6. Conceptual Model of the Main Entities
This section introduces the main entities of the GLUE information model. They capture the core concepts relevant in a Grid environment. The main entities SHOULD be used to derive specialized information models. In Figure 1, the classes and the related relationships are presented in the form of a UML Class Diagram.
Figure 1 Entities and relationships for the Main Entities conceptual model
6.1. Entity
The Entity class is the root entity from which all the GLUE classes inherit (an exception is made for the Extension class). The specialized classes will inherit both the associations and the attributes of Extension class. The attributes CreationTime and Validity are metadata related to the generation and life of the information. The Name attribute allows a human-readable name to be provided for any object, usable for e.g. monitoring or diagnostic displays. The Name SHOULD NOT have any semantic interpretation.
Entity
Inherits from
Description
Entity
<<abstract>>
Abstract root concept from which all the other concepts are derived (except the Extension class); it has metadata about information creation and validity plus a key-value pair extension mechanism.
Attribute
Type
Mult.
Unit
Description
CreationTime
DateTime_t
0..1
Timestamp describing when the entity instance was generated.
Validity
UInt64
0..1
s
The duration after CreationTime that the information presented in the Entity SHOULD be considered relevant. After that period has elapsed,
the information SHOULD NOT be considered relevant.
ID [key]
URI
1
A globally unique ID.
Name
String
0..1
A human-readable name.
OtherInfo
String
*
Placeholder to publish information that does not fit in any other attribute. Free-form string, comma-separated tags, (name, value) pairs are all examples of valid syntax.
Association End
Mult.
Description
Extension.Key
*
The entity MAY be associated to zero or more key-value pairs.
Extension
The Extension class provides a general mechanism to add key/value pairs to GLUE classes when suitable specific attributes are not present. The creation time and validity of each Extension instance are those of the extended class instance.
Entity
Inherits from
Description
Extension
A key/value pair enabling the association of extra information not captured by the model with an Entity instance.
Attribute
Type
Mult.
Unit
Description
LocalID
LocalID_t
1
An identifier unique within the class instance to which it is associated
Key
String
1
An identifier local to the container class instance; typically an attribute name not present in the model. This identifier is not required to be unique; several instances of this class MAY hold the same value for this attribute.
Value
String
1
A value for the attribute named by the Key.
Association End
Mult.
Description
Entity
1
The key/value pair is associated to an Entity instance.
Location
The Location class is introduced to model geographical locations where a certain Domain or Service are placed. The aim is to provide a simple way to express geographical information, and it is not intended to be used in complex geographical information systems. Due to different requirements, the granularity is not strictly defined and is left to the information producers depending on their needs. Hence the extent of a geographical location can vary from an exact position to a region spanning several different countries, not necessarily adjacent. The accuracy of the latitude and longitude attributes should be defined in an interoperability profile defined by projects adopting this specification.
Entity
Inherits from
Description
Location
Entity
A geographical region where the granularity MAY vary from an exact position to a region spanning several different countries, not necessarily adjacent.
Inherited Attribute
Type
Mult.
Unit
Description
CreationTime
DateTime_t
0..1
Timestamp describing when the entity instance was generated
Validity
UInt64
0..1
s
The duration after CreationTime that the information presented in the Entity SHOULD be considered relevant. After that period has elapsed,
the information SHOULD NOT be considered relevant
ID [key]
URI
1
A global unique ID
Name
String
0..1
Human-readable name
OtherInfo
String
*
Placeholder to publish info that does not fit in any other attribute. Free-form string, comma-separated tags, (name, value ) pair are all examples of valid syntax
Attribute
Type
Mult.
Unit
Description
Address
String
0..1
Street address (free format).
Place
String
0..1
Name of town/city.
Country
String
0..1
Name of country.
PostCode
String
0..1
Postal code.
Latitude
Real32
0..1
degree
The position of a place north or south of the equator measured from -90° to +90° with positive values going north and negative values going south.
Longitude
Real32
0..1
degree
The position of a place east or west of the primary meridian (located in Greenwich, UK) measured from -180° to +180° with positive values going east and negative values going west (the value -180° is excluded from the range).
Association End
Mult.
Description
Service.ID
*
The location is related to zero or more services.
Domain.ID <<abstract>>
*
The location is related to zero or more domains.
Inherited Association End
Mult.
Description
Extension.Key
*
The entity MAY be associated to zero or more key-value pairs.
ComputingService.ID
*
The location is related to zero or more computing services.
