Identity Federation in PerfCloud: an Architecture for Cloud and GRID Integration

Both cloud and GRID are computing paradigms for the large-scale management of distributed resources, and currently their integration is of great interest. This is typically obtained through the Infrastructure-as-a-Service cloud model, which is exploited in the GRID context to offer machine with full administration rights to users. In this paper the focus is on the security problems linked to the integration of cloud and GRID computing. Adoption of identify federation between different security domains is proposed to manage the relationship between the user machines and the standard GRID infrastructure. This solution is experimented within PerfCloud, a cloud implementation that exploits an underlying GRID platform, evaluating its performance in an environment that includes computing resources leased from a commercial cloud

[1]  Vishakha Gupta,et al.  High-Performance Hypervisor Architectures: Virtualization in HPC Systems , 2007 .

[2]  A. D. Meglio,et al.  Programming the Grid with gLite , 2006 .

[3]  Valentina Casola,et al.  PerfCloud: Performance-Oriented Integration of Cloud and GRID , 2009, CloudComp.

[4]  Amin Vahdat,et al.  Optimizing Grid Site Manager Performance with Virtual Machines , 2006, WORLDS.

[5]  Raj Jain,et al.  The art of computer systems performance analysis - techniques for experimental design, measurement, simulation, and modeling , 1991, Wiley professional computing.

[6]  Manuel Medina,et al.  OCSP for Grids: Comparing Prevalidation versus Caching , 2006, 2006 7th IEEE/ACM International Conference on Grid Computing.

[7]  Emilio Pasquale Mancini,et al.  PerfCloud: GRID Services for Performance-Oriented Development of Cloud Computing Applications , 2009, 2009 18th IEEE International Workshops on Enabling Technologies: Infrastructures for Collaborative Enterprises.

[8]  Borja Sotomayor,et al.  Virtual Clusters for Grid Communities , 2006, Sixth IEEE International Symposium on Cluster Computing and the Grid (CCGRID'06).

[9]  Nicola Mazzocca,et al.  Interoperable Grid PKIs Among Untrusted Domains: An Architectural Proposal , 2007, GPC.

[10]  Manuel Medina,et al.  Using OGRO and CertiVeR to improve OCSP validation for Grids , 2007, The Journal of Supercomputing.

[11]  P. Mell,et al.  The NIST Definition of Cloud Computing , 2011 .

[12]  Steven Tuecke,et al.  The Physiology of the Grid An Open Grid Services Architecture for Distributed Systems Integration , 2002 .

[13]  Valentina Casola,et al.  Security and Performance Trade-off in PerfCloud , 2010, Euro-Par Workshops.

[14]  Ian T. Foster,et al.  Globus Toolkit Version 4: Software for Service-Oriented Systems , 2005, Journal of Computer Science and Technology.

[15]  Steven Tuecke,et al.  X.509 Proxy Certificates for Dynamic Delegation , 2004 .

[16]  Von Welch Globus toolkit version 4 grid security infras-tructur: A standards perspective , 2004 .

[17]  David Cooper,et al.  Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile , 2008, RFC.

[18]  Valeria Vittorini,et al.  A policy-based methodology for security evaluation: A Security Metric for Public Key Infrastructures , 2007, J. Comput. Secur..