,withanunremittingfocusonusability andreliability.
4.1. ThearchitectureofAHE3.0
AHE3.0 isa completere-implementation ofAHE 2.0inJava (AHE2.0andearlierversionswereimplementedinPerl).AHE3.0 introducesanewworkflowenginebasedonJBPM[21]allowing complexworkflowstobecreatedandintegrated intoAHE, and accessedby users as singleapplications.AHE 3.0 also incorpo-ratesanobjectrelationalmappingframeworkusingHibernate[22], whichsimplifiesinstallationanddevelopmentofAHEby decou-plingAHE fromthedatabaseused tomaintainstate.ARESTful webserviceinterfacebasedontheRestlet[23]libraryfurnishes asimpleandconciseHTTPbasedinterfaceforclientstoaccessAHE services,comparedtotheWSRF[12]basedservicesusedinAHE 2.0.
AHE3.0isadeparturefromAHE2.0andearlierreleases, hav-ingundergoneacompleteredesign.AHE3.0comprisesanumber ofmoduleswhichimplementthecorefunctionality.AHEruntime controlsthestart-upand shut-downof theAHE applicationlife cycle;AHEengineimplementsthecorefunctionalitiesincluding theworkflowengineaswellasfacilitatinginteractionsbetween thedifferentcomponents;AHEconnectormoduleimplementsthe functionalityrequiredtoconnecttodifferenttypesofmiddleware; AHEsecuritymodulehandlesthesecuritycomponentaswellas usermanagementofAHEapplicationandgridmiddleware;AHE interfacemoduleprovidesaRESTfulWebserviceinterfaceaswell ascommandlineaccesstoAHE;thefilemoduleprovides mecha-nismstotransferfilesbetweendifferentstorageresourcesusing GridFTP.Aschematicshowingtheinteractionofthesedifferent componentsispresentedinFig.2.
RESTfulWebservice provides a simple abstraction of AHE’s functionalities to the user by exposing AHE components as resources,eachofwhichisidentifiedbyaglobalidentifier(URI). Thisprovidesacleanandsimplemechanismforenduserstoaccess AHE,makingclienttoolinglesscomplicated;italsomeansthatAHE 3.0caneitherbedeployedviaaservletcontainersuchasTomcat,or asastandaloneserver.AdetaileddiscussionoftheAHE3.0server componentsispresentedbelow.
4.1.1. AHEruntimemodule
TheAHEruntimemoduleisresponsibleforstartingupand shut-tingdowntheserverinthestandalonemode.Italsoinitializesall thecomponentsanduserconfigurationsaswellasthebasic reg-istryinformationrelatingtousers.Instandalonemode,AHEusesan embeddedJettyServertoprovidewebserverfunctionality, includ-ingHTTPSwithmutualusercertificateauthentication.Inthismode, AHE3.0canbestartedfromanexecutablefile.AHEcanalsobe deployedasaJavaservletintoaservletcompliantserversuchas ApacheTomcat[24].AHEcanbedeployedwithanembeddedH2 database[22]oruseanexternaldatabasethroughtheHibernate framework.Moredetailsaboutthedeploymentarediscussedin
Section6.
4.1.2. AHEenginemodule
TheAHEenginemoduleencapsulatesthefunctionalitythrough whichAHE3.0virtualizesaccesstoscientificapplications.It pro-videsmethodstocreateanApplicationInstanceobject,usedto representaninstanceofavirtualizedapplication.Inaddition, meth-odsareprovidedtorunandmaintaintheexecutionworkflowfor eachvirtualizedapplicationinstance.Theworkflowdescribeshow thedataandcomputationalcode(s)associatedwiththis applica-tioninstanceareprocessed,includingdetailssuchastheback-end connector(cf.Section4.1.3)andsecuritymechanismtouse.
TheAHEenginemodulealsoallowshigherlevelworkflowsto beimplemented.Theseworkflowscancontrolmultiple applica-tioninstancestocreateparametersweepapplicationsorcomplex chainedapplicationscenarios,inwhichdatacreatedbyan applica-tionisusedastheinputforasecondoneandsoon.
4.1.3. AHEconnectormodule
The connector modules provide a setof classes that invoke externalJavalibrarieswhichallowAHEtoactasaclientto dis-tributedresource managers(DRMs) suchasGlobus GRAM.The connector module provides a generic Java interface (usingthe adapterpattern)whichadaptersfordifferentDRMshaveto imple-ment.This Javainterfaceis usedby AHE 3.0toaccess external computationalresources,providingaloosely-coupledrelationship betweenAHEandexternal clientlibraries.Connectorscurrently exist toallow AHE 3.0 torun applications viaGlobus 5.0 [25], Unicore6[26]andQCGOGSA-BES[27].Eachconnector implemen-tationtranslatestheAHE’sinternalapplicationstatemodelinto specificdirectivestotherelevantDRM,suchasthenumberofcores touse.Theextensibleinterfaceframeworkmeansthatinterfacesto otherDRMsystemscaneasilybeaddedasnecessary.Each connec-tormoduleisresponsiblefortrappingerrorsfromtheunderlying DRMandmappingittoanAHEerrorstate,whichispresentedto theuser.
4.1.4. AHEinterfacemodule
ThismodulecontainslibrarycodeusedtointerfacewithAHE 3.0.ThisincludesabridgebetweentheRESTfulWebservice inter-face(cf.Section4.1.7)andtheAHEruntimemodule(cf.Section 4.1.1).TheAHERESTWebservicesexposesthemainAHE function-alitiesandcomponentsasresourceswhichcanbecontrolledby performingoperationsonthoseresources.
4.1.5. AHEsecuritymodule
The AHE security module provides a number of important functions,includingusermanagement,authorizationand authen-ticationcontrol,platformcredentialmanagementandintegration withAuditedCredentialDelegation[28](seeSection5).AHE pro-vides a mechanism to delegate security control to ACD; these securityfunctionsinclude userauthenticationand management aswellasvirtualorganizationsupportandproxygenerationfor anyspecifiedvirtualorganization.InACDmode,AHEcontactsACD
Fig.2. ThearchitectureoftheAHE3.0server,showingtherelationshipbetweenthedifferentsoftwaremodules.
usingRESTfulWebservicecallstoauthenticateusersaswellasto requestthegenerationofproxycredentialsonaperuserbasis.AHE itselfisalsoabletoauthenticateusersviaSSLcertificatesorthe morestandard username/password credentialcombination.The securitymoduleisabletoperformcommandlevelauthorization, aswellasplatformcredentialmanagementsuchasmaintaining privatekeyand certificateinformationforauserwhichmaybe requiredfor him/hertobegranted accesstoparticular compu-tationalresourcesand data.Additionally,thesecuritymoduleis abletorequestupdated proxiesfroma MyProxyserverwhena certificateisabouttoexpire.
4.1.6. AHEtransfermodule
In AHE, input data is transferred directly from a location specifiedby theusertothe computationalresourceswhere an applicationistoberun.Onceajobiscompleted,theAHEserver takescareofstaginganyoutputdatabacktotheuserspecified location.TheAHETransfermoduleprovidesamechanismtosetup thesecuritycredentialusedtoauthenticatetransfersandthen ini-tiatetransfersbetweentwodifferentstoragecomponentsthrough theAHEJavafiletransferinterface.Differenttransfermechanisms havebeenimplementedusingthis Javainterface.Currently,file transferfunctionalitiesmakeuseofthejGlobusandUCClibraries tostagedatausingtheGridFTP[29]andUnicoretransferprotocols. TheJavainterfacemakesiteasytoaddnewtransferprotocolsin futureshouldtheybecomenecessary.