CloudComputingService.ID
*
The location is related to zero or more cloud computing services
StorageService.ID
*
The location is related to zero or more storage services.
AdminDomain.ID
*
The location is related to zero or more admin domains.
UserDomain.ID
*
The location is related to zero or more user domains.
Contact
The Contact class is introduced to represent contact information for different groups or expert roles responsible for aspects of the operation of services and domains (e.g., user support, security or sysadmin). The various types of contact are identified by the Type attribute. In case of time-dependent contact information (e.g., due to work on shifts), the instances of this entity should represent only the currently active contact information.
The contact information SHOULD be encoded as a URI. There are several specifications recommending how to embed contacts into a URI. The following specifications SHOULD be used:
telephone and fax: http://www.ietf.org/rfc/rfc2806.txt
email: http://www.ietf.org/rfc/rfc2368.txt
irc: http://www.w3.org/Addressing/draft-mirashi-url-irc-01.txt
Entity
Inherits from
Description
Contact
Entity
Information enabling the establishment of communication with a person or group of persons related to a Domain.
Inherited Attribute
Type
Mult.
Unit
Description
CreationTime
DateTime_t
0..1
Timestamp describing when the entity instance was generated
Validity
UInt64
0..1
s
The duration after CreationTime that the information presented in the Entity SHOULD be considered relevant. After that period has elapsed,
the information SHOULD NOT be considered relevant
ID [key]
URI
1
A global unique ID
Name
String
0..1
Human-readable name
OtherInfo
String
*
Placeholder to publish info that does not fit in any other attribute. Free-form string, comma-separated tags, (name, value ) pair are all examples of valid syntax
Attribute
Type
Mult.
Unit
Description
Detail
URI
1
URI embedding the contact information. The syntax of the URI depends on the nature of the communication channel.
Type
ContactType_t
1
Type of contact.
Association End
Mult.
Description
Service.ID
*
The contact is related to zero or more services
Domain.ID <<abstract>>
*
The contact is related to zero or more domains
Inherited Association End
Mult.
Description
Extension.Key
*
The entity MAY be associated to zero or more key-value pairs
ComputingService.ID
*
The contact is related to zero or more computing services
CloudComputingService.ID
*
The contact is related to zero or more cloud computing services
StorageService.ID
*
The contact is related to zero or more storage services
AdminDomain.ID
*
The contact is related to zero or more admin domains
UserDomain.ID
*
The contact is related to zero or more user domains
Domain
The Domain class is introduced to model and identify groups of actors that MAY play roles in a Grid system. It is an abstract entity that MUST NOT be instantiated; it SHOULD be used in order to derive specialized entities.
Entity
Inherits from
Description
Domain
<<abstract>>
Entity
A collection of actors that MAY be assigned with roles and privileges associated with Entities via Policies. A Domain MAY have relationships to other domains.
Inherited Attribute
Type
Mult.
Unit
Description
CreationTime
DateTime_t
0..1
Timestamp describing when the entity instance was generated
Validity
UInt64
0..1
s
The duration after CreationTime that the information presented in the Entity SHOULD be considered relevant. After that period has elapsed,
the information SHOULD NOT be considered relevant
ID [key]
URI
1
A global unique ID
Name
String
0..1
Human-readable name
OtherInfo
String
*
Placeholder to publish info that does not fit in any other attribute. Free-form string, comma-separated tags, (name, value ) pair are all examples of valid syntax
Attribute
Type
Mult.
Unit
Description
Description
String
0..1
A description of the domain (free format).
WWW
URL
*
A URL identifying a web page with more information about the domain.
Association End
Mult.
Description
Contact.ID
*
A domain MAY be contacted via zero or more contacts.
Location.ID
0..1
A domain is primarily located at one location.
Association End
Mult.
Description
Extension.Key
*
The entity MAY be associated to zero or more key-value pairs.
AdminDomain
The AdminDomain class is introduced to model a collection of actors that manage a number of services. An AdminDomain MAY be associated to both Contact and Location class instances in order to provide contact information and geographical location respectively. An AdminDomain MAY be composed by other AdminDomains in a hierarchical structure. This structure MAY represent a “participates in” association.
Entity
Inherits from
Description
AdminDomain
Domain
A collection of actors that MAY be assigned administrative roles and privileges over services via policies. An AdminDomain manages services that MAY be geographically distributed, but nevertheless a primary location should be identified.
Inherited Attribute
Type
Mult.
