|
Overview of Middleware
Areas of Activity
Middleware FAQ
The items included under the heading of middleware differ depending on who is making
the list. Many interesting categorizations exist — for a good discussion, see
RFC 2768.
These categorizations are all centered around sets of tools and data that help applications use networked resources and services. Some services, like authentication and directories, are in all categorizations. Others, such as coscheduling of networked resources, secure multicast, and object brokering and messaging, are the major middleware interests of particular communities, but attract little interest outside of those particular communties. A popular definition of middleware that reflects this diversity of interests is "the intersection of the stuff that network engineers don't want to do with the stuff that applications developers don't want to do."
Middleware has emerged as a critical second level of the enterprise IT infrastructure. The need for middleware stems from growth in the number of applications, in the customizations within those applications and in the number of locations in our environments. These and other factors now require that a set of core data and services be moved from their multiple instances into a centralized institutional offering. This central provision of service eases application development, increases robustness, assists data management, and provides overall operating efficiencies.
Interoperable middleware between organizations is a particular need of higher education. Researchers need to have their local middleware work with that operated by national scientific resources such as supercomputing centers, scholarly databases, and federal scientific facilities and labs. Advanced network applications will transform instructional processes, but they will depend on middleware to function. The fact that higher education is fractal in structure will create markets that need interoperable standards and products. For a university-system-level view of middleware needs, see the University of California middleware overview.
Taxonomy
Core middleware services are those that all other middleware services depend on. The challenges in providing these services are as much political as they are technical. Many of the hardest issues involve the ownership and management of data in the complex world of higher education.
Identifiers. An identifier is a character string that connects a real-world subject to a set of computerized data. Identifiers were simple when each person had exactly one. Now people generally have several identifiers, and identifiers apply not only to people, but also to group of people, or to objects (or groups of objects) such as printers and applications. Thus the relationships among a subject's identifiers, and policies associated with the assignment of identifiers, become important issues.
Authentication. Given the breadth of interactions that are now computer-assisted, establishing that a particular request is associated with a specific real-world subject becomes critical. The traditional approach of login and clear text password is far too insecure and inflexible for the variety of ways that clients need to authenticate to servers.
Directories. Much of the information about real-world subjects needs to be contained in a general-purpose, high-performance server that can respond to application requests for information. There are substantial technical and political issues in the development and operation of a directory service. Technically, determination of the elements of the directory (the schema), the ways of addressing the elements (the namespace), and operational issues such as replication and partitioning need to be addressed. Applications must be reengineered to use the directory. Policy issues include ownership of data, feeds into and out of the directory, and setting permissions to read and write data.
Authorization. An
important subset of the information about a real world subject is what
it is permitted to do. Authorization can range from allowing access to
refined controls of a remote electron microscope to permissions to place
purchase orders below a specified level on an institutional account. Defining
these rules, including means to delegate or reassign authority on a temporary
basis, as well as delivering this information to applications, are some
of the challenges in this newly emergent area.
- Graphic: Options
for Provisioning Run Time Authorization
Certificates and PKI.
Below the core middleware services, at the boundary of the network layer, lie a number of services that can be classified as middleware-based networking
or networking-oriented middleware. These services include:
Secure multicast. This is multicast extended to permit, at the network layer, secure access to join a multicast session.
Bandwidth brokering. This is a service that securely allocates quality of service (QoS) to various applications and users within an institution or organization.
Typically these services require core middleware services, such as identifiers, authentication and directories, in order to operate.
Above the core middleware services are a number of types of application-oriented middleware, or upperware. A rough grouping of such middleware would include:
Services for ubiquitous computing. Higher education needs a variety of open protocols and implementations that allow students to access their bookmarks and aliases from any location, as well as institutional and multiorganizational file systems to enable sharing and support collaboration tools.
Support for research computing. Efforts are underway to transform scattered national computational resources into a coherent grid, providing researchers consistent access across a variety of architectures, permitting coscheduling of resources, coupling data, networking and computing together.
Support for administrative computing. The new generations of business systems have loosely-coupled components that depend on a common applications infrastructure, which provides services such as object brokering for component requests, message handling between components, and monitoring of transactions.
Again, these services depend on core middleware components in order to operate. In turn, as these areas continue to evolve rapidly over the next few years, new utilities may be developed within the core to support them.
|