4.1.7. RESTfulwebservice
Oneof the main features of AHE 3.0 is the implementation oftheRESTfulWebservicesinterface,whichreplacestheWSRF
interfaceusedinAHE2.0andearlierversions.RESTfulWeb ser-vicesexposeresourcesaddressableviaHTTPandoperatedonusing HTTPoperationssuchasPOSTandGET.Thisprovidesasecureand straightforwarduniversalendpointforAHEtoprovideservicesto users.AHE3.0usestheJavaRestletlibraryforitsRESTful implemen-tation[23].TheRestletlibrarywaschosentounderpintheAHE3.0 serverduetothemanyfeaturesitprovides,includingtheability todevelopservicesthatrunasstandaloneservicesorwhichcan bedeployedinaservletcontainersuchasTomcat(usingeitherthe J2SEortheJ2EEversionofthelibrary),multiplenativedata repre-sentationformatssuchasXMLandJSON,andscalabilityaswellas securitysupport.
TheAHERESTcommandstructureisgroupedintoanumberof resourcesincluding:User,AppInstance,AppReg(application reg-istry),Resource,PlatformCredentialandCmd(generalcommands). EachoftheseresourcescanbeviewedormodifiedusingtheGET, POSTorDELETEHTTPoperationswhenappliedtoasuitableAHE resourceURI.AtypicalAHEURIconsistsofseveralcomponents;the domainURIfollowedbytheuseridentifierandtheAHEresource thatwillbeoperatedon.TheURIisfollowedbythecommandand argumentifrequired.
4.1.8. AHEworkflowengine
A key component of AHE 3.0 is the workflow management systembuiltontheJBPMframework.JBPMisalightweightJava workflow engine,withworkflowsdescribed using theBusiness ProcessModellingNotation(BPMN)2.0specificationwhichcalls specificJavaclasses, scripts orDroolrules to performarbitrary functions.Thisallowsnewcomplexworkflowsandscripting func-tionalitiestobeintroducedquicklytoextendAHE.JBPMsupports
workflow persistence using the Hibernate framework meaning that,intheeventofaservercrash,theworkflowcanberecovered quicklyandseamlessly.Thereisalsoawiderangeoftools avail-abletoplugintotheJBPMframework,includingworkfloweditors, whicheasestheintegrationofJBPMwithAHE.
Byusingaworkflowengine,furtherfunctionalitiesand work-flowscan beintroducedinto AHE applications.This allowsthe expertusertotailorcustomizedworkflowstocomplextasks,such ascoupledmodelapplications.Italsoallowsadditionalfeaturesor functionalitiestobeadded,suchasfaulttolerance,andtointegrate AHEwithexternalservicessuchasSPRUCE[30]inordertosubmit urgentcomputingjobs,andRealityGridSteering[31]whichallows scientiststointeractwithrunningapplications.
4.2. AHEclient
TheAHEservermaintainsallstateinformationabouta particu-larapplicationinstance.Thismeansthatclienttoolsneedtostore noinformationaboutindividualapplicationruns,andconsequently verysimpleclientscontaininglittleconfigurationdatacanbe cre-ated.Italsomeansthatclientscaninteroperate,withoneclient usedtolaunchanapplicationandanotherusedtomonitoritfor example.
ThesimpleRESTendpointsexposedbyAHE3.0servermeanthat inpracticeanytoolwhichcanperformHTTPPOSTandGET oper-ations(suchastheUNIXcurlcommand)canbeusedasclients. However,aJavaclientAPIhasbeendevelopedwhichnotonly pro-videsmethodstocallAHE3.0servercommands,butalsoprovides auxiliaryfunctionssuchasdatastaging.ThisAPIhasbeenused toproducebothgraphicalandcommandlineclients.Italsoallows applicationshostedinAHEtobeaccessedfromhighleveltools,and integratedwithworkflowenginessuchasGridSpaceandTaverna (seeSection8).
Inaddition,anAHEwebclienthasbeendevelopedtoprovide asimpleinterfacefortheenduserwheninteractingwiththeAHE serverviaawebbrowser.Thewebclientinterfacehasbeen devel-opedusingtheGoogleWebToolkit(GWT)andcommunicateswith theAHE3.0serverthroughitsRESTfulinterface.Thewebclient canbedeployedonJavaservletcompliantserverssuchasTomcat orJBossAS.Thewebclientalsoallowstheusertoadministerand configureanAHE3.0server,providingcapabilitiestomanageusers, certificates,applications,targetcomputationalresourcesandthe serveritself.Thewebclientalsoallowsenduserstotransferfiles, launchandmonitorAHEjobsthroughawebbrowser.
4.3. AHEapplicationlifecycle
AHE manages the whole life cycle of an application when invokingAHE,frominputdatastaging,throughjobexecution,to outputdatastaging;duringthisprocesstheapplicationtransitions througha numberofdifferentstates.Thislifecycleisshownin
Fig.3.
Theprocess starts whena preparecommand is receivedby AHE.ThisputsAHEinawaiting mode,allowingtheusertoset upadditionalconfigurationdetailsrequiredfortheapplicationor workflowsubmission.Onceastartcommandhasbeensubmitted, AHEserverproceedstofirststageanyinputdatathattheuserhas attachedtotheapplicationinstance;oncethatiscompleted,itis thensubmittedtotheexecutionplatform.Oncetheapplicationhas beensubmittedtoanexternalexecutionplatform,AHEgoesinto apollingstate,checkingregularlyforthecompletionofthe appli-cation.Whenthejobhascompleted,anyoutputdataisstagedto thelocationspecifiedbytheuserandthejobsubmissionprocess comestoanend.
IferrorsoccurduringcertainstagesoftheAHEworkflow pro-cess,AHEcapturestheerrorandallowstheusertofixthiserrorand
Fig.3. Theapplicationlifecycle.AHEservermanagesthetransitionofanapplication instancethroughanumberofstates,inordertostagedata,executeanapplication, andhandlefailures.
attempttoexecutethesamestepagain.Thisworkflowismodelled andexecutedusingtheJBossjBPMworkflowlibraryandadditional componentscanbeaddedtotheworkflowifnecessary.
Inpractice,auserhastogothroughthefollowingstepsinorder torunanapplication:
(i)AHEruntimeinitializesallcomponents,populatesthe inter-naldatastructuresandensuresthatthedataheldinthestate databaseissynchronizedwiththeAHEdatastructures. (ii)Theuserqueriestheapplicationregistrytoseewhat
applica-tionsareavailable.
(iii)ThePreparecommandisissuedwhichtellsAHEEngineto createapersistentApp-InstanceObjectthatkeepstrackof thestatusandstateofanexecutingapplication,whichinturn initiatestheAHEworkflowprocess.AnApp-Instanceobject isarepresentationofavirtualizedapplicationinitiatedbythe user.ThisallowsAHEtokeeptrackofthestateandprogress ofthevirtualizedapplication.
