Palette - WP0

European and Chinese Cooperation on Grid

Grid and Finance

Engineering Ingegneria Informatica S.p.A.Giulio Galiero

giulio.galiero@eng.it

Luxembourg - 6/7 February 2006 - TEL Projects meeting

Outline
Engineering + R&D Lab profile

FinanceReqsScenariosComputing infrastructuresGriFin case study

SecurityCurrent security models in the GridPromising security solutions for the GridSecurity in Finance

Luxembourg - 6/7 February 2006 - TEL Projects meeting

Our profile at a glance
11st IT italian player

11controlled companies

31+3sites

1400external resources

4028 professionals
numbers

Luxembourg - 6/7 February 2006 - TEL Projects meeting

R&D Lab
Our labsspread over 5 sites throughout ItalyRome, Palermo, Torre Annunziata, Benevento, Lecce.200 dedicated resources of intenational standing7% of revenues invested per year in researchinvolved in more than 50 projectsa network of 50 international partners

Grid UnitA dozen full-time senior/junior researchers5 European projectsBELIEF, DILIGENT, ETICS, ECHOGRID, NESSI-Grid1 Italian project GriFinConsultancy studies for European CommissionERINA

Luxembourg - 6/7 February 2006 - TEL Projects meeting

GriFin (Grid for Finance) in a nutshell
What is it?ongoing Italian project (started in 2007)PSE for the financegrid-based

Who is involved in it?2 partnersUniversity of LecceEngineering Ingegneria Informatica S.p.A.

Whats cooking?UniLe: Grid portal + Portfolio Management application developmentEng: Security (state of the art + integration of new solutions)

Luxembourg - 6/7 February 2006 - TEL Projects meeting

Outline
Engineering + R&D Lab profile

FinanceReqsScenariosComputing infrastructuresGriFin case study

SecurityCurrent security models in the GridPromising security solutions for the GridSecurity in Finance

Luxembourg - 6/7 February 2006 - TEL Projects meeting

Finance
How is our research activity related to finance?Our Grid Unit is involved in security researchEng focus in GriFin is on security issues in finance

What are the financial requirements?Draft reqs after internal analysisTime-critical activitiesHigh concern about privacy and data protectionEterogenous inputsHigh computing availability & throughputCross-domainMulti-middlewareAccounting

will be further validated by our customers by the end of the year!

Luxembourg - 6/7 February 2006 - TEL Projects meeting

Typical scenarios in Finance

What?Portfolio managementRisk analysisDerivative prices

How?By means of mathematical modelse.g. Montecarlo simulations

Luxembourg - 6/7 February 2006 - TEL Projects meeting

[Finance] Computing architectures
Mainframe Easy to manage Legacy apps are optimized for that HW HW cost is high! Single point of failure Not scalable

Grid Reuse HW you already have Higher performance per $ Fault tolerant Scalbility Is it an already mature technology? Cost of migration

NESSI-Grid is promoting the use of the Grid as the new sw infrastructure

Luxembourg - 6/7 February 2006 - TEL Projects meeting

NESSI + NESSI-Grid
What is it?Networked European Software and Services Initiative to create a SRA for European research in services and their foundations

What about NESSI-Grid?Vision and SRA for grid infrastructures in NESSI scenariosEngineering is promoter of NESSI with 12 other IT playersSteering Committee PresidentSRA Working Group Responsible200 Mlns EU fundingAround 200 associates by now

Luxembourg - 6/7 February 2006 - TEL Projects meeting

NESSI-Grid: Business Scenarios
(Hierarchical) EnterpriseHosting

Dynamic Outsourcing

Mergers&Acquisitions

Other scenariosExtended EnterpriseVirtual OrganisationsValue NetworksMega Services

Luxembourg - 6/7 February 2006 - TEL Projects meeting

Grid middleware available
Open solutions

(many others)

Proprietary solutions

Luxembourg - 6/7 February 2006 - TEL Projects meeting

What are we using for GriFin?
Whats on the screenGRB portalMetaschedulerPortfolio Management applicationSecurity state of the art deliverable

Coming soonPortal devPorfolio Management app devUser community security reqs validationIntegrating security

Luxembourg - 6/7 February 2006 - TEL Projects meeting

Outline
Engineering + R&D Lab profile

FinanceReqsScenariosComputing infrastructuresGriFin case study

SecurityCurrent security models in the GridPromising security solutions for the GridSecurity in Finance

Luxembourg - 6/7 February 2006 - TEL Projects meeting

Security for
GridKnow-how as researchers of the Grid Team of Engineering R&D Lab

FinanceAs members of GriFin

How do current Grid security features match against Finance requirements?