Unit
Description
CreationTime
DateTime_t
0..1
Timestamp describing when the entity instance was generated
Validity
UInt64
0..1
s
The duration after CreationTime that the information presented in the Entity SHOULD be considered relevant. After that period has elapsed,
the information SHOULD NOT be considered relevant
ID [key]
URI
1
A global unique ID
Name
String
0..1
Human-readable name
OtherInfo
String
*
Placeholder to publish info that does not fit in any other attribute. Free-form string, comma-separated tags, (name, value ) pair are all examples of valid syntax
Description
String
0..1
A description of the domain
WWW
URI
*
The URL identifying a web page with more information about the domain
Attribute
Type
Mult.
Unit
Description
Distributed
ExtendedBoolean_t
0..1
True if the services managed by the AdminDomain are considered geographically distributed by the administrators themselves.
Owner
String
*
Identification of a person or legal entity which pays for the services and resources (no particular format is defined).
Association End
Mult.
Description
Service.ID
*
An AdminDomain manages zero or more Services.
AdminDomain.ID
*
An AdminDomain aggregates zero or more AdminDomains.
AdminDomain.ID
0..1
An AdminDomain participates in another AdminDomain.
Inherited Association End
Mult.
Description
Extension.Key
*
The entity MAY be extended via key-value pairs.
ComputingService.ID
*
An AdminDomain manages zero or more Computing Services.
CloudComputingService.ID
*
An AdminDomain manages zero or more Cloud Computing Services
StorageService.ID
*
An AdminDomain manages zero or more Storage Services.
Contact.ID
*
A domain MAY be contacted via zero or more contacts.
Location.ID
0..1
A domain is primary located at one location.
UserDomain
The UserDomain class SHOULD be used to capture the concept of a Virtual Organization (VO). By VO, we mean a set of individuals and/or institutions having direct access to computers, software, data, and other resources for collaborative problem-solving or other purposes. Resources utilized by a VO are expected to be accessible via network endpoints and constrained by defined utilization targets called shares. The VO MAY exhibit its internal structure in terms of groups of individuals, each of them constituting a UserDomain. UserDomains MAY be hierarchically structured. The “participates in” association MAY represent this structure.
Entity
Inherits from
Description
UserDomain
Domain
A collection of actors that MAY be assigned with user roles and privileges to services or shares via policies.
Inherited Attribute
Type
Mult.
Unit
Description
CreationTime
DateTime_t
0..1
Timestamp describing when the entity instance was generated
Validity
UInt64
0..1
s
The duration after CreationTime that the information presented in the Entity SHOULD be considered relevant. After that period has elapsed,
the information SHOULD NOT be considered relevant
ID [key]
URI
1
A global unique ID
Name
String
0..1
Human-readable name
OtherInfo
String
*
Placeholder to publish info that does not fit in any other attribute. Free-form string, comma-separated tags, (name, value ) pair are all examples of valid syntax
Description
String
0..1
A description of the domain
WWW
URI
*
The URL identifying a web page with more information about the domain
Attribute
Type
Mult.
Unit
Description
Level
UInt32
0..1
The number of hops to reach the root for hierarchically organized domains described by the “composed by” association (0 is for the root).
UserManager
URI
*
An Endpoint ID for the endpoint of a service managing the association of users with the domain, and related attributes such as groups or roles.
Member
String
*
An identifier for a user in this user domain.
Association End
Mult.
Description
Policy.ID <<abstract>>
*
A User Domain has associated zero or more policies.
UserDomain.ID
*
A User Domain aggregates zero or more User Domains.
UserDomain.ID
0..1
A User Domain participates in another User Domain.
Inherited Association End
Mult.
Description
Extension.Key
*
The entity MAY be extended via key-value pairs.
Contact.ID
*
The domain MAY be contacted via zero or more contacts.
Location.ID
0..1
A domain is primary located at one location.
AccessPolicy.ID
*
A User Domain has associated zero or more access policies.
MappingPolicy.ID
*
A User Domain has associated zero or more mapping policies.
As regards the UserManager attribute, it is RECOMMENDED that its value is an Endpoint ID enabling discovery of the related Service class instance and associated attributes. An example of a User Manager would be an endpoint for a VOMS (Virtual Organization Membership Service, http://en.wikipedia.org/wiki/VOMS) server.
Service
One of the main goals of the GLUE information model is to enable the discovery of the Grid capabilities available in a certain infrastructure. Based on the use cases and modeling experience, a number of concepts were identified as general building blocks: Endpoint, Share, Manager, Resource. The Service class enables the unique identification of instances of these concepts participating in the provision of some unified capability. The Service class SHOULD be also used to characterize this overall capability.
