Skip to main content
SpringerLink
Log in

Trusted Grid Computing with Security Binding and Trust Integration

  • Published:
Journal of Grid Computing Aims and scope Submit manuscript

Abstract

Trusted Grid computing demands robust resource allocation with security assurance at all resource sites. Large-scale Grid applications are being hindered by lack of security assurance from remote resource sites. We developed a security-binding scheme through site reputation assessment and trust integration across Grid sites. We do not treat the trust factor deterministically. Instead, we apply fuzzy theory to handle the fuzziness or uncertainties behind all trust attributes. The binding is achieved by periodic exchange of site security information and matchmaking to satisfy user job demands.

PKI-based trust model supports Grids in multi-site authentication and single sign-on operations. However, cross certificates are inadequate to assess local security conditions at Grid sites. We propose a new fuzzy-logic trust model for distributed trust aggregation through fuzzification and integration of security attributes. We introduce the trust index of a Grid site, which is determined by site reputation from its track record and self-defense capability attributed to the risk conditions and hardware and software defenses deployed at a Grid site.

A Secure Grid Outsourcing (SeGO) system is designed for secure scheduling a large number of autonomous and indivisible jobs to Grid sites. Significant performance gains are observed after trust aggregation, which is evaluated by running scalable NAS and PSA workloads over simulated Grids. Our security-binding scheme scales well with increasing user jobs and Grid sites. The new scheme can guide the security upgrade of Grid sites and predict the Grid performance of large workloads under risky conditions.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. S. Abe and M. Lan, ???Fuzzy Rules Extraction Directly from Numerical Data for Function Approximation???, IEEE Trans. on SMC, Vol. 25, pp. 119???129, 1995.

    MathSciNet  Google Scholar 

  2. F. Azzedin and M. Maheswaran, ???A Trust Brokering System and Its Application to Resource Management in Public-Resource Grids???, in Proceedings of IPDPS 2004.

  3. F. Berman, G. Fox and T. Hey (eds.), Grid Computing: Making the Global Infrastructure a Reality. Wiley, 2003.

  4. F. Berman, R. Wolski, H. Casanova, W. Cirne, H. Dail, M. Faerman, S. Figueira, J. Hayes, G. Obertelli, J. Schopf, G. Shao, S. Smallen, N. Spring, A. Su and D. Zagorodnov, ???Adaptive Computing on the Grid Using AppLeS???, IEEE Trans. on Parallel and Distributed Systems, Vol. 14, April 2003.

  5. A. Butt, S. Adabala, N. Kapadia, R. Figueiredo and J. Fortes, ???Fine-Grain Access Control for Securing Shared Resources in Computational Grids???, in Proceedings of IPDPS 2002, April 2002.

  6. R. Buyya, M. Murshed and D. Abramson, ???A Deadline and Budge Constrained Cost-Time Optimization Algorithm for Scheduling Task Farming Applications on Global Grids???, in The Internat. Conf. on Parallel and Distributed Processing Techniques and Applications, 2002.

  7. M. Cai, Y. Chen, Y.K. Kwok and K. Hwang, ???Fast Containment of Internet Worm Outbreaks and Flood Attacks with Distributed-Hashing Security Overlays???, IEEE Security and Privacy, submitted July 2004 and revised February 2005.

  8. H. Casanova, A. Legrand, D. Zagorodnov and F. Berman, ???Heuristics for Scheduling Parameter Sweep Applications in Grid Environments???, in Proceedings of HCW 2000.

  9. M. Cosnard and A. Merzky, ???Meta- and Grid-Computing???, in Proceedings of the 8th International Euro-Par Conference, August 2002, pp. 861???862.

  10. K. Czajkowski, I. Foster and C. Kesselman, ???Resource Co-Allocation in Computational Grids???, in Proceedings of the 8th IEEE Int'l Symposium on High Performance of Distributed Computing (HPDC-8), 1999.

  11. E. Damiani, S. De Capitani di Vimercati, S. Paraboschi, P. Samarati and F. Violante, ???A Reputation-Based Approach for Choosing Reliable Resources in Peer-to-Peer Networks???, in Proceedings of ACM CCS 2002.

