Abstract
Based on a proposed Web service-based grid architecture, a service grid middleware system called CROWN is designed in this paper. As the two kernel points of the middleware, the overlay-based distributed grid resource management mechanism is proposed, and the policy-based distributed access control mechanism with the capability of automatic negotiation of the access control policy and trust management and negotiation is also discussed in this paper. Experience of CROWN testbed deployment and application development shows that the middleware can support the typical scenarios such as computing-intensive applications, data-intensive applications and mass information processing applications.
Similar content being viewed by others
References
Foster I, Kesselman C. The Grid: Blueprint for a New Computing Infrastructure. 2nd ed. San Fransisco: Morgan Kaufmann, 2004. 279–310
Daniel A R. The TeraGrid: Cyber Infrastructure for 21st Century Science and Engineering. Arlington: National Science Foundation, 2001. http://www.teragrid.org/
Vision for the DOE Science Grid. http://doesciencegrid.org
Computer Challenges to Emerge from eScience. http://www.escience-grid.org.uk
Foster I. The Physiology of the Grid—An Open Grid Service Architecture for Distributed Systems Integration. Open Grid Service Infrastructure WG, Global Grid Forum. 2002
Web Service Resource Framework (Version 1.0). http://www.globus.org/wsrf/specs/ws-wsrf.pdf
Shu J, Hu C M, Ge S, et al. Research and implementation of web service runtime platform. J Comput Res Dev (in Chinese), 2004, 41(3): 442–450
Hu C M, Huai J P, Sun H L. Web service-based grid architecture and its supporting environment. J Softw (in Chinese), 2004, 15(7): 1064–1073
Hu C M, Huai J P, Zhu Y M, et al. Efficient information service management using service club in CROWN grid. In: Proceedings of 2005 IEEE International Conference on Service Computing (SCC 2005). Washington DC: IEEE Computer Society, 2005. 5–12
Sun H L, Zhu Y M, Hu C M, et al. Early experience of remote and hot service deployment with trustworthiness in CROWN grid. In: Proceedings of 6th International Workshop on Advanced Parallel Processing Technologies (APPT 2005). Berlin: Springer, 2005. 301–312
Foster I, Kesselman C, Tuecke S. The Anatomy of the Grid: Enabling Scalable Virtual Organization. Int J High Perform Comput Appl, 2001, 15(3): 200–222
Allen G, Benger W, Hege C, et al. Sloving Einstein’s equations on supercomputers. IEEE Comput Magz, 1999, 32(12): 52–58
Casanova H, Obertelli G, Berman F, et al. The AppLeS parameter sweep template: User-level middleware for the gird. In: Proceedings of Supercomputing 2000. Washington DC: IEEE Computer Society, 2000
Abramson D, Sosic R, Giddy J, et al. Nimrod: A tool for performing parameterized simulations using distributed workstations. In: Proceedings of 4th IEE Symposium on High Performance Distributed Computing. Washington DC: IEEE Computer Society, 1995
Nakada H, Sato M, Sekiguchi S. Design and implementations of Ninf: Toward a global computing infrastructure. Futur Gener Comput Syst, 1999, 15: 649–658
Litzkow M, Livny M, Mutka M. Condor—A hunter of idle workstations. In: Proceedings of 8th IEEE International Conference on Distributed Computing Systems, 1998. Washington DC: IEEE Computer Society, 1998. 104–111
Foster I, Kesselman C. Globus: A metacomputing infrastructure Toolkit. Int J Supercomput Appl, 1997, 11(2): 115–129
Chapin S, Katramatos D, Karpovich J, et al. The legion resource management system. In: Proceedings of the 5th Workshop on Job Scheduling Strategies for Parallel Processing (JSSPP’99), in conjunction with the International Parallel and Distributed Proceesing Symposium (IPDPS’99). Washington DC: IEEE Computer Society, 1999. 162–178
Gokhale A S, Natarajan B. GriT: A CORBA-based grid middleware architecture. In: Proceedings of the 36th Hawaii International Conference on System Sciences (HICSS’03). Washington DC: IEEE Computer Society, 2002. 319–322
Furmento N, Lee W, Mayer A, et al. ICENI: An open grid service architecture implemented with Jini. Parall Comput, 2002, 28(12): 1753–1772
Antonioletti M, Atkinson M P, Baxter R, et al. The design and implementation of grid database services in OGSA-DAI. Concurr Comput: Pract Exp, 2005, 17(2–4): 357–376
Pearlman L, Welch V, Foster I, et al. A community authorization servic for group collaboration. In: Proceedings of the 3rd IEEE International Workshop on Policies for Distributed Systems and Networks. Los Alamitos: IEEE Computer Society Press, 2002
Li Z, Mohapatra P. The impact of topology on overlay routing service. In: Proceedings of IEEE INFOCOM 2004. Washington DC: IEEE Computer Society, 2004
Andersen D G, Balakrishnan H, Kaashoek M, et al. Resilient overlay networks. In: Proceedings of 18th ACM Symposium on Operating Systems Principles (SOSP’01), Banff, Canada. New York: ACM Press, 2001. 131–145
Duan Z, Zhang Z L, Hou Y T. Service overlay networks: SLAs, QoS and bandwidth provisioning. In: Proceedings of 10th IEEE International Conference on Network Protocol (ICNP’02). Los Alamitos: IEEE Computer Society Press, 2002
