Trusted Grid Computing with Security Binding and Trust Integration

Trusted Grid computing demands robust resource allocation with security assurance at all resource sites. Large-scale Grid applications are being hindered by lack of security assurance from remote resource sites. We developed a security-binding scheme through site reputation assessment and trust integration across Grid sites. We do not treat the trust factor deterministically. Instead, we apply fuzzy theory to handle the fuzziness or uncertainties behind all trust attributes. The binding is achieved by periodic exchange of site security information and matchmaking to satisfy user job demands.PKI-based trust model supports Grids in multi-site authentication and single sign-on operations. However, cross certificates are inadequate to assess local security conditions at Grid sites. We propose a new fuzzy-logic trust model for distributed trust aggregation through fuzzification and integration of security attributes. We introduce the trust index of a Grid site, which is determined by site reputation from its track record and self-defense capability attributed to the risk conditions and hardware and software defenses deployed at a Grid site.A Secure Grid Outsourcing (SeGO) system is designed for secure scheduling a large number of autonomous and indivisible jobs to Grid sites. Significant performance gains are observed after trust aggregation, which is evaluated by running scalable NAS and PSA workloads over simulated Grids. Our security-binding scheme scales well with increasing user jobs and Grid sites. The new scheme can guide the security upgrade of Grid sites and predict the Grid performance of large workloads under risky conditions.

[1]  Ernesto Damiani,et al.  A reputation-based approach for choosing reliable resources in peer-to-peer networks , 2002, CCS '02.

[2]  R. Perlman,et al.  An overview of PKI trust models , 1999, IEEE Netw..

[3]  Renato J. O. Figueiredo,et al.  Fine-grain access control for securing shared resources in computational grids , 2002, Proceedings 16th International Parallel and Distributed Processing Symposium.

[4]  Shigeo Abe,et al.  Fuzzy rules extraction directly from numerical data for function approximation , 1995, IEEE Trans. Syst. Man Cybern..

[5]  Ying Chen,et al.  GridSec: Trusted Grid Computing with Security Binding and Self-defense Against Network Worms and DDoS Attacks , 2005, International Conference on Computational Science.

[6]  Mike Surridge,et al.  Grid security: lessons for peer-to-peer systems , 2003, Proceedings Third International Conference on Peer-to-Peer Computing (P2P2003).

[7]  Francine Berman,et al.  Heuristics for scheduling parameter sweep applications in grid environments , 2000, Proceedings 9th Heterogeneous Computing Workshop (HCW 2000) (Cat. No.PR00556).

[8]  R. F. Freund,et al.  Dynamic Mapping of a Class of Independent Tasks onto Heterogeneous Computing Systems , 1999, J. Parallel Distributed Comput..

[9]  Muthucumaru Maheswaran,et al.  A trust brokering system and its application to resource management in public-resource grids , 2004, 18th International Parallel and Distributed Processing Symposium, 2004. Proceedings..

[10]  Ian T. Foster,et al.  A security architecture for computational grids , 1998, CCS '98.

[11]  Ling Liu,et al.  PeerTrust: supporting reputation-based trust for peer-to-peer electronic communities , 2004, IEEE Transactions on Knowledge and Data Engineering.

[12]  Ian T. Foster,et al.  Resource co-allocation in computational grids , 1999, Proceedings. The Eighth International Symposium on High Performance Distributed Computing (Cat. No.99TH8469).

[13]  Hector Garcia-Molina,et al.  Limited reputation sharing in P2P systems , 2004, EC '04.

[14]  Ming Wu,et al.  A general self-adaptive task scheduling system for non-dedicated heterogeneous computing , 2003, 2003 Proceedings IEEE International Conference on Cluster Computing.

[15]  Shanshan Song,et al.  Security-driven heuristics and a fast genetic algorithm for trusted grid job scheduling , 2005, 19th IEEE International Parallel and Distributed Processing Symposium.

[16]  Michel Cosnard,et al.  Meta- and Grid-Computing , 2002, Euro-Par.

