VESPA: l'e-Health su infrastruttura Cloud Architettura e Servizi

Presentazione sul tema: "VESPA: l'e-Health su infrastruttura Cloud Architettura e Servizi"— Transcript della presentazione:

1 VESPA: l'e-Health su infrastruttura Cloud Architettura e Servizi
Roberto Barbera Responsabile Scientifico - Settore Sviluppo - del progetto VESPA

2 Outline Introduzione La Cloud di VESPA Conclusioni
Stato attuale e potenzialità future Conclusioni

3 L’evoluzione del Web

4 Web 2.0 e 3.0 (http://lifeboat.com/ex/web.3.0)
Ubiquitous Connectivity: Broadband adoption; Mobile Internet access; Mobile devices; Network Computing: Software-as-a-service business models; Web services interoperability; Distributed computing (P2P, grid computing, cloud computing, […]); Open Technologies: Open APIs and protocols; Open data formats; Open-source software platforms; Open data (Creative Commons, Open Data License, etc.); Open Identity: Open identity (OpenID); Open reputation; Portable identity and personal data (for example, the ability to port your user account and search history from one service to another); The Intelligent Web: Semantic Web technologies (RDF, OWL, SWRL, SPARQL, Semantic application platforms, and statement-based datastores such as triplestores, tuplestores and associative databases); Distributed databases — […] wide- area distributed database interoperability enabled by Semantic Web technologies); Intelligent applications (natural language processing, machine learning, machine reasoning, autonomous agents).”

5 L’evoluzione del calcolo scientifico
Time 00’s-10’s Cloud Computing Cost of hw Cost of networks Power of COTS WAN bandwidth 90’s-00’s Grid Computing 80’s-90’s Cluster Computing Mainframe Computing 5 5

6 Gli «strati» di una Cloud

7 IaaS: il sito Cloud del DFA
 100 TB  100 core

8 IaaS: la «Virtual Cloud» di VESPA

9 MyCloud Current functionalities: Federated authentication
Fine-grained authorisation Single/multi-deployment of VMs on a cloud and across clouds Single/multi-move of VMs across clouds Single/multi-deletion of VMs on a cloud and across clouds SSH connection to VMs Direct web access to VMs hosting web services

10 L’EGI Federated Cloud (https://www.egi.eu/infrastructure/cloud/)

11 P4SaaS: the Catania Science Gateway Framework (CSGF)
Born in 2010 to hide Grid – and now Cloud - complexity (especially security-wise) Designed to be: Sustainable (Fully based on standards) Scalable (e.g., through Glassfish) Secure (integrated AAAAI) Interoperable (one system  many infrastructures) Accessible anytime from anywhere (including mobile devices)

12 CSGF Architecture

13 Users having different roles and privileges
CSGF Components Users having different roles and privileges Portlets AAI Administrators Power users Basic users VRC members etc, Grid&Cloud Engine Thanks to the CSGF, the interoperability of different distributed e-Infrastructures has been successfully demonstrated Grid Cloud HPC 21/02/2019

14 AAI in the CSGF EGI UMP AuthN/AuthZ … access.egi.eu eid-stork.eu
OpenID EGI UMP access.egi.eu Authorization Authentication … AuthN/AuthZ handled separately SAML 2.0 Identity Federations IdP 1 IdP 2 IdP n 2. Select eID or Your institute IdFs 1. Sign In 3. Select your IdF and IdP eid-stork.eu 4. Use IdP to get authorized by IdP

15 Identity Federations in the world (https://refeds.org)
>17 million people worldwide with federated credentials

16 The GrIDP “catch-all” Federation (http://gridp.garr.it)

17 Support for the most diverse and widest possible communities of users (1/2)

18 Hundreds of millions of people can become users of services
Support for the most diverse and widest possible communities of users (2/2) Hundreds of millions of people can become users of services

19 Summary of standards adopted
The Catania Science Gateway Framework is fully web-based and adopts official worldwide standards and protocols, through their most common implementations These are: Presentation layer: the JSR 168 and JSR 286 standards (also known as "portlet 1.0" and "portlet 2.0" standards) Authentication: the OASIS Security Assertion Markup Language (SAML) standard and its Shibboleth and SimpleSAMLphp implementations Authorisation: the Lightweight Direct Access Protocol, and its OpenLDAP implementation Management of digital certificates on smartcards: the Cryptographic Token Interface Standard (PKCS#11) standard and its Cryptoki implementation Application interface to the underlying middleware: the Open Grid Forum (OGF) Simple API for Grid Applications (SAGA) standard and its JSAGA implementation Interface to cloud computing infrastructures: the Open Grid Forum (OGF) Open Cloud Computing Interface (OCCI) standard and its rOCCI implementation

20 Portlets as bricks Standards Simplicity Easiness of use Re-usability
Sc. Gtwy E Sc. Gtwy D Sc. Gtwy C Sc. Gtwy B Sc. Gtwy A

21 SaaS: il «portale» di VESPA

22 Gestione pazienti

23 Gestione task

24 Gestione sedute riabilitative

25 Controllo via web delle sedute riabilitative

26 Controllo via app delle sedute riabilitative

27 Conclusioni L’infrastruttura di VESPA è un esempio di Cloud per l’e-Health allo stato dell’arte, sia a livello di IaaS che di SaaS L’adozione di standard internazionali, sia «de jure» che «de facto», assicura a tutti i livelli della Cloud di VESPA una completa interoperabilità con infrastrutture nazionali e internazionali di prima classe L’accesso federato, ed il supporto delle più importanti implementazioni dello standard SAML, assicura all’infrastruttura di VESPA la possibilità di avere un enorme bacino di utenti potenziali, ivi inclusi operatori sanitari e Pubbliche Amministrazioni