(iv)ThisApp-Instanceobjectispersistentandstoredinalocal databaseusingtheHibernateFramework,whichallowsAHE servertobedatabaseagnostic.Inparticular:
(a)theApp-Instanceobjectisassociatedwithauser/group andhasauniqueidentifier;
(b)activeApp-Instancedata/objectsareheldinaregistryand checkedbyAHE Enginetoseewhichprocesses canbe operatedoneachApp-Instance,suchaswhenandhow theycanberun,whendatacanbecheckedorretrieved, andsoon.
(v)Inputdatafilesrequiredbytheapplicationarestagedtothe targetresource.AHEServerrecordsthelocationand trans-ferprotocolspecifiedforeachindividualdatafileandpasses thatinformationtotherelevantconnectormodulesothejob managerknowshowtostagethedataandretrievetheresults ifnecessary.
(vi)Theusernextissuesthesubmitcommand.
(vii)AHEworkflowmodulethenschedulestheexecutionofthe applicationusingJBPMandquartzscheduler[32].Thisallows
complexworkflowstoincludeasynchronoustasks,aswellas multi-thread/concurrencysupport.
(viii)AHEEnginedealswiththesecurityinterfacerequirements andsubmitstaskstoexternalexecutionplatforms.AHEpolls theexternalexecutionplatform(ifitisconfiguredtodoso) andretrievesanyoutputdataoncetheapplicationis com-pleted.JBPMallowsadditionalfeaturestobeaddedinorder tocreatemorecomplexworkflowsincorporatingAHEplug-in components.JBPMispersistentsothatalleventsarelogged. Iftheservercrashes,theworkflowstatestoredinadatabase canberetrievedandreinitialized.
(ix)Oncetheapplicationhascompleted,thedataisretrievedand senttothescratchdisc(temporaryfilestorage)orcopiedto anexternalstorageresourcespecifiedbytheuser,allowing him/hertoaccessit.
5. SecuringAHE3.0withauditedcredentialdelegation
Effortstoaddresstheusabilityof e-infrastructuresare ham-peredbyexistingsecuritymechanismsimposedonusers.Typically, these require a user to obtainone or more digital certificates from a certificate authority, as wellas to maintainand renew thesecertificatesasnecessary.Thedifficultyindoingthisleadsto widespreadcertificatesharingandmisuseandasubstantial reduc-tioninthenumberofpotentialusers[16].Inordertoremovethis barrier,wehavecoupledAHE3.0toAuditedCredentialDelegation (ACD)[28].ACDisausablesecuritysystemthataccommodatesthe securityrequirementsofbothend-usersandresourceproviders, offeringfacilitiestoauthenticate,authorizeandauditall transac-tions.
ThemainadvantageofACDisthatitentirelyremovestheuse ofdigitalcertificatesfromend-users’experience,minimizingthe usabilityproblems causedby suchcredentials whileaddressing resource providers’concerns regarding securingaccess to their sharedresources,tracingtheusersresponsibleforperforming spe-cifictasksontheirresources.ACDenablesuserstoinvokesecurity credentialstheyarefamiliarwithsuchastheirinstitutional user-name/passwordcombination(usingShibboleth[33],forexample); assumingthattheyareauthenticateditissuesadigitalcertificate tothemwhennecessaryinthebackground.
ACDcanbeusedtosetupmultiplevirtualorganizations(VO)to managedynamicgroupsofuserswishingtoaccesse-infrastructure basedresources,and toprovideVO administratorswithtighter controlofusers’actionsaswellasidentitymanagement.Existing solutionssuchasMyProxy[34],Shibboleth,andSARoNGS[35]on theirownonlyprovidecredentialrepositoriestostoreshortlived X.509certificates(MyProxy), webbasedsinglesign-on (Shibbo-leth),andwebportalstoaccessgridresourcesusingacombination ofShibbolethandVOMS[36](SARoNGS).Noneprovidesaholistic VOcontrolledsecuritysolutioninthewayACDdoes.
ThedesignofACDisbasedontheconceptofwrappers.A wrap-perisaconnectorbetweenacomponentandtheoutsideworld.It enablescontrolledaccesstothefunctionalitiesofacomponent.The ACDsecuritywrappercomprisesauthentication,authorizationand auditingcomponents.Anyrequestbyausertoperforman opera-tionusingaservicesecuredbyACDisinterceptedbythesecurity wrappertoestablishtheidentityoftherequester,tocheckwhether ornottheuserisallowedtoperformthetask,torecordtheresults ofthesechecksinanauditlog,thentoperformthetaskinthe dis-tributedenvironmentand,finally,toreturnresultstotheuser.ACD hasbeendevelopedinJavaandexposesaRESTfulinterface.This allowsitsintegrationwithanytooldevelopedinaprogramming languagethatiscapableofaccessingRESTfulservices.Priortoits implementation,amodelofACDwasdevelopedbasedonformal notation[37],whichisusedforbuildingsafetycriticalsystems,
usingtherecommendationsoftheOpenWebApplication Secu-rityconsortiumfordevelopingsecuresoftware[38].Thisprovides rigorousvalidationofACD’ssecurityfeatures.
TheprincipalfeaturesofACD’sarchitecturearedescribedbelow. • Localauthenticationservice.Thecurrentimplementationsupports ausername-passworddatabasespecificallyfornonShibboleth ACDsupport.Tobeauthenticated,auserhastoprovidea user-name/passwordpairthatmatchesanentryinthedatabaseoruse theirlocalinstitutioncredentialsviaShibboleth.Toavoidknown vulnerabilitiesinvolvingusernamesandpasswordsweadopted OWASPbestsecuritypractices[39]suchasstoring passwords inencryptedform,rejectingweakpasswordschosenbyusers, forcingthepasswordlengthtobeaminimumofeight charac-tersincludingspecialcharacters,andchangingthepasswordon aregularbasis.TheShibbolethsupportinthelatestversionof ACDprovidesuserswithmorefamiliarauthentication mecha-nisms.Shibbolethiscurrentlyusedbymanyuniversitiesinthe UK,EUandbeyondtoallowstudentsandresearcherstoaccess onlinepublishers’resourcesbyinvokingtheirlocalinstitutional username/passwordcredentials.
• Authorization component. Thiscomponent controls all actions performedintheVO.ItusestheParametrizedRoleBasedAccess Control(PRBAC)modelinwhichpermissionsareassignedtoroles
[40].TheVOpolicydesignerassociateseachuserintheVOwith therolethatbestdescribeshis/herjobfunction.Thepolicyis definedatVOsetupbecauseitdependsontheVO functional-ities.Thetasks(permissions)assignedtorolesaredrawnfrom theVOfunctionality.
• Credentialrepository.Thiscomponentisresponsibleformanaging thedelegationofidentityfromtheusertoACDviaaproxy cer-tificate.ItstoresthecertificatesacquiredbytheVOadministrator (known as robotcertificates) and theircorresponding private keysinordertocommunicatewiththetargete-infrastructure. ToallowthemembersofaVOaccesstocomputationalresources, theVOisassignedadigitalcertificate,whichisusedbehindthe scenestoauthenticaterequestsissuedbytheVOattheresource providersite.Thecomponentalsomaintainsalistofissuedproxy certificates (delegated identities),their corresponding private keysandtheassociationbetweenusersandproxiesinorderto tracewhichproxywasusedbywhichuser.