Entity
Inherits from
Description
Service
Entity
An abstracted, logical view of actual software components that participate in the creation of an entity providing one or more functionalities useful in a Grid environment. A service exposes zero or more Endpoints having well-defined interfaces, zero or more Shares and zero or more Managers and the related Resources. The Service is autonomous and denotes a weak aggregation among Endpoints, the underlying Managers and the related Resources, and the defined Shares. The Service enables the identification of this whole set of entities providing the functionality with a persistent name.
Inherited Attribute
Type
Mult.
Unit
Description
CreationTime
DateTime_t
0..1
Timestamp describing when the entity instance was generated
Validity
UInt64
0..1
s
The duration after CreationTime that the information presented in the Entity SHOULD be considered relevant. After that period has elapsed,
the information SHOULD NOT be considered relevant
ID [key]
URI
1
A global unique ID
Name
String
0..1
Human-readable name
OtherInfo
String
*
Placeholder to publish info that does not fit in any other attribute. Free-form string, comma-separated tags, (name, value ) pair are all examples of valid syntax
Attribute
Type
Mult.
Unit
Description
Capability
Capability_t
*
The provided capabilities according to the Open Grid Service Architecture (OGSA) architecture [OGF-GFD80] (this is the union of all values assigned to the Capability attribute of the Endpoints which form part of this service).
Type
ServiceType_t
1
The type of service according to a namespace-based classification (the namespace MAY be related to a middleware name, an organization or other concepts; org.ogf.glue.* is reserved for Types defined by the OGF GLUE Working Group).
QualityLevel
QualityLevel_t
1
The maturity of the Service in terms of the quality of the underlying software components; the value corresponds to the highest QualityLevel among the available Endpoints.
StatusInfo
URL
*
A URL specifying a web page providing additional information, for example monitoring of the underlying services.
Complexity
String
0..1
A human-readable summary description of the complexity in terms of the number of endpoint types, shares and resources. The syntax should be: endpointType=X, share=Y, resource=Z.
Association End
Mult.
Description
Endpoint.ID
*
A service exposes zero or more endpoints.
Share.ID <<abstract>>
*
A service offers zero or more shares.
Manager.ID <<abstract>>
*
A service offers zero or more managers.
Contact.ID
*
A service has zero or more contacts.
Location.ID
0..1
A service is primary located at a location.
Service.ID
*
A service is related to zero or more services.
Inherited Association End
Mult.
Description
Extension.Key
*
The entity MAY be extended via key-value pairs.
A simple Service aggregates an Endpoint, no Share, no Manager and no Resource (e.g., a metadata catalogue service). In the context of a Service class, the same Resource MAY be exposed via multiple Endpoints based on the defined Shares. For instance, in the area of storage systems, two Endpoints implementing SRMv1 [SRMV1] and SRMv2.2 [SRMV2] interfaces respectively MAY expose the same Resource via different Endpoints offering different interface versions; in the area of computing systems, the CREAM [cream] and GRAM [GRAM] Endpoints MAY expose the Resources locally managed by the same Manager (typically a batch system). Endpoints, Shares, Managers and Resources MUST belong to precisely one Service.
Endpoint
The Endpoint class models a network location that can be contacted to access certain functionalities based on a well-defined interface. The defined attributes refer to aspects such as the network location, the exposed interface name and version, the details of the implementation, the functional state and the scheduled downtime.
Entity
Inherits from
Description
Endpoint
Entity
A network location having a well-defined interface and exposing specific service functionalities.
Inherited Attribute
Type
Mult.
Unit
Description
CreationTime
DateTime_t
0..1
Timestamp describing when the entity instance was generated
Validity
UInt64
0..1
s
The duration after CreationTime that the information presented in the Entity SHOULD be considered relevant. After that period has elapsed,
the information SHOULD NOT be considered relevant
ID [key]
URI
1
A global unique ID
Name
String
0..1
Human-readable name
OtherInfo
String
*
Placeholder to publish info that does not fit in any other attribute. Free-form string, comma-separated tags, (name, value ) pair are all examples of valid syntax
Attribute
Type
Mult.
Unit
URL
URL
1
Network location of an endpoint,which enables a specific component of the Service to be contacted.
Capability
Capability_t
*
The provided capability according to the OGSA architecture classification.
Technology
EndpointTechnology_t
0..1
The technology used to implement the endpoint interface.