Luxembourg - 6/7 February 2006 - TEL Projects meeting

Typical Grid solutions
AuthN is PKI-basedX.509 certificatesDelegationMyProxyAuthZVOMS (Virtual Organisation Membership Service)CAS (Community Authorization Service)

Luxembourg - 6/7 February 2006 - TEL Projects meeting

Some security issues
X.509 reveal my full identityAttribute filteringCorrelation issues [cfr. Kim Camerons blog http://www.identityblog.com/]Pseudonimity @MWSG/gLite

Proxies are time based!What if someone steals a proxy certificate? @MWSG/gLite

Hosting GridHow can I be fully sure my remote data are properly protected?How can I trust my own computing provider?Does Enterprise Grid better apply to Finance?

Luxembourg - 6/7 February 2006 - TEL Projects meeting

Security: New kids on the block
ShibbolethWhat is it?Why use it for finance?Who is using it?

GridShibIntegrate Shibboleth into GlobusToolkit

Crown-STGridTrustTrustCoM

OAuthFinal release of specification available next Thursday (Nov, 1st).

Luxembourg - 6/7 February 2006 - TEL Projects meeting

Conclusions
Grid is moving towards new application fields

Finance demands for ready-to-use, high computing infrastructures

Do Grid features match finance requirements?

New security issues must be addressed

Dont reinvent the wheel! maybe the solutions is few clicks away

Integration is the key!

Luxembourg - 6/7 February 2006 - TEL Projects meeting

Q&A

Luxembourg - 6/7 February 2006 - TEL Projects meeting

Present yourself

Use abstract to present your talkAbstractGrid technologies are emerging and getting mature for new application fields, other than pure research communities. Finance is showing a growing interest in Grid infrastructures due to the potential benefits they come along with.On one hand Grid Computing provides access to several resources (e.g. storage and computing power) spread over the net. On the other hand, users in the financial field massively demand for accomplishing time-critical tasks (eg: portfolio management, risk analysis, derivative prices, etc.) by means of computing-intensive algorithms such as Montecarlo simulations. This presentation aims at pointing out whether Grid features can match finance requirements, taking into account security issues.Furthermore, a case of study is presented. GriFin (Grid for Finance) is an ongoing Italian project started in 2007, supported by Engineering Ingegneria Informatica S.p.A. and the University of Lecce. Its aim is to build a Problem Solving Environment (PSE) for the financial market based on a Grid infrastructure. The initial findings will be presented along with the solutions proposed both for the security and the middleware architecture.
Engineering has been coming the First italian player in ICT italian market with a share of approximately 6 %.Engineering consists of 11 controlled companies: the is a group.The Company, listed in 2000 on Milan Stock Exchange (Star Segment), employs roughly 4000 professionals and 1400 external resources(to pursue flexibility within an unsettled market), with operations in 28 sites in Italy and 3 abroad (Ireland, Spain, Belgium).
What is it?GriFin (Grid for Finance) is an ongoing Italian project started in 2007, supported by Engineering Ingegneria Informatica S.p.A. and the University of Lecce. Its aim is to build a Problem Solving Environment (PSE) for the financial market based on a Grid infrastructure.

Whats cooking?UNILE: portal + developing application for portfolio managementENG: state of the art about Security (with respect to Grid infrastructures) new approaches / what to integrate in the existing framework
By PaoloRCrossDomainDifferent domains for different branches / divisions?- Duplication of informationDomain federation

MultiMiddlewareDifferent middleware for different sites?Black box interaction White box interaction (data/processes interaction) in case of Bank fusion?