• Auditingcomponent.Thiscomponentrecordsallactionswithin theVO,includingauthorizedandunauthorizedrequeststo per-formtaskswithintheVO,theusernamethatrequestedthem,the numberofloginattemptsandlogintimes.ThisallowstheVO managementtoidentifythoseACDusersresponsibleforhaving performedanytaskswithinane-infrastructureenvironment. 5.1. IntegrationwiththeApplicationHostingEnvironment
WhenrunwithoutACD,theAHEsecuritymodelrequireseach individualusertohaveadigitalcertificate,whichcarrieswithit theneedtogothroughalengthycredentialacquisitionprocess. Toremovetheneedforsuchacertificate,wehaveintegratedACD withAHE.Thefirststepoftheintegrationrequiresunderstanding theinteractionbetweenAHEandACD,inotherwordsthe func-tionalandadministrativetasksthatcanbeperformedwithinthe integratedsystem.TheadministrativetasksofferedbyACDinclude VOcreation, certificateassignment,addingusers, resettinguser passwords,creatinguserroles,assigningtaskstoroles,and assign-ingusers toroles.Thefunctionaltasks offeredbyAHE include: PrepareJob,SubmitJob,MonitorJob,downloadandTerminateJob. AHE’sfunctionaltasksarethesameasthetaskspermittedforany authorizeduseronacomputationalresourcethatusestheGlobus orUNICOREmiddleware,forexample.Therefore,thepermissions assignmenttotheVOisdonebytheresourceownerfirst,thenthe
VOadministratorre-assignsthesepermissionstotherolesinthe VOaccordingtotheVOauthorizationrequirements.
In the integrated ACD+AHE environment, theauthorization requirementsdeterminedbytheVOadministratorareexpressed throughtheintroductionoftworoles:VOAdministratorand Sci-entist.Theformerispermittedtoperformalltheadministrative operationsaboveinadditiontoterminate,monitoranddownload anyjobsubmittedtoaresource.Thelatterispermittedtoperform allAHEoperationsinsuchawaythatapersonwhosubmitteda specifiedjobcanonlyperformAHEfunctionaloperationsonthis application.Asaresult,twousersrunningapplicationsinvoking differentdatawillnotbeabletoviewtheresultsofeachother’s activities.In addition,thescientist’s roleonlypermitsa userto changehis/herownpassword.
TheconstructionofaVOrequiresthatasystemadministrator goesthroughtheprocessofacquiring adigital certificate.Once done,theVOadministratorcreatesaVOandassignsthecertificate tothenamedVOusingtheACDclient.Itthenbecomespossible toaddusersinstantlytotheVOandgivethemgenuinely trans-parentaccesstoe-infrastructureresources.Toillustratehowthis systemworks,considerausernamed“JohnSmith”whoisa mem-berofaresearchgroupinaUKuniversityandwouldliketouse UKNationale-InfrastructureService(NES)[41]resourcestorun scientificapplicationsusingAHE.TheusercontactsthelocalVO administratorandrequeststojoinaspecificVO.Theusercanopt tousetheirlocalusernameandpassword,iftheirinstitutionispart oftheShibbolethFederation,orrequeststhecreationofa dedi-catedACDaccount.TheVOadministratorassignstheusertothe “Scientist”roledescribedaboveandassignstheusertoaVOthat hasanaccesstoe-infrastructureresources.Thecommunications betweentheAHE+ACDclientandthewrappedAHEserver,aswell asbetweenthelatterandthegridresources,areprotectedbythe SSLsecurityprotocol.
Inordertolaunchanapplicationonacomputationalresource, theuserinvokesarequesttoperformthe“SubmitJob”taskusing anAHEclientwithACDextension.Thisrequestisinterceptedby theACDauthenticationcomponentthatchecksiftheusernameand passwordmatchanentryinthedatabaseorcanbeauthenticated againstShibboleth.Theresultoftheauthenticationisrecordedin theauditingcomponent.Theroleoftheuserispickedupfromthe authorizationcomponent,inthiscase“Scientist”.Theauthorization checkswhetherthe“SubmitJob” operationis permittedforthe “Scientist”roleheldbytheuser.Theresultoftheaccesscontrol checkisrecordedintheauditlog,andtheoperation“SubmitJob” isinvokedonAHEserver.Oncetherequestisgranted,ACDpicksthe certificateassociatedwiththeVOtheuserwantstouseandchecks whethertheuserisassignedtothisVO.Ifthecheckissuccessful ACDgeneratesaproxycertificatefromtheVOassignedcertificate, uploadsittoaMyProxyserverandrecordstheissuedproxiesin thecredentialrepository.
ACDthensendstherandomlygeneratedusername/password pairneededtoaccessMyProxytotheAHEservertodownloadthe sessionproxy.Finally,theAHEserversendstherequesttothe com-putationalresourcesitealong withtheproxy.Atthetargetsite, theproxyisvalidated.Certificateauthenticationsucceeds,andthe distinguishednameontheproxy (VOName) is checkedagainst theresource’sauthorizationsystemtodeterminetheroleofthe VOName,whichisScientist.Sincethisroleisallowedtosubmit anapplicationtoresourcesthetaskwillbeinvoked.Fromthe e-infrastructure’sperspective,itistheVONamethatsubmittedthe task,not“JohnSmith”.Inordertofindoutwhoinvokedthe“submit job”taskontheresourceusingaspecificproxy,theresource admin-istratorpassesthepublickeyoftheproxytotheVOadministrator whocanidentifythenameoftheuser.
Inthisway,requestsfromwithinthecombinedACD/AHE sys-temcanbeaudited.Itisthuspossibletoidentifylegitimateusers
andtoensurethatonlysuchusersareallowedaccesstoresources, inconformancewiththepoliciesenforcedbythee-infrastructure management. In addition,it is possible todetect unauthorized attemptstoaccessresourcesfromwithintheVOandtoidentify personsresponsibleforsuchattempts.Thisformofaccountability isanessentialrequirementforresourceproviderstobeprepared toaccepttheACDsecuritymodel.
6. DeploymentofAHE3.0
AHEcanbedeployedasastandaloneapplicationviatheJetty Serverusinganembeddeddatabaseor,inamorecomplex envi-ronment,AHEcanbedeployedasaServlethostedwithinaServlet compliantserversuchas ApacheTomcatandconfiguredtouse databasessupportedbytheHibernateframework.
Inthesimplestconfiguration,thestandalonemodeallowsAHE tobeexecutedasanapplicationwhichlaunchestheJettyServer withtheoptionofinvokinganembeddeddatabaseoranyexternal databasesupportedbytheHibernateFramework.Inthis configu-ration,theusersimplydownloadstheAHEexecutable,configures theHibernateconfigurationfiletosetupthedatabaseconnectivity andrunstheprogramme.
Withserverornetworkconstraints,AHEcanbehostedinside aServletcompliantserversuchasApacheTomcatandbe config-uredtouseanydatabasessupportedbytheHibernateframework. AusershouldthendownloadtheAHEservletversion,deployiton theServletserverandconfigurethedatabaseconfigurationfileto ensureAHErunscorrectly.OnceAHEisrunning,thesystem admin-istratorconfiguresusermanagement,hostedapplicationsaswell asresourcesandcredentials.
