BE 25 – BEinEIMRT Demo CESGA - UVIGO - USC - CHUS - UCM Araceli Gago Arias, Daniel A. Rodríguez...
-
Upload
madlyn-robbins -
Category
Documents
-
view
214 -
download
0
Transcript of BE 25 – BEinEIMRT Demo CESGA - UVIGO - USC - CHUS - UCM Araceli Gago Arias, Daniel A. Rodríguez...
BE 25 – BEinEIMRTDemo
CESGA - UVIGO - USC - CHUS - UCM
Araceli Gago Arias, Daniel A. Rodríguez Silva University of Santiago, University of Vigo
Business Experiments in GRID2
Outline
• General scenario overview
• Demonstration architecture
• Demonstration scenario
• Live demo
• Technical innovation
• Demonstrated use of Grid
• Validation of AC1 components
• Conclusion
Business Experiments in GRID3
- In 2000 more than 6.2 million deaths in the world- 15 million in 2020 (WHO forecast )- In Europe: 3 million new patients per year- 1.7 million deaths- BUT: Cancer can be cured in many cases
General scenario overview
Business Experiments in GRID4
ChemotherapyChemotherapySurgerySurgery
RadiotherapyRadiotherapy
How to fight cancer
>60 %
of patients
Business Experiments in GRID5
Computed Tomography (CT)
Tumor
Radiotherapy
Depth dose profile
Tumor control and complications probability
Dose deposition in patient on CT image
Business Experiments in GRID6
TREATMENT PLANNING SYSTEMS
USED TO DESIGN TREATMENTS
DOSE ALGORITHMSDOSE ALGORITHMS•FastFast•Limited accuracyLimited accuracy
Treatment Planning Systems (TPS)
Business Experiments in GRID7
VAST COMPUTATIONAL RESOURCES VIA WEBVAST COMPUTATIONAL RESOURCES VIA WEB
ACCURATE DOSE ALGORITHMSACCURATE DOSE ALGORITHMS
What can BEinEIMRT do for radiotherapy?
Monte Carlo Simulation
Business Experiments in GRID8
General scenario overview
Hospital Hospital staffstaff
Hospital Hospital staffstaff
Patient’sTreatmentInformation
Patient’sTreatmentInformation
HospitalTPS
HospitalTPS TreatmentTreatment
RadiationRadiationPlanPlan
BEinEIMRTServices
BEinEIMRTServices
PatientPatient
Verify treatment Verify treatment plansplans
Calculate optimal Calculate optimal treamentstreaments
Verify treatment Verify treatment plansplans
Calculate optimal Calculate optimal treamentstreaments
DICOM
Business Experiments in GRID9
Main features of e-IMRT platform
• Treatment verification– Very accurate dose calculation (Monte Carlo)– Grid reduces the response time– Realistic dose simulation in affordable time
• Searching of optimal treatment solutions– Prescriptions: organs to spare & regions to treat– Many possible solutions fulfilling prescriptions– Set of optimal solutions in affordable time
Business Experiments in GRID10
Architecture of the demo
• Service-Oriented Architecture (SOA)– Based on Web Services (WS)
• Client Web Portal
• User roles:– Hospital user– Hospital administrator– System administrator
• SLA Negotiation
• Services security: PEP + PDP
Hospital
TREATMENTSERVICES
(WS)
LOCAL COMPUTINGRESOURCES
3rd PARTYCOMPUTING RESOURCES
3rd PARTYCOMPUTING RESOURCES
INTERNET
GRID
WEB SERVER
SLASLA
PEPPDP
DB
Business Experiments in GRID11
Security Components: securing WS
• Secure data exchange: confidentiality, privacy, and integrity• All requests pass through the PEP/PDP security software• PEP – Policy Enforcement Point
– Vordel’s XML Gateway with BEinGRID enhancements– Protect Web Services from wide range of attacks– Intercepts and processes all incoming requests– Policy-based, centralized control – Secure service virtualization, contextualization, and exposure– Calls out to PDP for authorization request
• PDP – Policy Decision Point– Axiomatics’ Authorization Service with BEinGRID enhancements– Checks access control requests against its access control policies– Network-hosted: easy to integrate with other solutions e.g. the PEP– Constrained delegated administration of access control policies
• Validate BEinGRID’s General Security common capabilities
Business Experiments in GRID12
PEP-PDP interaction
Security GWHOSPITAL
PolicyServer
TREATMENT SERVICES
Policies
DB
PDPWeb Service
getRole
verify
optimize
commissioning
verify1
23
4
5
6
PDP
PEP
Business Experiments in GRID13
Management of Grid Resources
• GridWay Middleware– Submits jobs to Grid resources and
monitors them
– Requires specific plug-in to work with BE25
• SLA Negotiator– Automatically contracts external resources
as needed.
