Skip to main content
SpringerLink
Log in

CROWN: A service grid middleware with trust management mechanism

  • Published:
Science in China Series F: Information Sciences Aims and scope Submit manuscript

Abstract

Based on a proposed Web service-based grid architecture, a service grid middleware system called CROWN is designed in this paper. As the two kernel points of the middleware, the overlay-based distributed grid resource management mechanism is proposed, and the policy-based distributed access control mechanism with the capability of automatic negotiation of the access control policy and trust management and negotiation is also discussed in this paper. Experience of CROWN testbed deployment and application development shows that the middleware can support the typical scenarios such as computing-intensive applications, data-intensive applications and mass information processing applications.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Foster I, Kesselman C. The Grid: Blueprint for a New Computing Infrastructure. 2nd ed. San Fransisco: Morgan Kaufmann, 2004. 279–310

    Google Scholar 

  2. Daniel A R. The TeraGrid: Cyber Infrastructure for 21st Century Science and Engineering. Arlington: National Science Foundation, 2001. http://www.teragrid.org/

    Google Scholar 

  3. Vision for the DOE Science Grid. http://doesciencegrid.org

  4. Computer Challenges to Emerge from eScience. http://www.escience-grid.org.uk

  5. Foster I. The Physiology of the Grid—An Open Grid Service Architecture for Distributed Systems Integration. Open Grid Service Infrastructure WG, Global Grid Forum. 2002

  6. Web Service Resource Framework (Version 1.0). http://www.globus.org/wsrf/specs/ws-wsrf.pdf

  7. Shu J, Hu C M, Ge S, et al. Research and implementation of web service runtime platform. J Comput Res Dev (in Chinese), 2004, 41(3): 442–450

    Google Scholar 

  8. Hu C M, Huai J P, Sun H L. Web service-based grid architecture and its supporting environment. J Softw (in Chinese), 2004, 15(7): 1064–1073

    MATH  Google Scholar 

  9. Hu C M, Huai J P, Zhu Y M, et al. Efficient information service management using service club in CROWN grid. In: Proceedings of 2005 IEEE International Conference on Service Computing (SCC 2005). Washington DC: IEEE Computer Society, 2005. 5–12

    Google Scholar 

  10. Sun H L, Zhu Y M, Hu C M, et al. Early experience of remote and hot service deployment with trustworthiness in CROWN grid. In: Proceedings of 6th International Workshop on Advanced Parallel Processing Technologies (APPT 2005). Berlin: Springer, 2005. 301–312

    Google Scholar 

  11. Foster I, Kesselman C, Tuecke S. The Anatomy of the Grid: Enabling Scalable Virtual Organization. Int J High Perform Comput Appl, 2001, 15(3): 200–222

    Article  Google Scholar 

  12. Allen G, Benger W, Hege C, et al. Sloving Einstein’s equations on supercomputers. IEEE Comput Magz, 1999, 32(12): 52–58

    Google Scholar 

  13. Casanova H, Obertelli G, Berman F, et al. The AppLeS parameter sweep template: User-level middleware for the gird. In: Proceedings of Supercomputing 2000. Washington DC: IEEE Computer Society, 2000

    Google Scholar 

  14. Abramson D, Sosic R, Giddy J, et al. Nimrod: A tool for performing parameterized simulations using distributed workstations. In: Proceedings of 4th IEE Symposium on High Performance Distributed Computing. Washington DC: IEEE Computer Society, 1995

    Google Scholar 

  15. Nakada H, Sato M, Sekiguchi S. Design and implementations of Ninf: Toward a global computing infrastructure. Futur Gener Comput Syst, 1999, 15: 649–658

    Article  Google Scholar 

  16. Litzkow M, Livny M, Mutka M. Condor—A hunter of idle workstations. In: Proceedings of 8th IEEE International Conference on Distributed Computing Systems, 1998. Washington DC: IEEE Computer Society, 1998. 104–111

    Google Scholar 

  17. Foster I, Kesselman C. Globus: A metacomputing infrastructure Toolkit. Int J Supercomput Appl, 1997, 11(2): 115–129

    Article  Google Scholar 

  18. Chapin S, Katramatos D, Karpovich J, et al. The legion resource management system. In: Proceedings of the 5th Workshop on Job Scheduling Strategies for Parallel Processing (JSSPP’99), in conjunction with the International Parallel and Distributed Proceesing Symposium (IPDPS’99). Washington DC: IEEE Computer Society, 1999. 162–178