InterfaceName
InterfaceName_t
1
The identification name of the primary protocol supported by the endpoint interface.
InterfaceVersion
String
0..*
The version of the primary interface protocol (free format).
InterfaceExtension
URI
*
The identification of an extension to the interface protocol supported by the Endpoint.
WSDL
URL
*
The URL of a WSDL document describing the offered interface (this applies only to Web Services endpoints).
SupportedProfile
URI
*
A URI identifying a supported profile for the Endpoint interface.
Semantics
URL
*
The URl of a document providing a human-readable description of the semantics of the Endpoint functionalities (e.g. a software manual).
Implementor
String
0..1
The name of the main organization implementing this software component (free format, but the chosen names SHOULD be clearly identifiable with the organisation).
ImplementationName
String
0..1
The name of the implementation (as defined by the Implementor).
ImplementationVersion
String
0..1
The version of the implementation (the syntax is defined by the Implementor, but MAY be: major.minor.patch).
QualityLevel
QualityLevel_t
1
The maturity of the endpoint in terms of the quality of the software components which implement it.
HealthState
EndpointHealthState_t
1
A state representing the current health of the Endpoint in terms of its ability to properly deliver the expected functionality.
HealthStateInfo
String
0..1
A human-readable explanation of the HealthState of the Endpoint (free format).
ServingState
ServingState_t
1
A state specifying whether the Endpoint is currently accepting new requests, and whether it is currently servicing requests which have already been accepted.
StartTime
DateTime_t
0..1
The timestamp of the start time of the service underlying the Endpoint.
Authentication
EndpointAuthentication_t
0..1
Name of the authentication method supported by the endpoint.
IssuerCA
DN_t
0..1
The Distinguished Name of the Certification Authority issuing the host/service certificate presented by the Endpoint.
TrustedCA
DN_t
*
The Distinguished Name of a trusted Certification Authority (CA); i.e., certificates issued by the CA are accepted by the authentication process. Alternatively this may identify a standard bundle of accepted CAs, e.g. those accredited by the IGTF. Note that this does not imply that such certificates will be authorized to use the Endpoint.
DowntimeAnnounce
DateTime_t
0..1
The timestamp for an announcement of the next scheduled downtime.
DowntimfeStart
DateTime_t
0..1
A timestamp describing when the next downtime is scheduled to start.
DowntimeEnd
DateTime_t
0..1
A timestamp describing when the next downtime is scheduled to end.
DowntimeInfo
String
0..1
A human-readable description of the next scheduled downtime (free format).
Association End
Mult.
Description
Service.ID
1
An endpoint is part of a Service.
Share.ID <<abstract>>
*
An endpoint MAY pass activities to zero or more Shares.
AccessPolicy.ID
*
An endpoint has associated zero or more AccessPolicies.
Activity.ID
*
An endpoint has accepted and is managing zero or more Activities.
Inherited Association End
Mult.
Description
Extension.Key
*
The entity MAY be extended via key-value pairs.
For Grid services requiring a richer set of attributes for the Endpoint, specific models MAY be derived by specializing from the Endpoint class and adding new properties or relationships. The current proposal contains the ComputingEndpoint specialization (see Section 8.2) and the StorageEndpoint specialization (see Section 9.4).
The network location of an endpoint MUST be encoded in a URI. When available, standard schemes for the encoding SHOULD be used (e.g., as used for the Java Messaging Service http://www.ietf.org/internet-drafts/draft-merrick-jms-uri-03.txt).
Concerning the SupportedProfile attribute, if there is no recommended URI for the identification of a certain profile, then the following options SHALL be considered: (1) use the main URL of the document specifying the profile, or (2) use the target namespace URI (in case of an XML Schema representation of the profile).
Share
The Share class is an abstract entity that MUST NOT be instantiated; it SHOULD be used in order to derive specialized entities. At this level, it is introduced to capture the concept of a utilization target, that is a constrained usage of service functionalities or resources that MAY be created based on aspects such as identify or UserDomain membership, usage information or resource characteristics.
Entity
Inherits from
Description
Share
<<abstract>>
Entity
A utilization target for a set of Resources managed by a local Manager and offered via related Endpoints. The share is defined by configuration parameters and characterized by status information.
Inherited Attribute
Type
Mult.
