MESIS: the Architecture (1)

Management Environment for Secure and Interoperable Services

MESIS has been designed with the goal of providing an integrated environment that addresses all typical management issues of complex organizations. Organizations usually consist of several departments, even geographically distributed over the Internet. Each department has its private LAN, and needs to interact via gateways with other departments to accomplish coordinated tasks. The provision of an Internet service, for instance, may span several organization boundaries. In addition, when different departments of one organization have to communicate via the Internet, the system should grant the same levels of security and QoS of intranet communication. Moreover, the globality of the scenario addressed by MESIS imposes to face up to the issue of scalability.
For that reason, we have considered fundamental to introduce and to make possible the handling of the locality concept: MESIS embeds locality via a hierarchy of locality abstractions suitable for describing global distributed systems, ranging from simple LANs to the Internet (see Figure 1). Any node part of the MESIS environment hosts at least one place for agent execution and management; several places are grouped into domain abstractions. In each domain, a default place hosts a gateway which is in charge of inter-domain routing functionality. The locality permits also to introduce a scope when considering all other system policies, and helps in granting a protected framework for the entities that belong to the locality itself.


Figure 1. MESIS Locality Abstractions
(click here for a larger view of the picture)

The core part of the MESIS project is its architecture that provides a distributed infrastructure with a set of facilities for the design and the development of complex network-centric applications (see Figure 2). All facilities are implemented on top of the MESIS DPE layer by a set of coordinated mobile agents.
In addition, the openness property of the MESIS infrastructure permits to extend the programming framework by dynamically adding new services, even built on the already provided functionality.
MESIS DPE facilities are split in two levels, the lower one that groups the basic and primary mechanisms, the upper one that comprehends more evolved tools and services. The upper facilities generally use the lower ones in their implementation; for instance, the naming facility, that keeps track of entities location, makes use of the underlying identification facility.


Figure 2. MESIS Architecture for Management Applications
(click here for a larger view of the picture)

The MESIS Upper Layer Facilities (ULF) represent advanced operations and support directly the application development:

Agent Interoperability Facility (AIF); the AIF offers interfaces to simplify the calls from MESIS components (of both DPE and service layer) to external CORBA components or services; in addition, it supports the registration of MESIS-based services as CORBA servers; finally, it provides interoperability with different MA systems by implementing the MASIF standard interface. Follow the link for a detailed description of the AIF, and, in particular, of the CORBABridge module that realizes its core.
Agent Security Facility (ASF); the ASF provides all the mechanisms for authentication, authorization, integrity and privacy. MESIS integrates a security framework based on standard security providers and certificate infrastructures. The current ASF implementation is based on agents but can also interoperate with CORBA Security Services. Follow the link for the description of the ASF and its implementation.
Agent Naming Facility (ANF); the ANF dynamically maintains and permits to access the information about the current state of entities in the system (or in some of its parts). For example, it realizes a Domain Name Service and a Directory Service functionality. The ANF puts together a set of different naming systems, possibly characterized by different policies and is implemented by a coordinated set of dedicated agents.

The MESIS Lower Layer Facilities ...

 
Page updated on
In case of problems, or if you find any bug, please contact us.