[17]  J. Plank,et al.  Grid Resource Allocation and Control Using Computational Economies , 2003 .

[18]  Mostafa H. Ammar,et al.  A reputation system for peer-to-peer networks , 2003, NOSSDAV '03.

[19]  Ramanathan V. Guha,et al.  Propagation of trust and distrust , 2004, WWW '04.

[20]  Hector Garcia-Molina,et al.  The Eigentrust algorithm for reputation management in P2P networks , 2003, WWW '03.

[21]  Steven Tuecke,et al.  An online credential repository for the Grid: MyProxy , 2001, Proceedings 10th IEEE International Symposium on High Performance Distributed Computing.

[22]  Rajkumar Buyya,et al.  A Deadline and Budget Constrained Cost-Time Optimisation Algorithm for Scheduling Task Farming Applications on Global Grids , 2002, ArXiv.

[23]  Shanshan Song,et al.  Fuzzy Trust Integration for Security Enforcement in Grid Computing , 2004, NPC.

[24]  Bart Kosko,et al.  Fuzzy Engineering , 1996 .

[25]  Chuang Liu,et al.  Design and evaluation of a resource selection framework for Grid applications , 2002, Proceedings 11th IEEE International Symposium on High Performance Distributed Computing.

[26]  David R. Karger,et al.  Chord: a scalable peer-to-peer lookup protocol for internet applications , 2003, TNET.

[27]  Paul Avery,et al.  Policy based scheduling for simple quality of service in grid computing , 2004, 18th International Parallel and Distributed Processing Symposium, 2004. Proceedings..

[28]  Francine Berman,et al.  Adaptive Computing on the Grid Using AppLeS , 2003, IEEE Trans. Parallel Distributed Syst..

[29]  Dror G. Feitelson,et al.  Job Characteristics of a Production Parallel Scientivic Workload on the NASA Ames iPSC/860 , 1995, JSSPP.

[30]  Soonwook Hwang,et al.  A Flexible Framework for Fault Tolerance in the Grid , 2003, Journal of Grid Computing.

[31]  Francine Berman,et al.  Grid Computing: Making the Global Infrastructure a Reality , 2003 .

[32]  Sathish S. Vadhiyar,et al.  A metascheduler for the Grid , 2002, Proceedings 11th IEEE International Symposium on High Performance Distributed Computing.

[33]  Simon N. Foley,et al.  GridAdmin: decentralising grid administration using trust management , 2004, Third International Symposium on Parallel and Distributed Computing/Third International Workshop on Algorithms, Models and Tools for Parallel Computing on Heterogeneous Networks.

[34]  Ian T. Foster,et al.  Security for Grid services , 2003, High Performance Distributed Computing, 2003. Proceedings. 12th IEEE International Symposium on.

[35]  Shanshan Song,et al.  Selfish grid computing: game-theoretic modeling and NAS performance results , 2005, CCGrid 2005. IEEE International Symposium on Cluster Computing and the Grid, 2005..

[36]  Ian Foster,et al.  The Security Architecture for Open Grid Services , 2002 .

[37]  Manish Parashar,et al.  Special Issue on Grid Computing , 2005, Proc. IEEE.

[38]  Marty Humphrey,et al.  Security Implications of Typical Grid Computing Usage Scenarios , 2004, Cluster Computing.

[39]  Jennifer M. Schopf,et al.  A General Architecture for Scheduling on the Grid , 2003 .

[40]  Vijay Varadharajan,et al.  Enhancing grid security with trust management , 2004, IEEE International Conference onServices Computing, 2004. (SCC 2004). Proceedings. 2004.

[41]  Marty Humphrey,et al.  Security for Grids , 2005, Proceedings of the IEEE.

[42]  Rajesh Raman,et al.  Matchmaking: distributed resource management for high throughput computing , 1998, Proceedings. The Seventh International Symposium on High Performance Distributed Computing (Cat. No.98TB100244).