Unit
Description
CreationTime
DateTime_t
0..1
Timestamp describing when the entity instance was generated
Validity
UInt64
0..1
s
The duration after CreationTime that the information presented in the Entity SHOULD be considered relevant. After that period has elapsed,
the information SHOULD NOT be considered relevant
ID [key]
URI
1
A global unique ID
Name
String
0..1
Human-readable name
OtherInfo
String
*
Placeholder to publish info that does not fit in any other attribute. Free-form string, comma-separated tags, (name, value ) pair are all examples of valid syntax
Attribute
Type
Mult.
Unit
Description
Description
String
0..1
A human-readable description of this share (free format).
Association End
Mult.
Description
Endpoint.ID
*
A share is consumed via one or more endpoints.
Resource.ID <<abstract>>
*
A share is defined on one or more resources.
Service.ID
1
A share participates in a service.
Activity.ID
*
A share is consumed by zero or more activities.
MappingPolicy.ID
*
A share has zero or more mapping policies.
Inherited Association End
Mult.
Description
Extension.Key
*
The entity MAY be extended via key-value pairs.
Manager
The Manager class is an abstract entity that MUST NOT be instantiated; it SHOULD be used in order to derive specialized entities. At this level, it is introduced to capture the characteristics of a local software layer (not directly exposed via an Endpoint) which has control of the underlying resources. The functionalities of a manager layer that need to be accessible by remote users are typically abstracted by a middleware component via a standard interface, and are modeled by the concept of Endpoint. Examples of managers are: for computing resources, batch systems such as OpenPBS or LSF; for storage resources, GPFS or HPSS.
Entity
Inherits from
Description
Manager
<<abstract>>
Entity
A software component locally managing one or more resources. It MAY also describe aggregated information about the managed resources.
Inherited Attribute
Type
Mult.
Unit
Description
CreationTime
DateTime_t
0..1
Timestamp describing when the entity instance was generated
Validity
UInt64
0..1
s
The duration after CreationTime that the information presented in the Entity SHOULD be considered relevant. After that period has elapsed,
the information SHOULD NOT be considered relevant
ID [key]
URI
1
A global unique ID
Name
String
0..1
Human-readable name
OtherInfo
String
*
Placeholder to publish info that does not fit in any other attribute. Free-form string, comma-separated tags, (name, value ) pair are all examples of valid syntax
Attribute
Type
Mult.
Unit
ProductName
String
1
The name of the software product which implements the Manager functionality. The attribute is free format, but SHOULD correspond to the standard name by which the product is generally known.
ProductVersion
String
0..1
The version of the software product which implements the Manager functionality. The attribute is free format, but SHOULD correspond to the primary version as defined by the software provider.
Association End
Mult.
Description
Service.ID
1
A manager participates in a service.
Resource.ID <<abstract>>
1..*
A manager manages zero or more resources.
Inherited Association End
Mult.
Description
Extension.Key
*
The entity MAY be extended via key-value pairs.
Resource
The Resource class is an abstract entity that MUST NOT be instantiated; it SHOULD be used in order to derive specialized entities. It is introduced to identify and model hardware entities providing capabilities which are exposed via Endpoints. Examples are execution environments for computational activities or data stores for data.
Entity
Inherits from
Description
Resource
<<abstract>>
Entity
An entity providing a capability or capacity, managed by a local software component (Manager), part of a logical Service, reachable via one or more Endpoints and having one or more Shares defined on it. A Resource MAY refer to a specified category of hardware, with summary information on the available resources in that category.
Inherited Attribute
Type
Mult.
Unit
Description
CreationTime
DateTime_t
0..1
Timestamp describing when the entity instance was generated
Validity
UInt64
0..1
s
The duration after CreationTime that the information presented in the Entity SHOULD be considered relevant. After that period has elapsed,
the information SHOULD NOT be considered relevant
ID [key]
URI
1
A global unique ID
Name
String
0..1
Human-readable name
OtherInfo
String
*
Placeholder to publish info that does not fit in any other attribute. Free-form string, comma-separated tags, (name, value ) pair are all examples of valid syntax
Attribute
Type
Mult.
Unit
Description
No extra properties are defined in the specialized entity
Association End
Mult.
Description
Manager.ID <<abstract>>
1
A resource is managed by a manager.
Share.ID <<abstract>>
*
A resource provides capacity in terms of shares.
Activity.ID
*
A resource runs zero or more activities.
Inherited Association End
Mult.
Description
Extension.Key
*
The entity MAY be extended via key-value pairs.
