The following is a functional decomposition of the components which make up this subsystem.The content and structure of this page are described on the Release Construction Plan Overview page.
|WBS #|| Subsystem Name
|| Start Date
|| End Date
|184.108.40.206||Common Operating Infrastructure|| 9/1/09
|220.127.116.11.2||Common Operating Infrastructure - Release 2|| 5/2/11
The Common Operating Infrastructure subsystem is a task and product account responsible for providing the services and distributed infrastructure to build a secure, scalable, fault-tolerant federated system of independently operated observatory components.
The focus of COI-R2 is to extend and utilize the COI-R1 functionality by delivering the following services:
- Federated Facility Services—provides management and governance services for a collection of resources on behalf of a group or individual. It represents the domain of authority for the set of resources managed by the facility. The governance services provide for the following set of collaboration agreements: membership, partnership, federation, and delegation. Delegation, for example, is used to give a marine observatory the rights to operate/manage a research team’s instrument on their behalf.
- Capability Container & Distributed Service Infrastructure — provides the distributed service infrastructure for the secure, scalable, and fault-tolerant operation and federation of the Facilities (operational domains of authority) that comprise the deployed system of systems: Presentation Framework - the web services and browser presentation containers as well as the web user interface “portlet” building blocks; Governance Framework - identity and policy management to govern the use of resources by participants through policy enforcement and decision services; Service Framework - provisioning, federating, delegating, and binding service interactions between resources; Resource Framework - provisioning, managing, and tracking the use of resources; Distributed State Management - managing active and persisted distributed state; Federated Message Exchange - messaging, bulk data transfer, guaranteed data transfer, and provisioning streaming media channels.
- Resource Lifecycle Services—resource management services to transition a resource from cradle to grave.
This release for this subsystem is composed of the following subsystem service groups:
|WBS #|| Service Group
|18.104.22.168.2.21||Identity & Policy Management (Part 2)|
|22.214.171.124.2.22||Federated Facility and Governance (Part 1)|
|126.96.36.199.2.23||Capability Container & Distributed Service Infrastructure (Part 2)|
|188.8.131.52.2.24||Resource Lifecycle Management|
184.108.40.206.2.21 - Identity & Policy Management (Part 2)
Services that provision and securely manage information about participants used in the governance (i.e. authentication, authorization) of their activities across the network. The services ensure that personal information is owned and its exposure to other participants is controlled by the participant.
|CIlogon integration||Integrate with CIlogon for web user authentication.|
|OOI policy specification standard||Define an OOI standard policy language for policy specifications. Need to be able to capture domain attributes, governance attributes. Extensible. Support multiple policy sets, relate multiple policy sets. Express policies about policies. Policies relying on contextual attributes. Independent of representation format and location.||X|| X
|Actor identification||Capability to provide identities to and identify a resource or an acting process in the system.|| X
|Secure messaging||Decorate messages on send with requester identity and attributes. Verify identity on receiver side. Supports multiple domains of authority. Part of the capability container infrastructure.|
|Policy management and enforcement|| Definition of policy for resource and service access, in the context of
Orgs. Policy includes access control but also general rules on interactions in the system. Policy also defines resolution actions in case of violated policy. Provides capabilities to store and retrieve policy and templates for policy definitions, aka attribute authority. The capability container applies policy and determine access to resources and services. Use of role-based access control. Queries attribute authority (policy repository). Realizes policy enforcement and decision points.
|User profile management||Capability to manage user profiles and multiple identities associated with one ION user id.||X|| X
| CIAD COI OV User Interfaces
|Auditing support||Trace all access to resources and services and other important actions in the system with references to the acting identity. Configurable. Publish auditing information using the messaging service. Configuration of a repository to store and retrieve audit traces and other auditing information. User interface to configure auditing; access audit information||X|
|UC.R2.42 Define Resource Policy||Operator defines policy for a specific resource, system enforces it|| X
A detailed explanation for the meaning of the LCO, LCA and IOC milestone deliverables which are checked in the tables below can be found on the Release Construction Plan Overview#Deliverables page.
