© 2010 CMU-ISR 2Objectives an integrated system integrating systems that have these services... © 2010 CMU-ISR 3Integrated System Services: Naming and can be found converts a name into
Trang 1System Integration
Mini Case Studies © 2010
Shawn A Butler, Ph.D.
Senior Lecturer, Executive Education Program
Institute for Software Research
Carnegie Mellon University
Integrating Services
Trang 2© 2010 CMU-ISR 2
Objectives
an integrated system
integrating systems that have these
services
Trang 3© 2010 CMU-ISR 3
Integrated System Services:
Naming
and can be found
converts a name into a physical address
• Every entity sees the entire system as the
same set of objects
• Defined interfaces to entities
• Users know how to find other system entities
• Domain Name Service!
Trang 4Application ABC
Trang 5© 2010 CMU-ISR 5
Integrated System Services:
Naming
Naming–All entities have a name and can be found
• Every entity sees the entire system as the same set of
The system may periodically be in an inconsistent state
• Defined interfaces to entities
Entities don’t have interfaces to register with the name service
Mismatched protocols
• Users/Objects know how to find other system entities
Entities make assumptions about their environment
Trang 6© 2010 CMU-ISR 6
Client
Naming Service
Foo(x) While i
Foo(x) While i
= ….
Application ABC
Trang 7© 2010 CMU-ISR 7
Naming Services
Client
Naming Service
Foo(x) While i
= ….
Application ABC
Client
Naming Service
Foo(x) While i
= ….
Application XYZ
Trang 8© 2010 CMU-ISR 8
Naming Services: Inconsistent State
Client
Naming Service
Foo(x) While i
= ….
Application ABC
Client
Naming Service
Foo(x) While i
= ….
Application XYZ
Trang 9© 2010 CMU-ISR 9
Global Services of an
Integrated System: Security
resources are managed through access
control, and activities can be logged
• All entities (principles) are known with some
degree of reliability
• Access to resources are managed based on
defined policies
• Activities can be logged to ensure
accountability and recovery
Trang 10© 2010 CMU-ISR 10
Security Services
Client
Authentication Service
John Doe - 4gh2%c
Jdoe, 4gh2%c
Naming Service
Where is authentication?
Jdoe login 122106:1532
Trang 11© 2010 CMU-ISR 11
Integrated System Service:
Security
Security Services– Entities are authenticated,
resources are managed through access control,
and activities can be logged
• All entities (principles) are known with some
degree of reliability
• Access to resources are managed based on
defined policies
• Activities can be logged to ensure
accountability and recovery
Different systems log different events
Trang 12© 2010 CMU-ISR 12
Security Services - Authentication
Client
Authentication Service
John Doe - 4gh2%c
Jdoe, 4gh2%c
Jdoe login 122106:1532
Client
Authentication Service
John Smith
Jsmith login 122106:1532
Jsmith ,
Trang 13• System Y user must have a smart token
• Systems have different levels of authentication
and different types of authentication
systems
Trang 14© 2010 CMU-ISR 14
Security Services: Access Control
Client
Access Control Service
Where is Access Control?
Jdoe cred= 2368 122106:1532
Jdoe, App Fin12
DB Fin App Fin43
Trang 15© 2010 CMU-ISR 15
Security Services: Access Control
Client
Access Control Service
Jdoe, DB Fin12
Client
Access Control Service
John Smith:
Printer = nova App = Fin12
Jsmith, cred 5468
Jsmith cred= 5468 122106:1532
Jdoe, App Fin12
DB Fin App Fin12 App Fin43
Trang 16© 2010 CMU-ISR 16
Integrated System Service:
Access Control
different roles in the organization can
access data that should not be accessed
Trang 17© 2010 CMU-ISR 17
Global Properties of an
Integrated System: Reliability
provide necessary functionality despite
unexpected events
• Reliability primarily achieved with replication or
redundancy
• Graceful degradation of functionality when full
functionality cannot be achieved
• Transparent to the user when possible
• Definition of failure difficult to identify
Trang 18Application ABC
Trang 19© 2010 CMU-ISR 19
Reliability Services: Balancing
Client
Naming Service
Foo(x) While i = ….
Application ABC
Naming Service
Trang 20© 2010 CMU-ISR 20
Reliability Services: Balancing
Client
Naming Service
Foo(x) While i = ….
Application ABC
Naming Service
Trang 21© 2010 CMU-ISR 21
Reliability Services: Balancing
Client
Naming Service
Foo(x) While i = ….
Application ABC
Naming Service
Trang 22© 2010 CMU-ISR 22
Reliability Services: Balancing
Client
Naming Service
Foo(x) While i = ….
Application ABC
Naming Service
Trang 23Foo(x) While i = ….
Application ABC
Naming Service
Trang 24© 2010 CMU-ISR 24
Summary
Modern systems rely on different types of services
that often must be integrated:
• Naming service: Finding other services and objects in the
system
• Security services: Includes authentication, logging, and
access control
• Reliability services: ensuring a fully functional or partially
functional system when one or more services is not
available