Activity
The Activity class models units of work which are submitted to Services via Endpoints. Grid jobs, i.e. Computing Activities in GLUE, are example of Activities for a Computing Service. An interesting type of relationship for jobs derives from their propagation through several Services. For instance, a broker Service submits a Grid job to a selected execution Service; upon completion the execution Service submits a logging record to an accounting Service. Each of these Services may have associated an instance of a Grid Activity related to the lifecycle of the job within the service. All instances refer to the same conceptual job submitted by the user.
Entity
Inherits from
Description
Activity
Entity
An Activity is a unit of work managed by a Service and submitted via an Endpoint; when accepted by the Endpoint, than it MAY be mapped to a Share and MAY be executed by a local Manager via one or more Resources. An Activity MAY have relationships to other Activities being managed by different Services, in which case it shares a common context.
Inherited Attribute
Type
Mult.
Unit
Description
CreationTime
DateTime_t
0..1
Timestamp describing when the entity instance was generated
Validity
UInt64
0..1
s
The duration after CreationTime that the information presented in the Entity SHOULD be considered relevant. After that period has elapsed,
the information SHOULD NOT be considered relevant
ID [key]
URI
1
A global unique ID
Name
String
0..1
Human-readable name
OtherInfo
String
*
Placeholder to publish info that does not fit in any other attribute. Free-form string, comma-separated tags, (name, value ) pair are all examples of valid syntax
Attribute
Type
Mult.
Unit
Description
No extra properties are defined in the specialized entity
Association End
Mult.
Description
UserDomain.ID
0..1
An activity is managed by a user domain.
Endpoint.ID
0..1
An activity is submitted to an endpoint.
Share.ID <<abstract>>
0..1
An activity is mapped into a share.
Resource.ID <<abstract>>
0..1
An activity is executed in a resource.
Activity.ID
*
An activity is related to zero or more activities.
Inherited Association End
Mult.
Description
Extension.Key
*
The entity MAY be extended via key-value pairs.
Policy
The Policy class is an abstract entity that MUST NOT be instantiated; it SHOULD be used in order to derive specialized entities. This class is introduced to model statements, rules or assertions that define the correct or expected behavior of entities. Two specializations are introduced: AccessPolicy related to Endpoints and MappingPolicy related to Shares.
For a given entity to which policies are associated (i.e., Endpoint and AccessPolicy, Share and MappingPolicy), several instances of the Policy class MAY be defined. This is allowed in order to enable the advertisement of policies using different schemes. We RECOMMEND that only one instance per policy scheme is associated to the same entity instance. The evaluation algorithm for the rules SHOULD be defined by the policy scheme.
If an entity instance is associated to different Policy instances, each of them based on a different scheme, then the evaluation process SHOULD consider each set of policies independently. This means that the evaluation SHOULD rely on a certain policy scheme which is selected and understood by the consumer, and not by composing policies expressed using different schemes.
In this document, we provide the definition for a “basic” scheme (see Appendix B.37). Such a scheme is designed to be simple and is inspired by real world scenarios in current production Grid systems. The Rule attribute implicitly contains a reference to the associated User Domains; therefore, in the concrete data model mapping, we RECOMMEND to not represent the association between User Domain and Access Policy or Mapping Policy explicitly since it is already captured by the Rule.
More complex schemes MAY be defined in profile documents describing the usage of the schema in particular Grid infrastructures.
The published Policies do not represent a contract, and hence the associated Service is not bound to honour the decisions implied by the published rules. In addition the published rules may be expressed at a coarse granularity, which may be modified internally by more finely-grained rules which are not published. However, the published rules SHOULD match the decisions which will be made in practice in a substantial majority of cases.
Entity
Inherits from
Description
Policy
<<abstract>>
Entity
Statements, rules or assertions that specify the correct or expected behavior of an entity.
Inherited Attribute
Type
Mult.
Unit
Description
CreationTime
DateTime_t
0..1
Timestamp describing when the entity instance was generated
Validity
UInt64
0..1
s
The duration after CreationTime that the information presented in the Entity SHOULD be considered relevant. After that period has elapsed, the information SHOULD NOT be considered relevant
ID [key]
URI
1
A global unique ID
Name
String
0..1
Human-readable name
OtherInfo
String
*
Placeholder to publish info that does not fit in any other attribute. Free-form string, comma-separated tags, (name, value ) pair are all examples of valid syntax
Attribute
Type
Mult.
Unit
Description
Scheme
PolicyScheme_t
1
The scheme used to define the syntax and semantics of the policy Rules.
Rule
String
1..*
A policy rule (for the basic policy scheme, the syntax is provided in the Appendix).
Association End
Mult.
Description
UserDomain.ID
1..*
A policy is related to a user domain.