220.127.116.11.2.22 - Federated Facility and Governance (Part 1)
Provides the management and governance services for a collection of resources on behalf of a group or individual. The Federated Facility represents the domain of authority for the set of resources managed by the facility. The governance services provide for the following set of collaboration agreements: membership, partnership, federation, and delegation. Delegation, for example, is used to give a marine observatory the rights to operate/manage a research team’s instrument on their behalf.
|OOI contract and commitment model||Defines the OOI standard electronic contract and commitment electronic representation. This is the basis for reasoning about contracts and policy in the system. Contracts are aggregates of commitments and frame new commitments.||X||X||X|
|Electronic contract and commitment representation||Implementation of manipulation capabilities for electronic representations of contracts and commitments.||X||X||X|
|Federated facility management||Services to define and administer a facility (synonymous Org, community), to enroll/remove members and to provide access to the resources of an Org to enrolled or affiliated entities (identities). Contains contract and commitment repository||X||X||X|
|Facility affiliation||Capability to affiliate a facility with another facility for purposes of member cross-access and resource sharing. Affiliation can be as peer or as subordinate.||X||X||X|
|Conversation framework||Store and retrieve types of conversations (interaction patterns) and track instances of conversations. Identifies the roles of conversations and tracks their binding to executing entities in the system. Conversation types are specified with governance annotations||X||X||X|
|[Governance agent ]||Implementation of an agent as capability container process providing governance related capabilities: Enrollment with a facility, negotiation with other entities, projection of policy for access control. Contains local commitment and policy knowledge base. Integrates with the capability container through PEP and PDP.||X||X||X|
|Resource agent||Implementation as a specialization of a capability container process with the purpose to front and represent attributes and state of a resource and to enables to control the resource.||X||X||X|
| CIAD COI OV User Interfaces
|UC.R2.30 Define Interaction||Describe pattern of interaction between actors||X||X||X|
|UC.R2.32 Conduct Negotiation||Negotiate agreement (or not) between agents|| X
|UC.R2.33 Enroll in an Org||Enter as a member into an Organization (Org)||X||X||X|
|UC.R2.34 Share an Org Resource||Collaborate with Org member offering a resource|| X
|UC.R2.35 Share Affiliated Orgs' Resources-Deprecated||Orgs form a contract to allow resource sharing||X|
|UC.R2.36 Create an Org||Create an Organization (Org) with defined characteristics||X||X||X|
|UC.R2.37 Control Service Interactions||System monitors, logs, and validates service-to-service interactions||X|
|UC.R2.39 Manage ION Users||Establish ION-wide policies and capabilities to manage users.|| X
|UC.R2.40 Monitor ION Resources||View status of any ION resource and accesses to it.||X||X||X|
18.104.22.168.2.24 - Resource Lifecycle Management
Capabilities for managing the lifecycle of resources registered in the system from cradle to grave, specific by resource type under the application of policy.
|Resource metadata management||Services to continuously maintain and update metadata for resources throughout the cradle to grave lifecycle.||X||X||X|
|Resource life-cycle model||Define a resource life-cycle model generic for all OOI resources|
|Resource life-cycle definition||Track resource life-cycle state for all OOI resources|
|Resource life-cycle policy||Enforce policy when resource life-cycle changes occur. Support the definition of policy related to resource life-cycle|
|New resource application||Services that manage the application of a resource to join the OOI network, and the response to that request after testing the interface for compliance with marine operator specifications.||X||X|
|New resource identity management||Services to verify the identity and authenticate/authorize a resource for operation on the OOI network using the IdM services||X||X||X|
|New resource verification||Services to support the calibration and testing of resources installed on the OOI network.||X||X|
|New resource deployment||Services to support the deployment, transition to an operational state, commissioning, recovery and decommissioning of a resource on the OOI network. Includes the requirement to capture ancillary metadata such as ship logs or video from the deployment and recovery steps.||X||X||X|
|Resource operation support||Services to support the normal operation of resources on the OOI network, including maintenance and upgrading.||X||X||X|
|Resource tracking support||Services to support the tracking of resource status, including location and repair state, from acquisition to disposal.||X||X|
| CIAD CEI OV User Interfaces
|UC.R2.38 Define and Use Resource Life Cycle||Describe obligatory state model for given resource type.||X|| X