– Integrated with GridWay
– Component from BEinGRID’s SLA cluster
• Other implemented features– Monitoring of SLA
– Accounting of SLA
Business Experiments in GRID14
SLA Negotiation overview
GRIDWAYGRIDWAYTREATMENTSERVICES
SLASLA
DRMAA
SLA Negotiator
client
SLA Negotiator
server
GRIDGRID
EXTERNALRESOURCES
PROVIDER
Business Experiments in GRID15
SLA components interaction
Provider List
Pre SLA
Broker Broker GW-SLAGW-SLA
GW Internal Struct
SLANegotiator
client
SLA Evaluation
SLANegotiator
server
Plugin GW-SLADB Services
GRIDWAY
Resourcesprovider
Business Experiments in GRID16
Demonstration scenario
• Web portal:– Internet browser, any operating system– Java plugin + Flash plugin required (common plugins)
• SLA negotiation– Admin configuration web page for SLA– Console to check the automatic SLA negotiation
• Security components– PEP real time monitoring to display blocked and
accepted requests– PEP administrator to show Gateway’s policies– Console to monitor the PDP traces
Business Experiments in GRID17
Live demonstration
Business Experiments in GRID18
Technical innovation
• New service for IMRT virtual verification• New service for treatment plan optimization• 3D gamma maps in minutes• Web-based front-end to facilitate the access from
hospitals• Based on Web Services easy integration with
local TPS
• Hides computing resources: GridWay+SLAs• Service-Oriented security: PEP+PDP integration
Business Experiments in GRID19
Demonstrated use of Grid
• Reduces the time to obtain results– The results can be produced on time thanks to
the aggregation of computing resources
• Reduces computing entry investments– The new company only has to buy the front-
ends. The computing resources can be provisioned on demand
• Increases the flexibility– The available computing resources can be
adapted to the demand dynamically
Business Experiments in GRID20
Validation of AC1 components
• SLA-Negotiation validation
– Successfully integrated with GridWay • Some additions were needed• Allows to add available resources on demand
– Validated benefits of using SLA Negotiation• Execution time decreases using SLA Negotiation• Verification: Execution Time < 5 hours• Optimization: Execution time < 2 hours
Business Experiments in GRID21
• Security validation
• Global security has been improved, hospital data is exchanged safely
• Anonymization and HTTPS complement Web Services security
Validation of AC1 components
PDP
Vordel XMLGateway
Custom Application
www
Web ClientWeb Portal
HTTPS
Vordel XMLGateway
GRID
DB
WSPEP
HTTPS
HTTPS
Axiomatics Policy Server
An
on
ymiz
atio
n
Business Experiments in GRID22
• PEP+PDP validation
– Policy Enforcement Point (PEP) validation• SSL: communication from hospitals to GW and from GW to
Services is encrypted• Protection against different attacks and bad-formed requests• Extensible security gateway: integration with PDP for fine-grained
access control
– Policy Decision Point (PDP) validation• Encryption and digital signatures are used between PEP and PDP • Authorization: PEP validates access control requests against PDP
policies
– Components successfully integrated increasing the security of the services
Validation of AC1 components
Business Experiments in GRID23
Conclusions
• The proof of concept has been successfully demonstrated
• Grid reduces the time to obtain results significantly
• Web portal allows easy, flexible access to services
• There is room for some improvement in the treatment optimization tool
• SLA tools provided by BEinGRID’s SLA cluster have been improved
• Distributed architecture calls for new security mechanisms Successful integration of those provided by BEinGRID’s General Security cluster
THANK YOU
Any questions?
© BEinGRID Consortium