Inherited Association End
Mult.
Description
Extension.Key
*
The entity MAY be extended via key-value pairs.
AccessPolicy
The AccessPolicy class is a specialization of the Policy class. This entity MAY be used to express authorization rules, e.g. which UserDomains MAY access a certain service Endpoint. The granularity of these policies SHOULD be coarse-grained and suitable for pre-selection of services. The actual decision on the service side is performed by an authorization component that MAY contain a finer-grained set of policy rules that in some case MAY contradict the published coarse-grained policy rules. The default policy is assumed to be to deny access, hence Endpoints for which there are no matching Rules SHOULD NOT be selected for possible use.
Examples of actors involved in this entity are UserDomains representing VOs or groups.
Entity
Inherits from
Description
AccessPolicy
Policy
Statements, rules or assertions that provide coarse-granularity information about the authorization of access by groups of actors to an Endpoint.
Inherited Attribute
Type
Mult
Unit
Description
CreationTime
DateTime_t
0..1
Timestamp describing when the entity instance was generated
Validity
UInt64
0..1
s
The duration after CreationTime that the information presented in the Entity SHOULD be considered relevant. After that period has elapsed, the information SHOULD NOT be considered relevant
ID [key]
URI
1
A global unique ID
Name
String
0..1
Human-readable name
OtherInfo
String
*
Placeholder to publish info that does not fit in any other attribute. Free-form string, comma-separated tags, (name, value ) pair are all examples of valid syntax
Scheme
PolicyScheme_t
1
Scheme adopted to define the policy rules
Rule
PolicyRule_t
1..*
A policy rule (for the basic policy scheme, syntax is provide in the Appendix)
Attribute
Type
Mult.
Unit
Description
No extra properties are defined in the specialized entity.
Association End
Mult.
Description
Endpoint.ID
1
An access policy is related to an endpoint.
Inherited Association End
Mult.
Description
Extension.Key
*
The entity MAY be extended via key-value pairs.
UserDomain.ID
1..*
An access policy is related to a user domain.
MappingPolicy
The MappingPolicy class is a specialization of the Policy class. This entity MAY be used to express which UserDomains MAY consume a certain share of resources. The granularity of these policies SHOULD be coarse-grained and suitable for pre-selection of services. The actual decision on the service side is performed by an authorization component that MAY contain a finer-grained set of policy rules that in some case MAY contradict the published coarse-grained policy rules.
Conceptually, the union of all the MappingPolicy rules should match the corresponding AccessPolicy rules, i.e. any authorised UserDomain will be mapped to at least one Share. However, publication of Shares is OPTIONAL, and hence there MAY be no Share with a matching MappingPolicy rule. In this case a consumer SHOULD NOT make any assumption about the properties of the Share to which it will be mapped. Conversely, the published MappingPolicy rules MAY not have a corresponding AccessPolicy, in which case the implication is that there is some unpublished access method enabling access to the associated Share.
When evaluating the mapping to a certain Share using the algorithm implied by the policy scheme, if multiple solutions are available then the consumer SHOULD NOT make any assumption about which Share will be assigned to its Activity, and if it requires a specific Share it SHOULD request that Share explicitly.
Entity
Inherits from
Description
MappingPolicy
Policy
Statements, rules or assertions that provide coarse-granularity information about the mapping of User Domain requests to a Share.
Inherited Attribute
Type
Mult
Unit
Description
CreationTime
DateTime_t
0..1
Timestamp describing when the entity instance was generated
Validity
UInt64
0..1
s
The duration after CreationTime that the information presented in the Entity SHOULD be considered relevant. After that period has elapsed, the information SHOULD NOT be considered relevant
ID [key]
URI
1
A global unique ID
Name
String
0..1
Human-readable name
OtherInfo
String
*
Placeholder to publish info that does not fit in any other attribute. Free-form string, comma-separated tags, (name, value ) pair are all examples of valid syntax
Scheme
PolicyScheme_t
1
Scheme adopted to define the policy rules
Rule
PolicyRule_t
1..*
A policy rule (for the basic policy scheme, syntax is provide in the Appendix)
Attribute
Type
Mult.
Unit
Description
No extra properties are defined in the specialized entity.
Association End
Mult.
Description
Share.ID <<abstract>>
1
A mapping policy is related to a share.
Inherited Association End
Mult.
Description
Extension.Key
*
The entity MAY be extended via key-value pairs.
UserDomain.ID
1..*
An access policy is related to a user domain.
Last updated
Was this helpful?