    Google Scholar 

  19. Gokhale A S, Natarajan B. GriT: A CORBA-based grid middleware architecture. In: Proceedings of the 36th Hawaii International Conference on System Sciences (HICSS’03). Washington DC: IEEE Computer Society, 2002. 319–322

    Google Scholar 

  20. Furmento N, Lee W, Mayer A, et al. ICENI: An open grid service architecture implemented with Jini. Parall Comput, 2002, 28(12): 1753–1772

    Article  MATH  Google Scholar 

  21. Antonioletti M, Atkinson M P, Baxter R, et al. The design and implementation of grid database services in OGSA-DAI. Concurr Comput: Pract Exp, 2005, 17(2–4): 357–376

    Article  Google Scholar 

  22. Pearlman L, Welch V, Foster I, et al. A community authorization servic for group collaboration. In: Proceedings of the 3rd IEEE International Workshop on Policies for Distributed Systems and Networks. Los Alamitos: IEEE Computer Society Press, 2002

    Google Scholar 

  23. Li Z, Mohapatra P. The impact of topology on overlay routing service. In: Proceedings of IEEE INFOCOM 2004. Washington DC: IEEE Computer Society, 2004

    Google Scholar 

  24. Andersen D G, Balakrishnan H, Kaashoek M, et al. Resilient overlay networks. In: Proceedings of 18th ACM Symposium on Operating Systems Principles (SOSP’01), Banff, Canada. New York: ACM Press, 2001. 131–145

    Google Scholar 

  25. Duan Z, Zhang Z L, Hou Y T. Service overlay networks: SLAs, QoS and bandwidth provisioning. In: Proceedings of 10th IEEE International Conference on Network Protocol (ICNP’02). Los Alamitos: IEEE Computer Society Press, 2002

    Google Scholar 

  26. Subramanian L, Stoica I, Balakrishnan H, et al. OverQoS: An overlay based architecture for enhancing internet QoS. In: Proceedings of USENIX 1st Symposium on Networked System Design and Implementation (NSDI 2004). San Francisco: USENIX Press, 2004. 71–84

    Google Scholar 

  27. Albert R, Barabasi A L. Statistical mechanics of complex network. Rev Mod Phys, 2002, (74): 47–97

  28. Dorogovtsec S N, Mendes J F F. Evaluation of network. Adv Phys, 2002, (51): 1079–1187

  29. Strogatz S H. Exploring complex networks. Nature, 2001, 410: 268–276

    Article  Google Scholar 

  30. Abdel-Wahab H, Stoica I, Sultan F, et al. A simple and fast distributed algorithm to compute a minimum spanning tree in the internet. In: Proceedings of Joint Conference on Information Science’ 95. Washington DC: IEEE Computer Society, 1995. 429–433

    Google Scholar 

  31. Chu Y, Rao S G, Seshan S, et al. A case for end system multicast. In: Proceedings of ACM Sigmetrics 2000. New York: ACM Press, 2000

    Google Scholar 

  32. Czajkowski K, Fitzgerald S, Foster I, et al. Grid information services for distributed resource sharing. In: Proceedings of 10th IEEE International Symposium on High Performance Distributed Computing (2001). Washington DC: IEEE Computer Society, 2001. 181–184

    Chapter  Google Scholar 

  33. Universal Description, Discovery and Integration of Web Services (UDDI) Version 2.0, http://www.uddi.org.OASIS, 2002

  34. Shaikh-Ali A, Rana O, Al-Ali R, et al. UDDIe: An extended registry for Web service. In: Proceedings of Workshop on Service Oriented Computing Models, Architectures and Applications. Washington DC: IEEE Computer Society, 2003

    Google Scholar 

  35. DataGrid Information and Monitoring Services Architecture: Design, Requirements and Evaluation Crieteria. Technical Report, Data Grid Project. http://hepunx.rl.ac.uk/egee/jral-uk/glite/doc/java.pdf, 2002

  36. Raman R, Livny M, Solomon M. Matchmaking: Distributed resource management for high throughput computing. In: Proceedings of IEEE International Symposium on High Performance Distributed Computing (HPDC-7). Washington DC: IEEE Computer Society, 1998