Whicheverwaytheserverisdeployed,enduserscanaccessit eitherusingawebbrowser,viathewebclientinterface,orusingthe GUIorcommandlineclienttools.Theclienttoolssimplyrequire Javatobeavailableontheclientmachine;aftersettingan envi-ronmentvariableandrunningaconfigurationscriptthesecanbe easilyrun.
7. AHE3.0:comparisonwithAHE2.0
OureffortstorefactorAHE3toexposearestfulinterface,as wellasredesigntheAHEserverinversion3.0havenotonlybeen donetoenhanceuserexperience,butalsotoimproveperformance. Inordertoevaluatethebenefitsofthiswork,weranperformance testscomparingtheperformanceofAHE2.0againstAHE3.0.
OurexperimentalsetupconsistedofaserverrunningbothAHE 2.0andAHE3.0,withbothsystemsconfiguredtolaunch applica-tionsviatheQCG-Computingmiddlewareontoa96nodecluster withintheCentreforComputationalScienceatUCL.Thetestswe performedusedaworkstationtosubmitbatchesofapplicationsto AHE2.0and AHE3.0inturn,measuringthetimetakento sub-mitthesebatches.Theapplication launchedwasasimple code designedtosortalistofwordsintoalphabeticalorder,butsince weareonlyinterestedinthetimeperformanceoftheAHEserver itself,weonlymeasuredtimetakentosubmittheapplicationrather thanmeasuringthetimetheapplicationtakestoexecute(which wouldbeaffectedbytheclusterload),andtheclusterwas dedi-catedtotheexperimentwhilethetestswereperformed.Thetests themselveswereimplementedasJUnittestscallingtheAHEclient API,whileJUnit,executedviatheEclipsedevelopmentplatform, wasusedtomeasurethetimetakentoperformthetests.Eachtest wasrepeatedthreetimes,andthemeantimetakenforeachtest calculated.TheresultsareplottedinFig.4,witherrorbarsshowing thestandarddeviationofeachresult.
AsFig.4shows,AHE3.0performsfarfasterthanAHE2.0,and thetimetakentosubmitjobsusingAHE2.0ismuchmorevariable,
0 500 1000 1500 2000 2500 3000 3500 4000 10 20 30 40 50 60 70 80 90 100 110 120 130 140 150 160 170 180 190 200
Average time to submit (seconds)
Number of jobs submitted AHE 2.0
AHE 3.0
Fig.4. ComparisonofthemeantimeandstandarddeviationrequiredtosubmitusingAHE2.0andAHE3.0forbatchesof10–200jobs.
meaningthatitislessreliablefromauserperspective.Thisisdue tothefactthatAHE3.0isdevelopedinJavawhereasAHE2.0was developedwithPerl/WSRF::Lite;AHE3.0exploitsasimpleRESTful interface,whereasAHE2.0usesthefarmorecomplicatedWSRF extensiontoWebservices,whichincreasesthecomplexityofboth client and server. Application submission is also faster in AHE 3.0 becausethesystemimplementsa bufferedqueuing system betweentheAHEserverandtheconnectormodules,whichhasthe effectofallowingthesubmissioninterfacetoprocessmore simul-taneousrequests,comparedtoAHE2.0.Inorderforustobetter investigate thenature of the performance differences between AHE2.0andAHE3.0,infutureworkweplantoinstrumentthe servercodeofbothAHEversionswithtimingroutines,andthen performa setof experiments todeterminetheperformance of differentparts oftheapplicationslaunching process,fromdata stagingtojobsubmission.
7.1. EvaluationoftheApplicationInteractionModel
To validate our hypothesis that the Application Interaction Model,bysimplifyingtheprocessoflaunchingapplicationsonhigh performancecomputingresources,ismoreusablethanthe tradi-tionalgridinteractionmodel,weconductedarigoroususability study.WehavereportedthisstudyfullyinZasadaetal.[17],and foracomprehensiveaccountofthestudymethodologywerefer readerstothatpublication.
WecomparedtheAHEcommandlineclientwiththeGlobus commandlineclientandtheAHEgraphicalclientwiththeUnicore graphicalclient.Byallofourmeasurements,theAHEclientswere judgedtobesignificantlymoreusablethaneitherGlobusorUnicore
[17].
InadditiontotheusabilitytestscomparingAHEwithcommon middleware tools,we also compared thestandard AHE release withthenewversionofAHE,integratedwiththesecurity solu-tionAuditedCredentialDelegation[37](discussedinSection5). OurusabilitytestsclearlyestablishedthatAHEwithACDismore usablethanAHEalone.
8. AHE3.0inaction:e-infrastructurebasedmultiscale
simulation
Likeits predecessors,AHE 3.0is beingactivelyusedby sev-eral large research projects. AHE provides the principal HPC access tool in the VPH-Share project [42], a currently funded
endeavourwithintheVirtualPhysiologicalHuman(VPH)initiative
[43], concernedwithpatient-specific biomedical modellingand simulation.Theaimofthisprojectistodevelopasetofintelligent servicesandsupportingnetworkinfrastructurethatwillfacilitate theexposureandsharingofdataandknowledge.Inparticular,itis developingamulti-scaleframework forthecompositionofnew biomedicalworkflowstopromotecollaborationwithintheVPH community.
Aspartofthisinfrastructure,VPH-Shareisdevelopingacloud platformthatwillallowuserstoeasilyaccesscomputationalas wellasdataresources.AHEandACDtogetherconstitutetheHPC gatewayserviceforVPH-Share,allowingsimulationsthatrequire morecomputationalpowerthantheVPH-Sharecloud infrastruc-tureisabletoprovidetobeseamlesslyrunonHPCresources.AHE andACDaredeployedbasedontheSoftwareasaService(SaaS) model. AHE isresponsible for handlingtheexecution lifecycle ofvirtualizedapplicationsoncomputationalresources,whileACD bridgesthegapbetweendifferentsecurityinfrastructuresusedby theexecutionplatformandthose remoteresources.Thisallows simulation workflowstobedeployedwhich combineresources froma cloudprovidersuchasAmazonin ordertoexecute sin-glecoreandsmallscaleparallelsimulations,butthatcanswitch tohighperformancecomputing,accessedviaAHE,torunpartsof theworkflowthatrequiremorecomputationalpower.Theability oftheTavernaworkflowsystemusedbyVPH-SharetocallAHE’s RESTfulinterfaceallowsapplicationshostedinAHEtobeincluded ascomponentsinTavernaworkflows.
ThesystemisbeingusedinproductionrunsbyVPH-Share scien-tiststoruntheChastecode[44]tomodelpersonalizedtreatments ofcardiacarrythmiasinpatients.AHEallowstheresearchersto launchChastesimulationsontheHECToRHPCmachineintheUK (partofPRACE),marshalinputandoutputdataandmanage param-etersweeps.ItalsoallowsdatatobestagedinandoutoftheEUDAT
[45]datastorageinfrastructureasnecessary.
Additionally,theAHEclientAPIhasbeenintegratedwiththe GridSpace2workflowengine[46]withintheMAPPERproject,and aspartof theVirtual ImagingPlatform(VIP)[47].TheMAPPER projectaimstodevelopapersistentproductioninfrastructurefor distributed multiscale computing[48], makinguseof resources from multiple European e-infrastructures. AHE provides a key interoperabilitylayerallowinghigherlevelMAPPERservicesand interface tools to seamlessly access and connect these distinct resources.
