OMG Internet SIG
Minutes of Meeting #7

OMG Document Internet/96-09-01

Summary

• Responses to the Internet SIG's Internet Services RFI are due on October 14, 1996. Please consider responding whether you are a vendor of CORBA technology or a user. The purpose of the response is to identify technologies that you believe OMG will need to complete the equation OMA_today + f_? = OMA _ideal especially where f_? is motivated by the need to scale the OMG Object Management Architecture (OMA) to the Internet. RFI responses need not be heavyweight-they can be a letter identifying one or more promising directions for OMG in enough detail that Internet SIG can use the response to generate a roadmap. You need not be a member of OMG to respond.
• Next Meeting in Nice on November 4. We will review RFI responses and begin to sort and analyze them into an Internet Services Architecture that can augment the OMA. The detailed agenda should be available soon after October 14^th.

Index

• Attendees
• Today's Meeting
• Presentations
  • Presentation by Orbix, Martin Chapman
  • Presentation by Visigenics, Jeff Mischkinsky, Visigenic
  • Presentation on Mobile Objects and OMA, Sankar Virdhagriswaran, Crystaliz
  • Security Requirements,
  • RFI response preview from Data Access Technologies, Cory Casanave
• Discussion on RFI, Craig Thompson (moderator)

Attendees

• Joshua Arai - Justsystem - arai@justsystem.co.jp
• Don Belisle - IBM - belisle@austin.ibm.com
• Tom Bucciero - Hitachi Computer Products - tomb@hi.com
• Lorraine Cash - Raytheon - waldbuss@ediray.com
• Martin Chapman - Iona Technologies - mchapman@iona.com
• Massimo Actis Dato - Digital Equipment - actis_dato@impero.enet.dec.com
• Larry Fillion - UCLA - larry@color.cs.ucla.edu
• Joacim Fischer - Humbolt University/German Telekom - fischer@informatik.hu-berlin.de
• Ken Flemming - Suite Software - Ken@suite.com
• Dave Gamble - MicroFocus - dave@mfltd.co.uk
• Karl Gardner - Raytheon - fkg@swl.msd.ray.com
• K. Eric Harper - NobleNet - eric@noblenet.com
• Sridhar Iyengar - Unisys - Sridhar.Iyengar@mv.unisys.com
• Barry Kitson - DSTC -b.kitson@trl.telstra.com.au
• Salil Kulkarni - Tandem - salil@loc201.tandem.com
• Steven Lemmo - NobleNet - steve@noblenet.com
• Mika Leppiner - Nikia Research Center - mika.leppiner@research.nokia.com
• Jeff MacKay - Anderson Consulting - jeffrey.c.mackay@ac.com
• Mary Jo McCauley - Digital Equipment - m_mccauley@lkg.mts.dec.com
• Stephen McConnell - OSM Consortium - mcconnell@osm.net
• Nilo Mitra - AT&T - dyons@arch4.att.com
• Jeff Mischkinsky - Visigenic - jeff_mischkinsky@omg.org
• Naohiko Mori - NCALS - mori@ncals.cif.or.jp
• Victor Peqebaskine - France Telecom - perebask@issy.cnet.fr
• Dave Smith - Deere & Company - ds60162@deere.com
• Silas Larry Smith - IBM - slsmith@vnet.ibm.com
• Chris Smith - British Telecommunications - chris@drake.bt.co.uk
• Shel Sutton - MITRE - shel@mitre.org
• Greg Tally - Trusted Information System - tally@tis.com
• Brian Thomas - SBC - bt0008@entropy.sbc.com
• Craig Thompson - Object Services and Consulting, Inc. - thompson@objs.com
• Petri Tuominen - Nokia - Petri.Tuominen@ntc.nokia.com
• Shig Yamada - Fujitsu - yamada@hal.com

Today's Meeting

Craig Thompson (OBJS) led the day's discussion. Shel Sutton (MITRE) recorded minutes at the meeting and Thompson revised the minutes.

http://www.objs.com/isig/home.htm is the OMG ISIG homepage. It is referenced from OMG's description of the Internet SIG. Documents on this homepage also appear in the OMG document log. The homepage includes the outstanding Internet Services RFI, with a due date of 14 October 1996. It also includes papers and workshop reports for the recent OMG-W3C Workshop on Distributed Objects and Mobile Code and the forthcoming OOPSLA Workshop on OO + Web Integration.

