skip to main content
10.1145/1179559.1179567acmconferencesArticle/Chapter ViewAbstractPublication PagesccsConference Proceedingsconference-collections
Article

Access control for a replica management database

Published: 30 October 2006 Publication History

Abstract

Distributed computation systems have become an important tool for scientific simulation, and a similarly distributed replica management system may be employed to increase the locality and availability of storage services. While users of such systems may have low expectations regarding the security and reliability of the computation involved, they expect that committed data sets resulting from complete jobs will be protected against storage faults, accidents and intrusion. We offer a solution to the distributed storage security problem that has no global view on user names or authentication specifics. Access control is handled by a rendition protocol, which is similar to a rendezvous protocol but is driven by the capability of the client user to effect change in the data on the underlying storage. In this paper, we discuss the benefits and liabilities of such a system.

References

[1]
The American Heritage Dictionary of the English Language, Fourth Edition Houghton Mifflin Company.
[2]
WordNet 2.0 Princeton University.
[3]
A.L. Chervenak, N. Palavalli, S. Bharathi, C. Kesselman, and R. Schwartzkopf. Performance and scalability of a replica location service. In Proceedings of the International Symposium on High Performance Distributed Computing 2004.
[4]
I. Foster and C. Kesselman. Globus: A metacomputing infrastructure toolkit. International Journal of Supercomputer Applications 11, 1997.
[5]
I. Foster, C. Kesselman, G. Tsudik, and S. Tuecke. A security architecture for computational grids. ACM Conference on Computers and Security 1998.
[6]
Garth A. Gibson and Rodney Van Meter. Network attached storage architecture. Communications of the ACM November 2000.
[7]
The Globus Alliance. http://www.globus.org.
[8]
J. Howard, M. Kazar, S. Menees, D. Nichols, M. Satyanarayanan, R. Sidebotham, and M. West. Scale and performance in a distributed file system. ACM Transactions on Computer Systems 6, 1988.
[9]
M. Litzkow, M. Livny, and M. Mutka. Condor -A hunter of idle workstations. In Proceedings of the 8th International Conference of Distributed Computing Systems 1988.
[10]
B. Clifford Neuman and Theodore Ts'o. Kerberos: An authentication service for computer networks. IEEE Communications 32, 1994.
[11]
A. Rajasekar, M. Wan, R. Moore, G. Kremenek, and T. Guptill. Data grids, collections and grid bricks. In 20th IEEE/11th NASA Goddard Conference on Mass Storage Systems and Technologies 2003.
[12]
Tatyana Ryutov, Grig Gheorghiu, and Clifford Neuman. An authorization framework for metacomputing applications. In Proceedings of Cluster Computing 1999.
[13]
G. Singh, S. Bharati, A. Chervenak, E. Deelman, C. Kesselman, M. Manohar, S. Patil, and L. Pearlman. A metadata catalog service for data intensive applications. In Proceedings of Supercomputing 2003.
[14]
K. Tai, S. Murdock, B. Wu, M. Ng, S. Johnston, H. Fanghor, S.J. Cox, P. Jeffreys, J.W. Essex, and M.S.P. Sansom. BioSimGrid: towards a worldwide repository for biomolecular simulations. Org. Biomol. Chem. 2, 2004.
[15]
D. Thain, S. Klous, J. Wozniak, P. Brenner, A. Striegel, and J. Izaguirre. Separating abstractions from resources in a tactical storage system. In Proceedings of Supercomputing 2005.
[16]
Brian S. White, Michael Walker, Marty Humphrey, and Andrew S. Grimshaw. LegionFS: A secure and scalable file system supporting cross-domain high-performance applications. In Proceedings of Supercomputing 2001.
[17]
J.M. Wozniak, P. Brenner, D. Thain, A. Striegel, and J.A. Izaguirre. Generosity and gluttony in GEMS: Grid-Enabled Molecular Simulation. In Proceedings of the International Symposium on High Performance Distributed Computing 2005.
[18]
J.M. Wozniak, P. Brenner, D. Thain, A. Striegel, and J.A. Izaguirre. Applying feedback control to a replica management system. In Proceedings of the 38th Southeastern Symposium on System Theory 2006.

Cited By

View all
  • (2011)GEMS: User Control for Cooperative Scientific RepositoriesGrid Computing10.1007/978-0-85729-676-4_3(57-87)Online publication date: 30-May-2011
  • (2008)Biomolecular committor probability calculation enabled by processing in network storageParallel Computing10.1016/j.parco.2008.08.00134:11(652-660)Online publication date: 1-Nov-2008
  • (2007)Biomolecular Path Sampling Enabled by Processing in Network Storage2007 IEEE International Parallel and Distributed Processing Symposium10.1109/IPDPS.2007.370446(1-6)Online publication date: Mar-2007
  • Show More Cited By

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences
StorageSS '06: Proceedings of the second ACM workshop on Storage security and survivability
October 2006
94 pages
ISBN:1595935525
DOI:10.1145/1179559
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 30 October 2006

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. GEMS
  2. chirp
  3. distributed access control
  4. rendition protocol

Qualifiers

  • Article

Conference

CCS06
Sponsor:

Upcoming Conference

CCS '25

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)1
  • Downloads (Last 6 weeks)0
Reflects downloads up to 16 Feb 2025

Other Metrics

Citations

Cited By

View all
  • (2011)GEMS: User Control for Cooperative Scientific RepositoriesGrid Computing10.1007/978-0-85729-676-4_3(57-87)Online publication date: 30-May-2011
  • (2008)Biomolecular committor probability calculation enabled by processing in network storageParallel Computing10.1016/j.parco.2008.08.00134:11(652-660)Online publication date: 1-Nov-2008
  • (2007)Biomolecular Path Sampling Enabled by Processing in Network Storage2007 IEEE International Parallel and Distributed Processing Symposium10.1109/IPDPS.2007.370446(1-6)Online publication date: Mar-2007
  • (2007)Overdrive Controllers for Distributed Scientific ComputationProceedings of the Seventh IEEE International Symposium on Cluster Computing and the Grid10.1109/CCGRID.2007.80(893-898)Online publication date: 14-May-2007

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Figures

Tables

Media

Share

Share

Share this Publication link

Share on social media