PrivacyWhere to protect the information?Initial DataPartial ResultsFinal ResultsCommunicationsSystem boundaries

AccountingWhat to log? For which purpose?Trace executionMonitor resource usageLimit resource usageResource usage market

Portfolio Management and Financial Portfolio Management DEFINITION: The process of managing the assets of a mutual fund, including choosing and monitoring appropriate investments and allocating funds accordingly.

Risk Analysis

Derivative Prices
The Networked European Software and Services Initiative (NESSI) aims to create a strategic research agenda for European research in services and their foundations. NESSI-Grid forms part of that activity by defining a vision and strategic research agenda (SRA) for service-oriented infrastructures used in business environments and in particular in NESSI scenarios. The anticipated service-oriented infrastructures are supposed to leverage traditional Grid infrastructures, which ultimately aim at providing resources as a utility, to general purpose applications and business scenarios. The term Business Grids has been adopted to describe those infrastructures.
The purpose of these scenarios is twofold: First, they serve for exemplifying the general Business Grid vision in a concrete context. Second, they form the basis for concrete business requirements which impose various technical requirements and challenges and ultimately lead to the overall strategic research agenda.

EnterpriseBasic enterprises consist of one homogeneous administrative domain. Following Section 2, they can be supported by basic enterprise grids which should provide general-purpose infrastructure services within one domain and which should ultimately act as the ICT backbone for the complete IT infrastructure.

Hierarchical EnterpriseLarger enterprises are typically organized via a hierarchy of departments, each of which following the general enterprise policies while potentially deviating from them e.g. due to different legislative constraints.

HostingHosting environments are about providing resources and/or services to customers. The actual offer may comprise pure resources, predefined services or environments for running customer-defined services (e.g. computing on demand).

Dynamic OutsourcingDecisions on whether IT systems are operated in-house or via an external hosting provider may change over time as the strategies of organizations evolve. Traditionally, outsourcing decisions do not just depend on strategic requirements but have to carefully balance these with the practical effort, overhead and side effects (e.g. interruption of business) of an outsourcing process. The following picture shows such a dynamic outsourcing process where a solution X, initially provided by an enterprise infrastructure is migrated to a hosting company. Ideally, solution X is fully operational during the whole migration process.

Merger and AcquisitionsMerging with, or acquiring another company is an increasingly common method for companies to grow. The traditional means by which companies merge typically takes a long time to fully complete. This can be envisaged using the enterprise grid model in one of two ways. The two enterprise grids that are initially separate form a virtual organisation that links their two grids together in a limited fashion. Over time, as the grids coalesce, the virtual organisation encompasses more and more of each individual enterprise until a single merged enterprise remains. In the case of a merger, the relationship is likely to be more of a symmetric one. In the case of a takeover or acquisition, the relationship between the enterprises is more likely to be asymmetric.One other form of merger / acquisition mechanism is also possible here. This introduces the concept of a merger proxy, as shown below:The merger proxy is an external entity that provides a link between the two enterprises. Both enterprises form virtual organisations with this proxy and use the services of the proxy to merge logically. Such a proxy might be used to facilitate a new range of business services in this arena.

ConclusionsNoteworthy, that the introduced scenarios can be combined in various ways in order to form more complex, compound scenarios.

I aint going to tell which is better at what

Is open vs, proprietary correct taxonomy?

Why proprietary solutions are there?

Put logos
two different points of view Grid/Finance

Expertisefor GRidFor Finance
MyProxy is open source software for managing X.509 Public Key Infrastructure (PKI) security credentials (certificates and private keys). MyProxy combines an online credential repository with an online certificate authority to allow users to securely obtain credentials when and where needed. Users run myproxy-logon to authenticate and obtain credentials, including trusted CA certificates and Certificate Revocation Lists (CRLs).
MyProxy is open source software for managing X.509 Public Key Infrastructure (PKI) security credentials (certificates and private keys). MyProxy combines an online credential repository with an online certificate authority to allow users to securely obtain credentials when and where needed. Users run myproxy-logon to authenticate and obtain credentials, including trusted CA certificates and Certificate Revocation Lists (CRLs).