Subramanian L, Stoica I, Balakrishnan H, et al. OverQoS: An overlay based architecture for enhancing internet QoS. In: Proceedings of USENIX 1st Symposium on Networked System Design and Implementation (NSDI 2004). San Francisco: USENIX Press, 2004. 71–84
Albert R, Barabasi A L. Statistical mechanics of complex network. Rev Mod Phys, 2002, (74): 47–97
Dorogovtsec S N, Mendes J F F. Evaluation of network. Adv Phys, 2002, (51): 1079–1187
Strogatz S H. Exploring complex networks. Nature, 2001, 410: 268–276
Abdel-Wahab H, Stoica I, Sultan F, et al. A simple and fast distributed algorithm to compute a minimum spanning tree in the internet. In: Proceedings of Joint Conference on Information Science’ 95. Washington DC: IEEE Computer Society, 1995. 429–433
Chu Y, Rao S G, Seshan S, et al. A case for end system multicast. In: Proceedings of ACM Sigmetrics 2000. New York: ACM Press, 2000
Czajkowski K, Fitzgerald S, Foster I, et al. Grid information services for distributed resource sharing. In: Proceedings of 10th IEEE International Symposium on High Performance Distributed Computing (2001). Washington DC: IEEE Computer Society, 2001. 181–184
Universal Description, Discovery and Integration of Web Services (UDDI) Version 2.0, http://www.uddi.org.OASIS, 2002
Shaikh-Ali A, Rana O, Al-Ali R, et al. UDDIe: An extended registry for Web service. In: Proceedings of Workshop on Service Oriented Computing Models, Architectures and Applications. Washington DC: IEEE Computer Society, 2003
DataGrid Information and Monitoring Services Architecture: Design, Requirements and Evaluation Crieteria. Technical Report, Data Grid Project. http://hepunx.rl.ac.uk/egee/jral-uk/glite/doc/java.pdf, 2002
Raman R, Livny M, Solomon M. Matchmaking: Distributed resource management for high throughput computing. In: Proceedings of IEEE International Symposium on High Performance Distributed Computing (HPDC-7). Washington DC: IEEE Computer Society, 1998
Hong W, Lim M, Kim E, et al. GIS: Grid advanced information service based on P2P mechanism. In: Proceedings of the 13th IEEE International Symposium on High Performance Distributed Computing (HPDC-13). Washington DC: IEEE Computer Society, 2004. 276–277
Dong F P, Gong Y L, Li W, et al. Research on resource discovery mechanisms in grids. J Comput Res Dev (in Chinese), 2003, 40(12): 1749–1755
Zhang Y, Lin L, Huai J P. Balancing trust and incentive in peer-to-peer collaborative system. Int J Netw Secur, in press
Lorch M, Adams D, Kafura D, et al. The PRIMA system for privilege management, authorization and enforcement in grid environments. In: Proceedings of the 4th International Workshop on Grid Computing (Grid 2003). Los Alamitos: IEEE Computer Society, 2003
Foster I, Kesselman C, Tsudik G, et al. A security architecture for computational girds. In: Proceedings of the 5th ACM Conference on Computer and Communications Security. New York: ACM Press, 1998. 83–92
Pearlman L, Welch V, Foster I, et al. A community authorization service for group collaboration. In: Proceedings of IEEE 3rd International Workshop on Policies for Distributed Systems and Networks. Washington DC: IEEE Computer Society, 2002. 50–59
Thompson M R, Mudumbai S. Certificate-based authorization policy in a PKI environment. ACM Trans Inf Syst Secur (TISSEC), 2003, 6(4): 566–588
Khurana H. Negotiation and management of coalition resources. Ph.D Thesis, University of Maryland, 2002
Bharadwaj V G, Baras J S. Towards automated negotiation of access controls policies. In: Proceedings of the 4th IEEE International Workshop on Policies for Distributed Systems and Networks. Washington DC: IEEE Computer Society, 2003. 111–119
Xue W, Huai J P, Liu Y H. Access control policy negotiation for remote hot-deployed grid services. In: The First International Conference on e-Science and Grid Computing (eScience2005). Melbourne: IEEE Computer Society, 2005
Clark D D, Wilson D R. A comparison of commercial and military computer security policies. In: Proceedings of 1987 IEEE Symposium on Security and Privacy. Los Alamitos: IEEE Computer Society, 1987. 184–195
Blaze M, Feigenbaum J, Lacy J. Decentralized trust management. In: IEEE Symposium on Security and Privacy. Los Alamitos: IEEE Computer Society, 1996
Xu F, Lu J. Research and development of trust management in Web security. J Softw (in Chinese), 2002, 13(11): 2057–2064
Winsborough W H, Seamons K E, Jones V E. Automated trust negotiation. In: DARPA Information Survivability Conference and Exposition. New York: IEEE Press, 2000
Li J X, Huai J P, Li X X. Research on automated trust negotiation. J Softw(in Chinese), 2006, 17(1): 124–133
Herzberg A, Mass Y, Michaeli J, et al. Access control meets public key infrastructure, or: Assigning roles to strangers. In: IEEE Symposium on Security and Privacy (S&P 2000). Los Alamitos: IEEE Computer Society, 2000
Winslett M, Yu T, Seamons K E, et al. The TrustBuilder architecture for trust negotiation. IEEE Internet Comput, 2002, 6(6): 30–37
Author information
Authors and Affiliations
Corresponding authors
Rights and permissions
About this article
Cite this article
Huai, J., Hu, C., Li, J. et al. CROWN: A service grid middleware with trust management mechanism. SCI CHINA SER F 49, 731–758 (2006). https://doi.org/10.1007/s11432-006-2029-z
Received:
Accepted:
Issue Date:
DOI: https://doi.org/10.1007/s11432-006-2029-z