Liaison Reports

IETF IRTF IIA. Thompson received a phone call from Ron Daniels (Los Alamos) regarding an apparently new Internet Engineering Task Force (IETF) Internet Research Task Force (IRTF) called Internet Information Architecture (IIA). The group is interested in URN-CORBA naming and also somehow extending MIME to become a more complete type model for the Internet. They do not want to select any one type system.

W3C. No one has news on W3C activities. Larry Smith (IBM) volunteered to provide future liaison reports on W3C activities.

ISIG Internet Services RFI

Thompson reminded attendees that responses to the outstanding Internet SIG RFI are due in just under a month. He requested responses from both CORBA and services vendors and also users of OMG technology. He reminded attendees that responses do not need to be books and can be as simple as letters or short position statements listing missing ingredients in the current OMA that would allow OMA to scale to the Internet or World Wide Web. He mentioned that so far we have received one RFI response but expect at least 4-5 and maybe more.

Next Meeting

Thompson stated that this ISIG meeting is interim, and the next one in Nice will fall after 14 October and will consist of presentations by RFI respondents and analysis of responses.

Today's Meeting

Today's meeting consists of two parts, a series of five presentations relevant to the forthcoming RFI as well as a discussion over potential RFI topics.

Presentations

Presentation by Orbix, Martin Chapman

Martin Chapman (mchapmann@iona.com, http://www.iona.com/) began his presentation (see viewgraphs at Internet/96-09-02 coming soon) by volunteering to help folks find the best pubs in Dublin at next year's OMG meeting there.

He pointed out that more will be happening on the client than currently due to Java, which allows more sophisticated distributed applications (including GUIs and sessions) than pre-Java web forms and CGI/add-ins. But Java alone is not enough. We still need underlying infrastructure at the server for multi-user applications, dynamic updates, etc. as well as services, systems management, and exception management.

The IIOP competition is: ActiveX, RMI, IETF (MBONE, Session Control, Sockets) but IIOP should be the lingua franca wire protocol of the Internet because it can interoperate with DCE, ActiveX, etc. Java applets can be IIOP enabled on the fly. A limitation due to client Java applets (not Java itself) is that communication from an applet must go back to the server that created it. So access to other servers has an indirection. This is a safety feature of the current applet architecture.

OrbixWeb v1.x is on 2000 sites, is interoperable with COM/ActiveX, provides full Orbix client (filters, smart proxies, Dynamic Interface Invocation), but no server capability, and is available now on the Orbix site.

OrbixWeb v2.x (beta in September) will have applet call-back capability which downloads parts of the ORB as necessary (e.g. DII if needed), keeping the footprint reasonable. It's the basis for the Java Server and Middle-tier. Full integration with other services to follow - OrbixNames, OrbixTalk.

OrbixWeb has been chosen by Hong Kong Telecom for interactive multimedia services since it satisfies their requirements: rapid time-to-market (mid 1997), standards-based service provision, adaptable, evolvable, robust communications with 7/24 operation and thousands of clients. OrbixWeb is used in the set top box and to download programming, not to transfer MPEG where native formats are used.

In the future, IIOP should be the primary protocol on the Internet. Vendors need to iron out differences.

Q from Steven McConnell: security? Response: Secure sockets, Firewalls

Discussion of the RFP for Java/IDL mapping. Sun .NE. Visigenics .NE. Orbix with first responses due in December 1996. But a standard mapping is needed ASAP!

Q from Craig: Is IIOP enough? Response: Yes.

Presentation by Visigenics, Jeff Mischkinsky, Visigenic

Jeff, who has been at Visigenic for two weeks, spoke informally.

IIOP will become the primary way to communicate over the web; it may sit alongside HTTP or be incorporated in. It will be bundled into all web clients and servers via VisiBroker. What was PostModern's Blackwidow is now Visigenics' Visibroker client, licensed to Netscape and they bundle. The Java runtime ORB is part of the browser.