Fig.5. ThearchitectureofaMAPPERlooselycoupledapplication.AHEprovidesaninteroperabilitylayertolaunchcodesacrossarangeofplatforms.
MAPPERapplicationscouplecodesoperatingatdifferent tem-poralandspatialresolutionstogether.Anillustrationofsuchan applicationisgiveninFig.5,whichshowsanapplicationfromthe materialssciencedomain[49].Thisapplicationinvokesparameters generatedatthequantumlevel (usingCar–Parrinellomolecular dynamics(CPMD))tobuildanatomisticsimulationofamaterial usingtheLarge-scaleAtomic/MolecularMassivelyParallel Simula-tor(LAMMPS)),andthenusesparametersgeneratedatthislevel toperform a coarse grained molecularsimulation (again using LAMMPS).
Eachof theMAPPERapplicationsrequires accessto suitable resourcestorun,oftenconcurrentlyorinaparticularsequence. AHE’sabilitytocouplewithadvancedreservationtoolssuchas QCGComputingmeansthatMAPPERapplicationscanbe sched-uledtoruninadvance(co-)reservationsonHPCresources.Thisis ofcoursedependentonthemachinesprovidingadvanced reserva-tioncapabilities;itisessentialforresourceproviderstoimplement suchpoliciesinorderforthesekindsofapplicationstoberun.
The VIP project targets multi-modality, multi-organ and dynamicmedicalimagesimulation,integratingprovensimulation softwaretosimulatefourmainimaging modalities.Thisproject buildsontheVirtualImagingPlatform,aFrenchANR (National AgencyforResearch)projectaimingatbuildingamulti-modality simulation platform for the main medical imaging modalities, namelyMagneticResonanceImaging(MRI),Ultrasoundimaging (US),PositronEmissionTomography(PET)andComputed Tomo-graphy(CT).
TypicallythesimulationsconsideredbyVIPhavebeenexecuted inan“embarrassinglyparallel”fashiononclustermachinesandare managedviatheVIPplatform.Theplatformcanperformcomplex simulations,suchaswhole-bodyCT scans,inareasonable time thankstoitsconnectiontoEGI,which providesaccesstoa dis-tributedsetofclusters.However,someimagingsimulationcodes canbeparallelizedandthusbenefitsubstantiallyfromaccessto highperformancecomputingresources.ByintegratingcallstoAHE, viatheAHEclientAPI,withtheVIPportalandworkflowengine,this requirementhasbeensatisfied.AHEprovidesabridgebetweenEGI andtheHPCfacilitiesprovidedbyPRACE,sothatsimulationswhich requiregreaterpowerthanEGIcanprovidecaninsteadberunon thePRACEplatform.
Common to all of these projects is the need to use AHE’s capabilitiesasaninteroperabilitylayertobridgeacrossdisparate
e-infrastructures,meaningthatAHEprovidesasingleinterfaceto avarietyofresources,fromPRACE,throughEGItolocalcampus basedclusters.AHE’sabilitytoconnecttoawiderangeofdifferent backendmiddlewaretoolsmakesitanidealcandidateto feder-ateresourceaccessfromtheuser’sperspective.Integrationwith ACDmeansthatappropriatesecuritycredentialsarepresentedto thetargetinfrastructurebyAHEwhenauserneedstoexecutea simulation,makingtheuseofmultiplee-infrastructureplatforms transparenttotheuser.
9. Conclusionsandfuturework
Sinceitsinitialrelease,AHEhasbeentakenupbyvarioususer communities,whereitsusabilityfeatureshaveprovedextremely important.AHEhasbeenemployedtohostcomputationalcodes fromdifferentscientificdomains,includingwidelyusedcodessuch asNAMD,CHARMM,LAMMPS,VASP, LB3DandDLPOLY.Akey strengthofAHEisitsflexibility.Sinceallofitscomplexityresides ontheserverside,andallofAHE’sfunctionalityisexposedas REST-fulWebservices,AHEcanbeusedasabuildingblockforsystems ofmuchgreatercomplexity.
As ourperformance tests have shown, theredesign of AHE 3.0hasgreatlyimprovedperformanceover olderAHEversions. Ourusabilityresultshavealsoconfirmedthebenefitofthe Appli-cation Interaction Model in that userinteraction is reduced to themostessentialcomponents: namelya userinteractingwith his/herapplication.Usersdonotneedtoworryaboutthedetails ofparticularbatchqueuingsystems, orhow tostage databack fromparticularHPCresources;thespecificsofhowtolaunchan application areencapsulated withinthe ApplicationInteraction Model.TheapproachvirtualizestheHPCresourcesfromauser’s pointofview.IndeedAHEvirtualizestheentiretyofagrid’sHPC resources,andfederatesresourcesstemmingfrommultiple differ-ente-infrastructures.
AHE3.0providesanumberofcapabilitiesincludingaworkflow enginethatallowscomplexsimulationstobecreated,including coupledsimulationswheredataisautomaticallytransferredfrom one application to another. ACD providesa security suite that includes supportfor Shibboleth authentication,as well as user auditing.ACDsupports virtualorganizationmanagementand is abletoprovideaccesstogridproxycredentialsthroughRESTful webservices.
Thiscombinationofusabilityandperformanceembeddedinto afeature-richplatformhaveledAHEandACDtobecomean impor-tantcornerstoneofmanyresearchprojects,frommaterialsscience throughcomputationalphysicsandchemistrytolifeandmedical sciences.Theseprojectshaveincommonaneedforacomputational platform toprovide access to highperformance computational resourcesandlinkstocloudcomputinginfrastructures.ACDand AHEallowe-infrastructuretobeaccessedinasimilarmanneras anIaaScloudresource.Thisisachievedbyvirtualizingapplications usinganSaaSmodel,exposingtheirfunctionalityassimpleRESTful webservices,andbyabstractingthesecuritymechanismofthe e-infrastructuremiddlewarethroughACD.Althoughtheymaybe andoftenaredeployedincombinationaspartofaprojectspecific e-infrastructure,AHEandACDarealsostandalonetools,andcan be deployed within any similar e-infrastructure that requires transparentaccesstohighendcomputingresources.
AHE3.0andACDhavebeenreleasedundertheLGPLlicenceand canbedownloadedfrom:https://sourceforge.net/projects/ahe3/.
Acknowledgements
The developments of AHE and ACD reported in this paper havebeenfundedbytheEUFP7VPH-Share(no.269978), VPH-NoE(no.223920),MAPPER(no.261507)andContraCancrum(no. 223979) projects. Previously they were funded by the EPSRC projectsRealityGrid(GR/R67699),RapidPrototypingofUsableGrid Middleware (GR/T27488/01), User-Friendly Authentication and AuthorizationforGridEnvironments(EP/D051754/1),andalsoby OMIIundertheManagedProgrammeRobustApplicationHosting inWSRF::Lite(RAHWL)project.SJZ’sPhDstudentshipisfundedby EPSRC.
WewouldliketothankMaciejPawlikandGrzegorzDykfrom Cyfronet,Krakow,Poland,andWilliamRomerofromCNRSLyon, France, for their contributions to the code, and also Mariusz Mamonski and TomaszPiontek from PoznanSuper Computing andNetworkingCenter,Polandforusefuldiscussionsrelatingto advancereservation.