  12. D.G. Feitelson and B. Nitzberg, ???Job Characteristics of a Production Parallel Scientific Workload on the NASA Ames iPSC/860???, Research report RC 19790 (87657), IBM T.J. Watson Research Center, October 1994.

  13. I. Foster, C. Kesselman and G. Tsudik, ???The Security Architecture for Open Grid Services???, in The 5th ACM Conference on Computer and Communications Security Conference, 1998, pp. 83???92.

  14. R. Guha, R. Kumar, P. Raghavan and A. Tomkins, ???Propagation of Trust and Distrust???, in Proceedings of ACM WWW 2004.

  15. M. Gupta, P. Judge and M. Ammar, ???A Reputation System for Peer-to-Peer Networks???, in Proceedings of ACM NOSSDAV 2003.

  16. X. He, X.H. Sun and G. Laszewski, ???A QoS Guided Scheduling Algorithm for the Computational Grid???, in GCC02, Hainan, China, December 2002.

  17. M. Humphrey and M.R. Thompson, ???Security Implications of Typical Grid Computing Usage Scenarios???, in Proceedings of HPDC, August 2001.

  18. S. Hwang and C. Kesselman, ???A Flexible Framework for Fault Tolerance in the Grid???, J. Grid Computing, Vol. 1, No. 3, pp. 251???272, 2003.

    Article  MATH  Google Scholar 

  19. K. Hwang, Y. Kwok, S. Song, M. Cai, R. Zhou, Yu Chen, Ying Chen and X. Lou, ???GridSec: Trusted Grid Computing with Security Binding and Self-Defense against Network Worms and DDoS Attacks???, in International Workshop on Grid Computing Security and Resource Management (GSRM'05), in conjunction with ICCS 2005, Atlanta, May 22???25, 2005.

  20. K. Hwang and Z. Xu, Scalable Parallel Computing. McGraw-Hill: San Franscisco, 1998.

    MATH  Google Scholar 

  21. M. Humphrey, M. Thompson and K. Jackson, ???Security for Grids???, Proceedings of the IEEE, Vol. 93, No. 3, pp. 644???652, 2005.

    Article  Google Scholar 

  22. J. In, P. Avery, R. Cavanaygh and S. Ranka, ???Policy-Based Scheduling for Simple Quality of Service in Grid Computing???, in Proceedings of IPDPS 2004, April 2004.

  23. S.D. Kamvar, M.T. Schlosser and H. Garcia-Molina, ???The Eigentrust Algorithm for Reputation Management in P2P Networks???, in Proceedings of ACM WWW 2003.

  24. B. Kosko, Fuzzy Engineering. Prentice Hall, 1997.

  25. Y.-K. Kwok, S. Song and K. Hwang, ???Selfish Grid Computing: Game-Theoretic Modeling and NAS Performance Results???, in Proceedings of CCGrid 2005, Cardiff, UK, May 2005.

  26. C. Lin, V. Varadharajan, Y. Wang and V. Pruthi, ???Enhancing Grid Security with Trust Management???, in Proceedings of Services Computing 2004 (SCC 2004).

  27. C. Liu, L. Yang, I. Foster and D. Angulo, ???Design and Evaluation of a Resource Selection Framework for Grid Applications???, in Proceedings of HPDC-11, 2002.

  28. M. Maheswaran, S. Ali and H.J. Sigel, ???Dynamic Mapping and Scheduling of Independent Tasks onto Heterogeneous Computing Systems???, JPDC, pp. 107???131, 1999.

  29. S. Marti and H. Garcia-Molina, ???Limited Reputation Sharing in P2P Systems???, in Proceedings of ACM EC 2004.

  30. J. Novotny, S. Tuecke and V. Welch, ???An Online Credential Repository for the Grid: MyProxy???, in The 10th IEEE International Symposium on High Performance Distributed Computing (HPDC-10'01), San Francisco, CA, August 07???09, 2001.

  31. R. Perlman, ???An Overview of PKI Trust Models???, IEEE Network, December 1999, pp. 38???43.

  32. T.B. Quillinan, B.C. Clayton and S.N. Foley, ???GridAdmin: Decentralising Grid administration Using Trust Management???, in Proceedings of the ISPDC/HeteroPar'04, pp. 184???192.