Visigenic' focus is Enterprise computing, smoothly extending intranets to the Internet. How to get through firewalls: wrap IIOP in HTTP, which can get through firewalls. Visigenic' Gatekeeper can talk HTTP and IIOP. Might be bundled and not a separate process. Piggybacks IIOP into firewalls. OMG security using SSL. See AB meeting this afternoon and OMG Document Security/96-08-02.

If you think the whole world is Java (homogeneous environment), then use RMI. Else use IIOP. Call by Value RFP is the way to do this. Issues remain with respect to web of objects and how much to move at once.

Idea: wrap net protocols today with IDL. Browsers contain separate similar protocol stacks for mail, news, other clients today. Much footprint would collapse if OO protocols were used instead. Wrap as octets though not typesafe.

Idea in discussion: Get IIOP a standard port number: Wouldn't such an address increase out-of-the-box interoperability? If standard port, then that limits one ORB per machine. Standard default port but can use other ports. Might legitimize IIOP for firewall administrators. If you tunnel IIOP through HTTP, then firewall people will nix IIOP/HTTP. This is not just a technical issue but as much a social issue. Certification authorities assuage fears due to a "trusted" vendor.

What does Netscape ONE client talk to w/o a server for next many months?

OMA Meets Mobile Agents, Sankar Virdhagriswaran, Crystaliz

Sankar asserts that mobile agents will fundamentally change the OMA? He cites these issues:

• Language Neutrality (CORBA) vs. Language Independence (i.e., interfaces vs. run time objects)
• Scalability (i.e., Asynchronous CORBA vs. Synchronous Gridlock) -- CORBA needs to be more asynchronous
• Mobile Agent Discovery (i.e., trader services vs. IP Trace) - Mobile agents require IP-like capability
• Architectural Impact on CORBA (i.e., Broker vs. Many Design Patterns) - brokers are not the paradigm needed for mobile agents -- Flyweight and Components are examples of design patterns for mobile agent "brokering". Multiplexing pattern may also be useful. Family of design pattern based ORBs are a way of looking at it.

Sankar believes CORBA as currently defined is fundamentally not scalable - it needs to become asynchronous and use richer distribution patterns than just brokering contained in today's ORBs or IIOP. He points out that brokering is not the design pattern for mobile code. What happens if you download Flyweight design pattern, that uses adapters to pass from producer to consumer. Download Iona proxies. This leads to application-specific adapters. Today's ORB is too specific, so people do all sorts of things above or below to provide a richer way to do this. Internet comm. line is slow so you must optimize. So we need richer Design pattern ORBs.

Security Requirements, Henry Rothkopf, National Imaging and Mapping Agency (NIMA)

Henry described deficiencies of today's security systems and provided handouts on a large (preliminary) study done with a lot of MITRE and other inputs. He pointed out that the DoD realizes that most security issues are generic to industry as well as Government and DoD needs such schemes to be in widespread use, and then wants to be able to add-on GOTS (e.g., Government off the shelf) requirements. Henry advocates coming up with a single threat model for commercial and Government use. There will always be some GOTS requirements but threats for both are similar.

He requested inputs from OMG on the draft report (handout). He stated that today, in the DoD we have some working "system high" systems (enforces need to know) and very few, very expensive multi-level systems, expensive because they require assurance on the development side. But in the next generation, we need more modular security that supports multiple communicating domains with generic security available at several levels in protocol stacks. At a course grain, this includes wrapping whole collection of items with one label like "imaging". At a finer grain level there might be multiple CORBAs talking to each other using access privileges. He indicated that scalability requires that we must communicate policy across domain boundaries. Also we need to be able to change security policies in running systems. We don't know how many such systems we are talking to at any given time. Each domain is mutually suspicious but we must communicate until we are done. This is a big step beyond today's firewalls. It requires an inter-domain import/export policy; a label-based scheme appears doable but depends on additional management that we don't do today. It is also a step away from C1, B2, etc. levels of security aiming at a richer scheme for insuring safeguards in federated systems with mixed security levels.