References
[1]D.Turek,Highperformancecomputingandtheimplicationsofmulti-core architectures,CTWatchQuarterly3(2007)31–33.
[2]J.Dongarra,D.Gannon,G.Fox,K.Kennedy,Theimpactofmulticoreon compu-tationalsciencesoftware,CTWatchQuarterly3(2007)1–10.
[3]P.V.Coveney(Ed.),ScientificGridComputing,Vol.363,Philosophical Transac-tionsoftheRoyalSocietyA:Mathematical,PhysicalandEngineeringSciences, 2005.
[4]I.Foster,C.Kesselman,S.Tuecke,Theanatomyofthegrid:enablingscalable virtualorganizations,InternationalJournalofSupercomputerApplications15 (2001)3–23.
[5]J. Chin,P.V.Coveney, TowardsTractable ToolkitsfortheGrid: aPleafor Lightweight,UseableMiddleware,Tech.rep.,2004http://nesc.ac.uk/technical papers/UKeS-2004-01.pdf
[6]M.Halling-Brown,D.Moss,C.Sansom,A.Shepherd,Acomputationalgrid frameworkforimmunologicalapplications,PhilosophicalTransactionsofthe RoyalSocietyA367(2009)2705–2716.
[7]P.V.Coveney,R.S.Saksena,S.J.Zasada,M.McKeown,S.Pickles,Theapplication hostingenvironment:lightweightmiddlewareforgrid-basedcomputational science,ComputerPhysicsCommunications176(6)(2007)406–418. [8]S.J.Zasada,P.V.Coveney,Virtualizingaccesstoscientificapplicationswiththe
applicationhostingenvironment,ComputerPhysicsCommunications180(12) (2009)2513–2525.
[9]S.K.Sadiq,D.Wright,S.J.Watson,S.J.Zasada,I.Stoica,P.V.Coveney, Auto-matedmolecularsimulationbasedbindingaffinitycalculatorforligand-bound HIV-1proteases,JournalofChemicalInformationandModeling48(9)(2008) 1909–1919.
[10]J.L.Suter,P.V.Coveney,H.C.Greenwell,M.-A.Thyveetil,Large-scalemolecular dynamicsstudyofmontmorilloniteclay:emergenceofundulatoryfluctuations anddeterminationofmaterialproperties,TheJournalofPhysicalChemistryC 111(23)(2007)8248–8259.
[11]R.T.Fielding,Architecturalstylesandthedesignofnetwork-basedsoftware architectures,2000(Ph.D.thesis).
[12]S. Graham, A. Karmarkar, J. Mischkinsky, I. Robinson, I. Sedukin, Web ServicesResourceFramework,Tech.rep.,2006http://docs.oasis-open.org/ wsrf/wsrf-wsresource-1.2-spec-os.pdf
[13]WINE,http://www.winehq.org/
[14]P.V.Coveney,Scientificgridcomputing,PhilosophicalTransactionsoftheRoyal SocietyA:Mathematical,PhysicalandEngineeringSciences363(1833)(2005) 1707–1713.
[15]S.Manos,S.J.Zasada,P.V.Coveney,Lifeordeathdecision-making:themedical caseforlarge-scaleon-demandgridcomputing,CTWatchQuarterlyJournal4 (2)(2008)35–45.
[16]B.Beckles,V.Welch,J.Basney,Mechanismsforincreasingtheusabilityofgrid security,InternationalJournalofHuman–ComputerStudies63(1/2)(2005) 74–101.
[17]S.J.Zasada,A.N.Haidar,P.V.Coveney,Ontheusabilityofgridmiddlewareand securitymechanisms,PhilosophicalTransactionsoftheRoyalSocietyA: Math-ematical,PhysicalandEngineeringSciences369(1949)(2011)3413–3428. [18]B.Boghosian,P.V.Coveney,S.Dong,L.Finn,S.Jha,G.Karniadakis,N.Karonis,
NEKTAR,SPICEandVortonics:usingfederatedgridsforlargescalescientific applications,ClusterComputing10(3)(2007)351–364.
[19]UKCollaborativeComputationalProjects,http://www.ccp.ac.uk/
[20]S.J.Zasada,M.Mamonski,D.Groen,J.Borgdorff,I.Saverchenko,T.Piontek,K. Kurowski,P.V.Coveney,Distributedinfrastructureformultiscalecomputing, in:Proceedingsofthe2012IEEE/ACM16thInternationalSymposiumon Dis-tributedSimulationandRealTimeApplications,IEEEComputerSociety,2012, pp.65–74.
[21]JBPM–JBossCommunity,http://www.jboss.org/jbpm [22]Hibernate–JBossCommunity,http://www.hibernate.org/
[23]Restlet–RESTfulwebservicesframeworkforJava,http://www.restlet.org/ [24]TheApacheTomcatServletContainer,http://tomcat.apache.org
[25]TheGlobusProject,http://www.globus.org [26]TheUNICOREProject,http://www.unicore.org
[27]K.Kurowski,W.deBack,W.Dubitzky,L.Gulyás,G.Kampis,M.Mamonski,G. Szemes,M.Swain,ComplexsystemsimulationswithQosCosGrid, Computa-tionalScience-ICCS2009(2009)387–396.
[28]A.N.Haidar,S.J.Zasada,P.V.Coveney,A.E.Abdallah,B.Beckles,M.A.S.Jones, Auditedcredentialdelegation:ausablesecuritysolutionforthevirtual physi-ologicalhumantoolkit,InterfaceFocus1(3)(2011)462–473.
[29]W.Allcock,J.Bester,J.Bresnahan,A.Chervenak,L.Liming,S.Tuecke,GridFTP: Protocol extensions to FTP for the grid, GlobalGrid Forum GFD-RP 20, http://www.ggf.org/documents/GWD-R/GFD-R.020.pdf
[30]P.Beckman,S.Nadella,N.Trebon,I. Beschastnikh,SPRUCE: asystemfor supportingurgenthigh-performancecomputing,Grid-BasedProblemSolving Environments(2007)295–311.
[31]S. Pickles, R. Haines, R. Pinning, A. Porter, A practical toolkit for computational steering, Philosophical Transactions of the Royal Society A: Mathematical, Physical and Engineering Sciences 363 (1833) (2005) 1843–1853.
[32]C.Cavaness,QuartzJobSchedulingFramework:BuildingOpenSource Enter-priseApplications,PrenticeHall,UpperSaddleRiver,NJ,USA,2006. [33]R.O.Sinnott,J.Jiang,J.Watt,O.Ajayi,Shibboleth-basedaccesstoandusageof
gridresources,in:IEEEInternationalConferenceonGridComputing,Barcelona, Spain,2006,pp.28–29.
[34]J.Novotny,S.Tuecke,V.Welch,Anonlinecredentialrepositoryforthegrid: MyProxy,in:10thIEEEInternationalSymposiumonHighPerformance Dis-tributedComputing,2001.IEEEProceedings,2002,pp.104–111.
[35]X.Wang,M.Jones,J.Jensen,A.Richards,D.Wallom,T.Ma,R.Frank,D.Spence,S. Young,C.Devereux,etal.,ShibbolethaccessforresourcesontheNationalGrid Service(SARoNGS),in:FifthInternationalConferenceonInformation Assur-anceandSecurity,2009,IAS’09.Vol.2,IEEE,2009,pp.338–341.
