Trusted Grid computing with security binding and trust integration

被引：30

作者：

Song S. ^{[1
]}

Hwang K. ^{[1
]}

Kwok Y.-K. ^{[1
]}

机构：

[1] Internet and Grid Computing Laboratory, University of Southern California, Los Angeles, CA 90089-2562

来源：

Journal of Grid Computing | 2005年 / 3卷 / 1-2期

基金：

美国国家科学基金会;

关键词：

Computational Grids; Fuzzy logic; NAS and PSA benchmarks; Performance evaluation; Resource allocation; Scalability analysis; Trust models;

D O I：

10.1007/s10723-005-5465-x

中图分类号：

学科分类号：

摘要：

Trusted Grid computing demands robust resource allocation with security assurance at all resource sites. Large-scale Grid applications are being hindered by lack of security assurance from remote resource sites. We developed a security-binding scheme through site reputation assessment and trust integration across Grid sites. We do not treat the trust factor deterministically. Instead, we apply fuzzy theory to handle the fuzziness or uncertainties behind all trust attributes. The binding is achieved by periodic exchange of site security information and matchmaking to satisfy user job demands. PKI-based trust model supports Grids in multi-site authentication and single sign-on operations. However, cross certificates are inadequate to assess local security conditions at Grid sites. We propose a new fuzzy-logic trust model for distributed trust aggregation through fuzzification and integration of security attributes. We introduce the trust index of a Grid site, which is determined by site reputation from its track record and self-defense capability attributed to the risk conditions and hardware and software defenses deployed at a Grid site. A Secure Grid Outsourcing (SeGO) system is designed for secure scheduling a large number of autonomous and indivisible jobs to Grid sites. Significant performance gains are observed after trust aggregation, which is evaluated by running scalable NAS and PSA workloads over simulated Grids. Our security-binding scheme scales well with increasing user jobs and Grid sites. The new scheme can guide the security upgrade of Grid sites and predict the Grid performance of large workloads under risky conditions. © Springer 2005.

引用

页码：53 / 73

页数：20

共 44 条

[1]

Abe S., Lan M., Fuzzy Rules Extraction Directly from Numerical Data for Function Approximation, IEEE Trans. on SMC, 25, pp. 119-129, (1995)

[2]

Azzedin F., Maheswaran M., A Trust Brokering System and Its Application to Resource Management in Public-Resource Grids, Proceedings of IPDPS 2004

[3]

Berman F., Fox G., Hey T., Grid Computing: Making the Global Infrastructure a Reality, (2003)

[4]

Berman F., Wolski R., Casanova H., Cirne W., Dail H., Faerman M., Figueira S., Hayes G., Obertelli J., Schopf J., Shao G., Smallen S., Spring N., Su A., Zagorodnov D., Adaptive Computing on the Grid Using AppLeS, IEEE Trans. on Parallel and Distributed Systems, 14, (2003)

[5]

Butt A., Adabala S., Kapadia N., Figueiredo R., Fortes J., Fine-Grain Access Control for Securing Shared Resources in Computational Grids, Proceedings of IPDPS 2002, (2002)

[6]

Buyya R., Murshed M., Abramson D., A Deadline and Budge Constrained Cost-Time Optimization Algorithm for Scheduling Task Farming Applications on Global Grids, The Internat. Conf. on Parallel and Distributed Processing Techniques and Applications, (2002)

[7]

Cai M., Chen Y., Kwok Y.K., Hwang K., Fast Containment of Internet Worm Outbreaks and Flood Attacks with Distributed-Hashing Security Overlays, IEEE Security and Privacy, (2005)

[8]

Casanova H., Legrand A., Zagorodnov D., Berman F., Heuristics for Scheduling Parameter Sweep Applications in Grid Environments, Proceedings of HCW, (2000)

[9]

Cosnard M., Merzky A., Meta- and Grid-Computing, Proceedings of the 8th International Euro-Par Conference, pp. 861-862, (2002)

[10]

Czajkowski K., Foster I., Kesselman C., Resource Co-Allocation in Computational Grids, Proceedings of the 8th IEEE Int'l Symposium on High Performance of Distributed Computing (HPDC-8), (1999)

← 1 2 3 4 5 →