It's been an action on me to find out about Taverna. Since the workflow session today was cancelled (national holidays? pah!) I'll report what I've learned so far here before I forget due to vacation. :-) Taverna is a data-oriented workflow system (as opposed to control-oriented, though it also supports control links between processors) for automating tasks as seen from the client-side; it's intended to replace "human workflows" which involved cutting and pasting chunks of text between web pages (previously a time-consuming and error-prone process). It's not designed to handle cases with complex recovery from failures, but is instead focussed on automated handling of sets of data. It's GUI-oriented (though there is a command-line execution module) and as such it has got a number of features to enable scaling of the complexity of workflows to scientifically-useful levels: in particular, it has recursive decomposition and a way to mark processing nodes as "not interesting" and hence normally hidden. One limitation is that Taverna essentially assumes that the processing nodes are free to use (both by the user *and* by anyone else) which has a consequence in terms of its (non-existent) security model[*]. It's also not designed with dynamic instantiation of services in mind (there's a plugin for service discovery, but it's not integrated into the workflow system itself, just the GUI design tool). In short, if you're doing scientific workflows that use local components and free static services available over the web, Taverna is very good. But it's got substantial weaknesses for domains where services are secured, costly or dynamic. Far more information than I've mentioned is available online at http://taverna.sourceforge.net/index.php?doc=docroot.html I hope this is informative. :-) Donal. [* I understand that there's work ongoing to add some kind of security support, but I don't know how that's progressing. It's not in the latest production release for sure. ]
Dear All: Considering the flow of many messages related to workflows, I thought some of you might be interested in glancing at our article on "Taxonomy and Survey of Grid Workflow systems". Online version is available at: http://www.gridbus.org/~raj/papers/WorkflowTaxonomy-JoG.pdf (it was published in Journal of Grid Computing, Volume 3, Numbers 3-4, Sept. 2005) The article includes a survey of 12 grid workflow systems, some of them are already mentioned by colleagues who posted earlier messages. I hope you will find it useful. Raj
Support for security in Taverna is, as Donal says, ongoing work. However, at least one group is using Taverna to invoke secured services today. AstroGrid takes advantage of Taverna's plug-in technology to retrieve the necessary credentials to invoke a secured service from the "AstroGrid Runtime", a stateful service local to the user's desktop. This works fine for AstroGrid. Stephen
-----Original Message----- From: ogsa-wg-bounces@ogf.org [mailto:ogsa-wg-bounces@ogf.org] On Behalf Of Donal K. Fellows Sent: 05 July 2007 10:00 To: ogsa-wg Subject: [ogsa-wg] Taverna workflows
It's been an action on me to find out about Taverna. Since the workflow session today was cancelled (national holidays? pah!) I'll report what I've learned so far here before I forget due to vacation. :-)
Taverna is a data-oriented workflow system (as opposed to control-oriented, though it also supports control links between processors) for automating tasks as seen from the client-side; it's intended to replace "human workflows" which involved cutting and pasting chunks of text between web pages (previously a time-consuming and error-prone process). It's not designed to handle cases with complex recovery from failures, but is instead focussed on automated handling of sets of data. It's GUI-oriented (though there is a command-line execution module) and as such it has got a number of features to enable scaling of the complexity of workflows to scientifically-useful levels: in particular, it has recursive decomposition and a way to mark processing nodes as "not interesting" and hence normally hidden. One limitation is that Taverna essentially assumes that the processing nodes are free to use (both by the user *and* by anyone else) which has a consequence in terms of its (non-existent) security model[*]. It's also not designed with dynamic instantiation of services in mind (there's a plugin for service discovery, but it's not integrated into the workflow system itself, just the GUI design tool).
In short, if you're doing scientific workflows that use local components and free static services available over the web, Taverna is very good. But it's got substantial weaknesses for domains where services are secured, costly or dynamic. Far more information than I've mentioned is available online at http://taverna.sourceforge.net/index.php?doc=docroot.html
I hope this is informative. :-)
Donal. [* I understand that there's work ongoing to add some kind of security support, but I don't know how that's progressing. It's not in the latest production release for sure. ] -- ogsa-wg mailing list ogsa-wg@ogf.org http://www.ogf.org/mailman/listinfo/ogsa-wg
Stephen M Pickles wrote:
Support for security in Taverna is, as Donal says, ongoing work.
However, at least one group is using Taverna to invoke secured services today. AstroGrid takes advantage of Taverna's plug-in technology to retrieve the necessary credentials to invoke a secured service from the "AstroGrid Runtime", a stateful service local to the user's desktop. This works fine for AstroGrid.
I've had a discussion with June Finch here about quite a lot more detail in relation to Taverna's security and I've got a couple of interesting points: 1) There's actually a lot of different security stuff going on around Taverna, but much of it is (helpfully) unpublished or specific to a particular project. (In some cases, username+password is what users are using, and we all know how *that* sucks...) 2) They lack use-cases (something I'm going to be able to help them with) and standards for how to handle security at a generic level. I suspect that they will benefit very strongly from the Express Authentication efforts, since it will cut through much of the thicket of confusion. Amazing how writing up things draws out comments from people. ;-) Donal.
participants (3)
-
Donal K. Fellows -
Rajkumar Buyya -
Stephen M Pickles