  33. R. Raman, M. Livny and M. Solomon, ???Matchmaking: Distributed Resource Management for High Throughput Computing???, in Proceedings of the 7th IEEE International Symposium on High Performance Distributed Computing, Chicago, IL, July 28???31, 1998.

  34. J.M. Schopf, ???A General Architecture for Scheduling on the Grid???, Special Issue on Grid Computing, J. Parallel and Distributed Computing, April 2002.

  35. S. Song, K. Hwang and M. Macwan, ???Fuzzy Trust Integration for Security Enforcement in Grid Computing???, in Proceedings of IFIP International Conf. on Network and Parallel Computing, (NPC-2004), Wuhan, China, October 18???20, 2004, pp. 9???21.

  36. S. Song, Y.-K. Kwok and K. Hwang, ???Security-Driven Heuristics and a Fast Genetic Algorithm for Trusted Grid Computing???, in Proceedings of IPDPS 2005, Denver, Colorado, April 4???8, 2005.

  37. I. Stoica, R. Morris, D. Liben-Nowell, D.R. Karger, M.F. Kaashoek, F. Dabek and H. Balakrishnan, ???A Scalable Peer-to-Peer Lookup Protocol for Internet Applications???, IEEE/ACM Trans. on Networking, Vol. 11, No. 1, pp. 17???32, 2003.

    Article  Google Scholar 

  38. M. Surridge and C. Upstill, ???Grid Security: Lessons for Peer-to-Peer Systems???, in Proceedings of the 3rd International Conference on Peer-to-Peer Computing (P2P 2003), September 1???3, 2003.

  39. S. Tuecke, ???Grid Security Infrastructure (GSI) Roadmap???, Internet Draft, October 2000, http://www.gridforum.org/security/ggf1_2001-03/drafts/draft-ggf-gsi-roadmap-02.pdf.

  40. S. Vadhiyar and J. Dongarra, ???A Metascheduler for the Grid???, in The 11th IEEE International Symposium on High Performance Distributed Computing (HPDC'02), Edinburgh, Scotland, July 24???26, 2002.

  41. V. Welch, F. Siebenlist, I. Foster, J. Bresnahan, K. Czajkowski, J. Gawor, C. Kesselman, S. Meder, L. Pearlman and S. Tuecke, ???Security for Grid Services???, in Proceedings of the HPDC-12, 2003.

  42. R. Wolski, J. Brevik, J. Plank and T. Bryan, ???Grid Resource Allocation and Control Using Computational Economies???, Chapter 32 in F. Berman, G. Fox and A. Hey (eds.), Grid Computing: Making the Global Infrastructure a Reality, Wiley, 2003.

  43. M. Wu and X. Sun, ???A General Self-adaptive Task Scheduling System for Non-dedicated Heterogeneous Computing???, in IEEE Int'l Conf. on Cluster Computing, December 2003.

  44. L. Xiong and L. Liu, ???PeerTrust: Supporting Reputation-based Trust to P2P E-Communities???, IEEE Trans. Knowledge and Data Engineering, July 2004, pp. 843???857.

Download references

Author information

Authors and Affiliations

  1. Internet and Grid Computing Laboratory, University of Southern California, EEB-212, 3740 McClintock Avenue, Los Angeles, CA, 90089-2562, USA

    Shanshan Song, Kai Hwang & Yu-Kwong Kwok

Authors
  1. Shanshan Song
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Kai Hwang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Yu-Kwong Kwok
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Shanshan Song.

Additional information

The research work reported here was supported by a NSF ITR Grant 0325409. The paper is significantly extended from preliminary results presented in IFIP International Conference on Network and Parallel Computing (NPC-2004), IEEE International Parallel and Distributed Processing Symposium (IPDPS-2005), and International Workshop on Grid Security and Resource Management (GSRM-2005). The corresponding author is Kai Hwang at the University of Southern California.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Song, S., Hwang, K. & Kwok, YK. Trusted Grid Computing with Security Binding and Trust Integration. J Grid Computing 3, 53–73 (2005). https://doi.org/10.1007/s10723-005-5465-x

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10723-005-5465-x

Keywords

Search

Navigation