Q from Craig: This is very different from firewall technology - much more robust (and complex). How will the transition take place. Have firewall vendors been contacted? Response from Pat Mallet: as industry sees the similarities, migration should happen. Response from Neil Wagoner: First step is to develop a combined threat model. Second step is to determine what can be done in the CORBA environment and what cannot.

Q from Craig: What about Virtual Private Networks? How do they relate? Response: VPNs only address some security levels - Virtual Private Networks are lower level and do not transfer information across boundaries.

RFI response from Data Access Technologies, Cory Casanave

Cory described Data Access' response to the Internet Services RFI (handout).

Distributed computing solutions today are highly proprietary, brittle and expensive to change. Starting now, we can use Internet to deploy business application (business objects) anywhere in the world. This gives us a massive marketing domain. The architecture looks like web clients and servers talking to backend business objects, uses generic client and web server software. There are requirements for loosely coupling business functions and business GUI interfaces. How the business objects talk to the browser client is currently a battle between RMI, ActiveX, and IDL. Some specific needs are richer metadata, richer transactions, sessions, more useful relationships (than in the OMG relationship service), business rules, and internationalization.

Discussion on RFI-related Topics, Craig Thompson (moderator)

The rest of the day was spent continuing a discussion started in Madrid on potential areas that Internet Services RFI responses might cover. The general topic was, where does OMG go next relative to the Internet? What should an expanded ideal OMA provide that today's OMA does not.

We added to the Madrid list the following laundry list of items (some are redundant):

• What is the advice to OMG re: integration with Java?
• what about peer-peer architectures where Client = Server
• what about mobile servers
• what about replacing HTTP
  • provide CORBA/Java HTTP modular implementation
  • support existing HTTP methods syntax but also IDL OO-based methods
  • HTTP wrapped IIOP, IIOP wrapped HTTP
• What do we need to entice users to use object technology?
• Concern over adoption of non-standard technology (e.g., Java) on a massive basis.
• Componentware?? The reality is CORBA as an object RPC. Does not yet provide many of the promises of mix-and-match.
• Question of certification of services, etc. to ensure that they are truly interoperable. Certification problem will be more important in the future. Without certification of IIOP, standardization will be driven by the market leader.
• Federation of services? How will the services and differing configurations work? Problems integrating ORBs now, what about interoperability/integration of services?
• Heterogeneity can be a real problem. Enterprise solutions would be at risk.
• Internet community will assume that there are many of anything, including object models. What is the place of MIME, programming-like languages, SMTP, etc.? What is the right type system for the Internet? Is it IDL?
• What about exporting services from an Object Data Base (OODB)? Why haven't OODBs done well? Not really addressing enough data. File systems becoming more strongly typed. What about wrapping file systems as object files systems? Related to the problem of how to bring MIME and OMA together.
• Persistence - different kinds of persistence supported by OMG persistence specification. What happens if you mix allocation time persistence that is object-at-a-time with a system that does run-time transitive closure of persistence? How to mix these two different persistence policies?
• Static composition: With OMG's persistence, transaction, etc. service specifications, can an OODB system be created? If we add Collections and the Query service, do we get an OODBMS-RDBMS composite. No one has tried (except Open OODB, a research project). If a rules service is added can we assert that we have a KBMS? Can services be added dynamically? Can we build modular CASE, repository, and workflow systems this way? Can we mix-and match modular security services in these?
• Can systems including simple services like naming, transactions, security, and query and complex systems like OODB and workflow be federated so that X-federation = federation(X-simple_i) where X = naming, transactions, …, query, OODB, …, workflow? What happens if there are differing policies wit respect to mixin services in a composite?
• Enterprise architectures - how do you model the enterprise architecture? How do you accommodate change (models accommodate evolution)? What about virtual enterprises?
• firewalls and certification
• filters (before/after) and smart proxies; push and pull
• load balancing
• application partitioning
• gatekeepers as in Visigenics
• meta data
• internationalization
• use cases
• unification of the work on patterns in various books with OMG's list of protocols
• hierarchical relationship of standards profiles
• index service to allow multiple access paths to objects stored in distributed collections
• how do you Internet-enable an OMG application
• how do you OMG-enable an Internet tool
• how to integrate email, search engines, outliners, expand/contract, …