Dynamic Virtual Organizations: Still a Chimera

1
Dynamic Virtual Organizations Still a Chimera?

• Pablo GiambiagiSecurity, Policies and Trust Lab
  (SPOT)
• SICS

2
Agenda

• What is a Virtual Organization?
• Why VOs?
• The challenges of dynamic VOs
• Risk Management
• TrustCoM Framework and Architecture
• Discussion

3
Virtual Organizations

• A temporary or permanent coalition of autonomous
  organizations that pool resources, capabilities
  and information to achieve common business
  objectives.

• Characteristics
• ad-hoc partnerships
• (ideally) highly dynamic
• based on process integration
• use IT as a means for coordination

4
What a VO is good for

• optimize use of opportunities which derive from
  market and/or resources
• reduce transaction costs
• collectively offer services to customers that
  could not be provided by the individual
  enterprises.

5
How Dynamic can a VO be?

• Current VOs are rather static
• Dynamic VOs are hard to manage and have high risk
  profiles
• IT, by itself, is no silver bullet
• It is not enough to synchronize business
  processes
• Keys
• self-management, to cope with complexity
• risk management, so that the benefits can
  overcome the risks

6
Risk Management

• Risk attenuators
• Trust
• Trust substitutes
• SLA contracts and monitoring
• Authorization policies
• Accountability
• Reputation

Goal strike a balance between trust and its
substitutes
7
TrustCoM
6 industrialpartners

• 6th Framework EU project
• Networked Business and Government
• Feb 2004 May 2007

10 research and academic partners
www.eu-trustcom.com
8
TrustCoM Framework

• A framework for trust within a service oriented
  architecture
• Encapsulates trust, security and contract
  components
• Separates self-management from the
  application-level
• Permits independent risk analysis

9
Virtualized Web services
10
The VO Lifecycle
Enterprise Network (EN)
EN Creation
11
The VO Lifecycle
A
A
medium
low
QoSA?
SLAA
A
Yes. Cost
QoSA?
Reputation?
high
Yes. Cost
Business Process BP Roles A,B Requires QoSA,
QoSB, SecA, SecB
Role A?
VO Initiator
EN Creation
Identification
Formation
12
The VO Lifecycle
A
SLAA
VO
SLAB
Business Process BP Roles A,B Requires QoSA,
QoSB, SecA, SecB
Role B?
VO Initiator
EN Creation
Identification
Formation
Operation
13
The VO Lifecycle
A
SLAA
SLA Violation
VO
SLAB
Role A?
VO Initiator
EN Creation
Identification
Formation
Operation
Evolution
14
The VO Lifecycle
A
VO
SLAA
SLAB
VO Initiator
EN Creation
Identification
Formation
Operation
Evolution
15
The VO Lifecycle
A
VO
SLAA
SLAB
VO Initiator
EN Creation
Identification
Formation
Operation
Evolution
Dissolution
16
The TrustCoM Architecture
17
Status

• First implementation of main services in each
  subsystem (Infrastructure, Policy, SLA, Trust, VO
  and Business Process Management)
• WS- interop profiles for the TrustCoM Framework
  (XACML, SAML, WSLA, WS-CDL)
• Test-bed scenarios (Collaborative Engineering)

18
Conclusions

• Risk and self-management are the key enabling
  factors for Dynamic VOs
• Self-management is achieved using automatic
  monitoring and reconfiguration policies.
• Risk is reduced using trust and trust substitutes
  (e.g. contracts, security policies and reputation
  measures).
• TrustCoM is putting these ideas into practice.

19
Thank you!
For more information, check poster 31
Pablo GiambiagiSecurity, Policies and Trust Lab
(SPOT) SICS