Article

Access control for a replica management database

Authors:
Justin M. Wozniak

University of Notre Dame, Indiana

University of Notre Dame, Indiana
View Profile

,
Paul Brenner

University of Notre Dame, Indiana

University of Notre Dame, Indiana
View Profile

,
Douglas Thain

University of Notre Dame, Indiana

University of Notre Dame, Indiana
View Profile

StorageSS '06: Proceedings of the second ACM workshop on Storage security and survivabilityOctober 2006Pages 41–46https://doi.org/10.1145/1179559.1179567

Published:30 October 2006Publication History

StorageSS '06: Proceedings of the second ACM workshop on Storage security and survivability

Pages 41–46

ABSTRACT

Distributed computation systems have become an important tool for scientific simulation, and a similarly distributed replica management system may be employed to increase the locality and availability of storage services. While users of such systems may have low expectations regarding the security and reliability of the computation involved, they expect that committed data sets resulting from complete jobs will be protected against storage faults, accidents and intrusion. We offer a solution to the distributed storage security problem that has no global view on user names or authentication specifics. Access control is handled by a rendition protocol, which is similar to a rendezvous protocol but is driven by the capability of the client user to effect change in the data on the underlying storage. In this paper, we discuss the benefits and liabilities of such a system.

References

The American Heritage Dictionary of the English Language, Fourth Edition Houghton Mifflin Company.Google Scholar
WordNet 2.0 Princeton University.Google Scholar
A.L. Chervenak, N. Palavalli, S. Bharathi, C. Kesselman, and R. Schwartzkopf. Performance and scalability of a replica location service. In Proceedings of the International Symposium on High Performance Distributed Computing 2004. Google ScholarDigital Library
I. Foster and C. Kesselman. Globus: A metacomputing infrastructure toolkit. International Journal of Supercomputer Applications 11, 1997.Google Scholar
I. Foster, C. Kesselman, G. Tsudik, and S. Tuecke. A security architecture for computational grids. ACM Conference on Computers and Security 1998. Google ScholarDigital Library
Garth A. Gibson and Rodney Van Meter. Network attached storage architecture. Communications of the ACM November 2000. Google ScholarDigital Library
The Globus Alliance. http://www.globus.org.Google Scholar
J. Howard, M. Kazar, S. Menees, D. Nichols, M. Satyanarayanan, R. Sidebotham, and M. West. Scale and performance in a distributed file system. ACM Transactions on Computer Systems 6, 1988. Google ScholarDigital Library
M. Litzkow, M. Livny, and M. Mutka. Condor -A hunter of idle workstations. In Proceedings of the 8th International Conference of Distributed Computing Systems 1988.Google ScholarCross Ref
B. Clifford Neuman and Theodore Ts'o. Kerberos: An authentication service for computer networks. IEEE Communications 32, 1994.Google Scholar
A. Rajasekar, M. Wan, R. Moore, G. Kremenek, and T. Guptill. Data grids, collections and grid bricks. In 20th IEEE/11th NASA Goddard Conference on Mass Storage Systems and Technologies 2003. Google ScholarDigital Library
Tatyana Ryutov, Grig Gheorghiu, and Clifford Neuman. An authorization framework for metacomputing applications. In Proceedings of Cluster Computing 1999. Google ScholarDigital Library
G. Singh, S. Bharati, A. Chervenak, E. Deelman, C. Kesselman, M. Manohar, S. Patil, and L. Pearlman. A metadata catalog service for data intensive applications. In Proceedings of Supercomputing 2003. Google ScholarDigital Library
K. Tai, S. Murdock, B. Wu, M. Ng, S. Johnston, H. Fanghor, S.J. Cox, P. Jeffreys, J.W. Essex, and M.S.P. Sansom. BioSimGrid: towards a worldwide repository for biomolecular simulations. Org. Biomol. Chem. 2, 2004.Google Scholar
D. Thain, S. Klous, J. Wozniak, P. Brenner, A. Striegel, and J. Izaguirre. Separating abstractions from resources in a tactical storage system. In Proceedings of Supercomputing 2005. Google ScholarDigital Library
Brian S. White, Michael Walker, Marty Humphrey, and Andrew S. Grimshaw. LegionFS: A secure and scalable file system supporting cross-domain high-performance applications. In Proceedings of Supercomputing 2001. Google ScholarDigital Library
J.M. Wozniak, P. Brenner, D. Thain, A. Striegel, and J.A. Izaguirre. Generosity and gluttony in GEMS: Grid-Enabled Molecular Simulation. In Proceedings of the International Symposium on High Performance Distributed Computing 2005. Google ScholarDigital Library
J.M. Wozniak, P. Brenner, D. Thain, A. Striegel, and J.A. Izaguirre. Applying feedback control to a replica management system. In Proceedings of the 38th Southeastern Symposium on System Theory 2006. Google ScholarDigital Library

Index Terms

Access control for a replica management database

Recommendations

Replica Management in Object-based Systems
ICOIN '01: Proceedings of the The 15th International Conference on Information Networking

In object-based systems, objects are encapsulations of data and procedures named methods and methods are invoked in a nested manner. We discuss how to lock replicated objects by using the quorum-based scheme. If a pair of methods op1 and op2 are ...
Read More
Replica control protocols that guarantee high availability and low access cost
Read More
Dynamic mandatory access control for multiple stakeholders
SACMAT '09: Proceedings of the 14th ACM symposium on Access control models and technologies

In this paper, we present a mandatory access control system that uses input from multiple stakeholders to compose policies based on runtime information. In the emerging open cell phone system environment, many devices run software whose access ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Published in
StorageSS '06: Proceedings of the second ACM workshop on Storage security and survivability
October 2006
94 pages
ISBN:1595935525
DOI:10.1145/1179559
Program Chairs:
Ethan L. Miller
University of California, Santa Cruz
,
Erez Zadok
Stony Brook University
Copyright © 2006 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 30 October 2006
Permissions
Request permissions about this article.
Request Permissions

Check for updates
Author Tags
GEMS
chirp
distributed access control
rendition protocol
Qualifiers
- Article
Conference
Upcoming Conference
CCS '24

Sponsor:

sigsac

ACM SIGSAC Conference on Computer and Communications Security

October 14 - 18, 2024

Salt Lake City , UT , USA
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 4
  Total Citations
  View Citations
- 260
  Total Downloads
- Downloads (Last 12 months)0
- Downloads (Last 6 weeks)0
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Access control for a replica management database

StorageSS '06: Proceedings of the second ACM workshop on Storage security and survivability

ABSTRACT

References

Cited By

Index Terms

Recommendations

Replica Management in Object-based Systems

Replica control protocols that guarantee high availability and low access cost

Dynamic mandatory access control for multiple stakeholders