    Google Scholar 

  37. Hong W, Lim M, Kim E, et al. GIS: Grid advanced information service based on P2P mechanism. In: Proceedings of the 13th IEEE International Symposium on High Performance Distributed Computing (HPDC-13). Washington DC: IEEE Computer Society, 2004. 276–277

    Google Scholar 

  38. Dong F P, Gong Y L, Li W, et al. Research on resource discovery mechanisms in grids. J Comput Res Dev (in Chinese), 2003, 40(12): 1749–1755

    Google Scholar 

  39. Zhang Y, Lin L, Huai J P. Balancing trust and incentive in peer-to-peer collaborative system. Int J Netw Secur, in press

  40. Lorch M, Adams D, Kafura D, et al. The PRIMA system for privilege management, authorization and enforcement in grid environments. In: Proceedings of the 4th International Workshop on Grid Computing (Grid 2003). Los Alamitos: IEEE Computer Society, 2003

    Google Scholar 

  41. Foster I, Kesselman C, Tsudik G, et al. A security architecture for computational girds. In: Proceedings of the 5th ACM Conference on Computer and Communications Security. New York: ACM Press, 1998. 83–92

    Chapter  Google Scholar 

  42. Pearlman L, Welch V, Foster I, et al. A community authorization service for group collaboration. In: Proceedings of IEEE 3rd International Workshop on Policies for Distributed Systems and Networks. Washington DC: IEEE Computer Society, 2002. 50–59

    Chapter  Google Scholar 

  43. Thompson M R, Mudumbai S. Certificate-based authorization policy in a PKI environment. ACM Trans Inf Syst Secur (TISSEC), 2003, 6(4): 566–588

    Article  Google Scholar 

  44. Khurana H. Negotiation and management of coalition resources. Ph.D Thesis, University of Maryland, 2002

  45. Bharadwaj V G, Baras J S. Towards automated negotiation of access controls policies. In: Proceedings of the 4th IEEE International Workshop on Policies for Distributed Systems and Networks. Washington DC: IEEE Computer Society, 2003. 111–119

    Chapter  Google Scholar 

  46. Xue W, Huai J P, Liu Y H. Access control policy negotiation for remote hot-deployed grid services. In: The First International Conference on e-Science and Grid Computing (eScience2005). Melbourne: IEEE Computer Society, 2005

    Google Scholar 

  47. Clark D D, Wilson D R. A comparison of commercial and military computer security policies. In: Proceedings of 1987 IEEE Symposium on Security and Privacy. Los Alamitos: IEEE Computer Society, 1987. 184–195

    Google Scholar 

  48. Blaze M, Feigenbaum J, Lacy J. Decentralized trust management. In: IEEE Symposium on Security and Privacy. Los Alamitos: IEEE Computer Society, 1996

    Google Scholar 

  49. Xu F, Lu J. Research and development of trust management in Web security. J Softw (in Chinese), 2002, 13(11): 2057–2064

    MathSciNet  Google Scholar 

  50. Winsborough W H, Seamons K E, Jones V E. Automated trust negotiation. In: DARPA Information Survivability Conference and Exposition. New York: IEEE Press, 2000

    Google Scholar 

  51. Li J X, Huai J P, Li X X. Research on automated trust negotiation. J Softw(in Chinese), 2006, 17(1): 124–133

    MathSciNet  MATH  Google Scholar 

  52. Herzberg A, Mass Y, Michaeli J, et al. Access control meets public key infrastructure, or: Assigning roles to strangers. In: IEEE Symposium on Security and Privacy (S&P 2000). Los Alamitos: IEEE Computer Society, 2000

    Google Scholar 

  53. Winslett M, Yu T, Seamons K E, et al. The TrustBuilder architecture for trust negotiation. IEEE Internet Comput, 2002, 6(6): 30–37

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. School of Computer Science & Engineering, Beihang University, Beijing, 100083, China

    Huai Jinpeng, Hu Chunming, Li Jianxin, Sun Hailong & Wo Tianyu

Authors
  1. Huai Jinpeng
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Hu Chunming
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Li Jianxin
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Sun Hailong
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Wo Tianyu
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding authors

Correspondence to Huai Jinpeng or Hu Chunming.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Huai, J., Hu, C., Li, J. et al. CROWN: A service grid middleware with trust management mechanism. SCI CHINA SER F 49, 731–758 (2006). https://doi.org/10.1007/s11432-006-2029-z

Download citation

  • Received:

  • Accepted:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11432-006-2029-z

Keywords

Search

Navigation