[36]R.Alfieri,R.Cecchini,V.Ciaschini,L.dellAgnello,A.Frohner,A.Gianoli,K. Lorentey,F.Spataro,VOMS,anauthorizationsystemforvirtualorganizations, in:GridComputing,Springer,2004,pp.33–40.
[37]A.N.Haidar,P.V.Coveney,A.E.Abdallah,P.Y.Ryan,B.Beckles,J.M.Brooke,M. Jones,Formalmodellingofausableidentitymanagementsolutionforvirtual organisations,in:ProceedingsofFormalAspectsofVirtualOrganisations,2009, pp.41–50.
[38]TheOpenWebApplicationSecurityProject,http://ww.owasp.org
[39]OWASPtop10:Thetenmostcriticalwebapplicationsecurityvulnerabilities (2007),http://www.owasp.org/index.php/Top102010-Main
[40]A.Abdallah,E.Khayat,Formalzspecificationsofseveralflatrole-basedaccess controlmodels,in:Software EngineeringWorkshop, 2006,SEW’06. 30th AnnualIEEE/NASA,IEEE,2006,pp.282–292.
[41]UKNationale-InfrastructureService(NES),http://www.ngs.ac.uk [42]TheVPH-ShareProject,http://www.vph-share.eu
[43]P.Hunter,P.V.Coveney,B.deBono,V.Diaz,J.Fenner,A.Frangi,P.Harris,R. Hose,P.Kohl,P.Lawford,etal.,Avisionandstrategyforthevirtual physi-ologicalhumanin2010andbeyond,PhilosophicalTransactionsoftheRoyal SocietyA:Mathematical,PhysicalandEngineeringSciences368(1920)(2010) 2595–2614.
[44]J.Pitt-Francis,P.Pathmanathan,M.Bernabeu,R.Bordas,J.Cooper,A.Fletcher,G. Mirams,P.Murray,J.Osborne,A.Walter,etal.,Chaste:atest-drivenapproach tosoftwaredevelopmentforbiologicalmodelling,ComputerPhysics Commu-nications180(12)(2009)2452–2471.
[45]TheEUDATProject,http://www.eudat.eu
[46]M.Malawski,T.Bartynski,M.Bubak,Invocationofoperationsfromscript-based gridapplications,FutureGenerationComputerSystems26(1)(2010)138–146.
[47]TheVIPProject,http://www.creatis.insa-lyon.fr/vip/ [48]TheMAPPERProject,http://www.mapper.eu
[49]J.Suter,D.Groen,L.Kabalan,P.V.Coveney,Distributedmultiscalesimulations ofclay-polymernanocomposites,MRSOnlineProceedingsLibrary1470(1) (2012).
StefanJ.Zasadais asoftwareengineerintheCentre forComputationalScienceatUCL,developinglightweight gridmiddlewareandenablingtoolsfore-Science.Hehas afirstdegreeinComputerSciencefromtheUniversityof NottinghamandaMastersdegreeinAdvancedSoftware EngineeringfromtheUniversityofManchester,wherehe wasresponsibleforimplementingtheWS-Security speci-ficationinPerlforusebytheWSRF::Litetoolkit.Currently heisleaddeveloperontheAHEproject.Heisinvolved indevelopingmedicaldatasharingsolutionsinthethe EUFP7p-medicineandUKMRCFarrprojects,andalso lightweightgridmiddlewareandenablingtoolsfor e-Science.HeiscurrentlycompletinghisPhDinComputer Science,investigatingthedesignanddevelopmentoflightweightapplication vir-tualizationtoolkitsandmarketbasedresourceallocationsolutions.Hisresearch interestscovermanyaspectsofhighperformanceandgridcomputing,andtheir applicationinthemedicalandlifesciencesdomain.
DavidChan-WeiChangiscurrentlyaresearchassociate intheGraduateSchoolofBiomedicalEngineering, Univer-sityofNewSouthWales,Sydney,Australia.Heisworking in theareaoftele-health andtele-care,clinical deci-sionsupportandmachinelearning.Hewaspreviouslyat theCentreforComputationalScienceatUniversity Col-legeLondon,workingintheVPH-Shareandp-medicine projects.HecompletedhisBSc,MScandPhDdegreesat theUniversityofNewSouthWales,whereheworkedin theBiomedicalSystemLaboratoryonanumberdifferent projects,includingthedevelopmentofclinicaldecision supportsystems,non-intrusivewirelessmonitoring sys-temsfortheelderlyandsignalanalysis.Hisresearchis focusedoncardioelectrophysiology,medicalITinfrastructureandcloudandgrid computing.
AliNasratHaidarisanApplicationSecurityConsultantat HSBCHeadofficeinLondon.HehasaPhDinwebservices securityandaMastersdegreeininformationsecurityfrom RoyalHolloway,UniversityofLondon.HeisalsoaVisiting ResearchFellowintheCentreforComputationalScience atUCL,apart-timeResearchFellowatBirminghamCity UniversityintheCyberSecuritygroup,andamemberof theUCLCyberSecurityCentreofExcellenceawardedby GCHQinpartnershipwiththeResearchCouncils’Global UncertaintiesProgramme(RCUK)andtheDepartmentfor BusinessInnovationandSkills(BIS).Priortohiscurrent appointment,AliwasaResearchFellowatUCLanda ResearchAssociateattheCentreforSoftwareReliabilityat NewcastleUniversity.Hewasinvolvedindevelopingsecuree-Scienceapplications, datasharingplatforms,capturinguserandsecurityrequirementsforcomputational gridenvironments,providingformalmodelsandanalysisoftheserequirementsto assistthedesignofsecurityprototype.AliwasinvolvedinanumberofEUe-health researchprojects,suchastheVPH-NOE(VirtualPhysiologicalHumanNetworkof Excellence),theContraCancrum(ClinicallyOrientedTranslationalCancerMultilevel Modelling)andp-medicine(PersonalizedMedicine).Hisresearchinterestsinclude securesoftwaredevelopment,identityandaccesscontrolmanagement,gridand cloudsecurity,informationassuranceandcompliance.
PeterV.CoveneyholdsaChairinPhysicalChemistry, andisDirectoroftheCentreforComputationalScience, DirectoroftheUCLComputationalLife&MedicalSciences Network, anHonoraryProfessor ofComputerScience, andamemberofCoMPLEXatUCL.Heisalsoafounding memberoftheUKe-InfrastructureLeadershipCouncil,a MedicalAcademyNominatedExpertonData,Algorithms, andModellingfortheUKPrimeMinister’sCouncilfor Sci-enceandTechnology,andProfessorAdjunctwithinthe YaleSchoolofMedicineatYaleUniversity.Heisactiveina broadareaofinterdisciplinarytheoreticalresearch includ-ingcondensedmatterphysicsandchemistry,materials science,andlifeandmedicalsciencesincluding collab-orationswithclinicians.HeisafoundingeditoroftheJournalofComputational Scienceandtodatehaspublishedmorethan300scientificpapers,edited20books, andcoauthoredtwobest-sellingpopularsciencebooks(TheArrowofTimeand FrontiersofComplexity,bothwithRogerHighfield).