Enhancing Security of Real-Time Applications on Grids Through Dynamic Scheduling

Real-time applications with security requirements are emerging in various areas including government, education, and business. However, conventional real-time scheduling algorithms failed to fulfill the security requirements of real-time applications. In this paper we propose a dynamic real-time scheduling algorithm, or SAREG, which is capable of enhancing quality of security for real-time applications running on Grids. In addition, we present a mathematical model to formally describe a scheduling framework, security-sensitive real-time applications, and security overheads. We leverage the model to measure security overheads incurred by security services, including encryption, authentication, integrity check, etc. The SAREG algorithm seamlessly integrates security requirements into real-time scheduling by employing the security overhead model. To evaluate the effectiveness of SAREG, we conducted extensive simulations using a real world trace from a supercomputing center. Experimental results show that SAREG significantly improves system performance in terms of quality of security and schedulability over three existing scheduling algorithms.

[1]  Füsun Özgüner,et al.  A data scheduling algorithm for autonomous distributed real-time applications in grid computing , 2004 .

[2]  Krithi Ramamritham,et al.  Dynamic Task Scheduling in Hard Real-Time Distributed systems , 1984, IEEE Software.

[3]  S. Liden The evolution of Flight Management Systems , 1994, AIAA/IEEE Digital Avionics Systems Conference. 13th DASC.

[4]  Eddy Caron,et al.  Deadline scheduling with priority for client-server systems on the grid , 2004, Fifth IEEE/ACM International Workshop on Grid Computing.

[5]  Cynthia E. Irvine,et al.  Toward a taxonomy and costing method for security services , 1999, Proceedings 15th Annual Computer Security Applications Conference (ACSAC'99).

[6]  Jayant R. Haritsa,et al.  Secure transaction processing in firm real-time database systems , 1997, SIGMOD '97.

[7]  Wolfgang A. Halang,et al.  Measuring the Performance of Real Time Systems , 1997 .

[8]  Chung Laung Liu,et al.  Scheduling Algorithms for Multiprogramming in a Hard-Real-Time Environment , 1989, JACM.

[9]  Ming Wu,et al.  Memory conscious task partition and scheduling in grid environments , 2004, Fifth IEEE/ACM International Workshop on Grid Computing.

[10]  Sang Hyuk Son,et al.  Correction to 'Integrating Security and Real-Time Requirements Using Covert Channel Capacity' , 2000, IEEE Trans. Knowl. Data Eng..

[11]  R. Schroeppel,et al.  Towards High Performance Cryptographic Software , 1995, Third IEEE Workshop on the Architecture and Implementation of High Performance Communication Subsystems.

[12]  R. F. Freund,et al.  Dynamic matching and scheduling of a class of independent tasks onto heterogeneous computing systems , 1999, Proceedings. Eighth Heterogeneous Computing Workshop (HCW'99).

[13]  H. Jiang,et al.  Improving effective bandwidth of networks on clusters using load balancing for communication-intensive applications , 2005, PCCC 2005. 24th IEEE International Performance, Computing, and Communications Conference, 2005..

[14]  Xiao Qin,et al.  An efficient fault-tolerant scheduling algorithm for real-time tasks with precedence constraints in heterogeneous systems , 2002, Proceedings International Conference on Parallel Processing.

[15]  Marty Humphrey,et al.  Security for Grids , 2005, Proceedings of the IEEE.

[16]  Xiao Qin,et al.  Towards load balancing support for I/O-intensive parallel jobs in a cluster of workstations , 2003, 2003 Proceedings IEEE International Conference on Cluster Computing.

[17]  J. M. Schreur B737 flight management computer flight plan trajectory computation and analysis , 1995, Proceedings of 1995 American Control Conference - ACC'95.

[18]  Susan V. Vrbsky,et al.  Maintaining Integrity Constraints and Security in real-Time Database Systems , 1998, IICIS.

[19]  Howard M. Heys,et al.  Performance Comparison of Message Authentication Code (MAC) Algorithms for the Internet Protocol Security (IPSEC) , 2003 .

[20]  Xiao Qin,et al.  Dynamic task scheduling with security awareness in real-time systems , 2005, 19th IEEE International Parallel and Distributed Processing Symposium.

[21]  Keqin Li,et al.  Experimental performance evaluation of job scheduling and processor allocation algorithms for grid computing on metacomputers , 2004, 18th International Parallel and Distributed Processing Symposium, 2004. Proceedings..

[22]  Xiao Qin,et al.  A New Allocation Scheme for Parallel Applications with Deadline and Security Constraints on Clusters , 2005, 2005 IEEE International Conference on Cluster Computing.

[23]  Xiao Qin,et al.  SAREC: a security-aware scheduling strategy for real-time applications on clusters , 2005, 2005 International Conference on Parallel Processing (ICPP'05).

[24]  Neal Koblitz,et al.  Advances in Cryptology — CRYPTO ’96 , 2001, Lecture Notes in Computer Science.

[25]  X. Qin Improving network performance through task duplication for parallel applications on clusters , 2005, PCCC 2005. 24th IEEE International Performance, Computing, and Communications Conference, 2005..

[26]  Jörgen Hansson,et al.  An adaptable security manager for real-time transactions , 2000, Proceedings 12th Euromicro Conference on Real-Time Systems. Euromicro RTS 2000.

[27]  Muthucumaru Maheswaran,et al.  Towards Trust-Aware Resource Management in Grid Computing Systems , 2002, 2nd IEEE/ACM International Symposium on Cluster Computing and the Grid (CCGRID'02).

[28]  Xiao Qin,et al.  Dynamic, reliability-driven scheduling of parallel real-time jobs in heterogeneous systems , 2001, International Conference on Parallel Processing, 2001..

[29]  Paul Avery,et al.  Policy based scheduling for simple quality of service in grid computing , 2004, 18th International Parallel and Distributed Processing Symposium, 2004. Proceedings..

[30]  Kang G. Shin,et al.  QoS negotiation in real-time systems and its application to automated flight control , 1997, Proceedings Third IEEE Real-Time Technology and Applications Symposium.

[31]  Andrew A. Chien,et al.  Breaking the barriers: high performance security for high performance computing , 2002, NSPW '02.

[32]  Roger Wright,et al.  Security architecture for a virtual heterogeneous machine , 1998, Proceedings 14th Annual Computer Security Applications Conference (Cat. No.98EX217).

[33]  Ladislau Bölöni,et al.  A comparison study of static mapping heuristics for a class of meta-tasks on heterogeneous computing systems , 1999, Proceedings. Eighth Heterogeneous Computing Workshop (HCW'99).

[34]  Daniel A. Menascé,et al.  The performance of public key-enabled kerberos authentication in mobile computing applications , 2001, CCS '01.

[35]  Wolfgang A. Halang,et al.  Measuring the Performance of Real-Time Systems , 2004, Real-Time Systems.

[36]  Jyh-Charn Liu,et al.  On the efficient scheduling of non-periodic tasks in hard real-time systems , 1999, Proceedings 20th IEEE Real-Time Systems Symposium (Cat. No.99CB37054).

[37]  Jim Nilsson,et al.  Improving performance of load-store sequences for transaction processing workloads on multiprocessors , 1999, Proceedings of the 1999 International Conference on Parallel Processing.

[38]  Stephen A. Jarvis,et al.  Dynamic scheduling of parallel jobs with QoS demands in multiclusters and grids , 2004, Fifth IEEE/ACM International Workshop on Grid Computing.

[39]  Xiao Qin,et al.  Data Grids: Supporting Data‐Intensive Applications in Wide‐Area Networks , 2006 .

[40]  Krithi Ramamritham,et al.  Dynamic Task Scheduling in Distributed Real-Time Systems , 1984, ICDCS.

[41]  Jason Lee,et al.  Data Intensive Distributed Computing; A Medical Application Example , 1999, HPCN Europe.

[42]  Howard Jay Siegel,et al.  A Mathematical Model and Scheduling Heuristics for Satisfying Prioritized Data Requests in an Oversubscribed Communication Network , 2000, IEEE Trans. Parallel Distributed Syst..

[43]  Ian T. Foster,et al.  Predicting the performance of wide area data transfers , 2002, Proceedings 16th International Parallel and Distributed Processing Symposium.

[44]  R. F. Freund,et al.  Scheduling resources in multi-user, heterogeneous, computing environments with SmartNet , 1998, Proceedings Seventh Heterogeneous Computing Workshop (HCW'98).

[45]  Joos Vandewalle,et al.  Fast Hashing on the Pentium , 1996, CRYPTO.

[46]  Deep Medhi,et al.  Performance analysis of IPSec protocol: encryption and authentication , 2002, 2002 IEEE International Conference on Communications. Conference Proceedings. ICC 2002 (Cat. No.02CH37333).