CROWN: A service grid middleware with trust management mechanism

Based on a proposed Web service-based grid architecture, a service grid middleware system called CROWN is designed in this paper. As the two kernel points of the middleware, the overlay-based distributed grid resource management mechanism is proposed, and the policy-based distributed access control mechanism with the capability of automatic negotiation of the access control policy and trust management and negotiation is also discussed in this paper. Experience of CROWN testbed deployment and application development shows that the middleware can support the typical scenarios such as computing-intensive applications, data-intensive applications and mass information processing applications.

[1]  Mitsuhisa Sato,et al.  Design and implementations of Ninf: towards a global computing infrastructure , 1999, Future Gener. Comput. Syst..

[2]  Li Lin,et al.  Balancing Trust and Incentive in Peer-to-Peer Collaborative System , 2007, Int. J. Netw. Secur..

[3]  Ian Foster,et al.  The Grid 2 - Blueprint for a New Computing Infrastructure, Second Edition , 1998, The Grid 2, 2nd Edition.

[4]  Joan Feigenbaum,et al.  Decentralized trust management , 1996, Proceedings 1996 IEEE Symposium on Security and Privacy.

[5]  Ian T. Foster,et al.  A security architecture for computational grids , 1998, CCS '98.

[6]  David Abramson,et al.  Nimrod: a tool for performing parametrised simulations using distributed workstations , 1995, Proceedings of the Fourth IEEE International Symposium on High Performance Distributed Computing.

[7]  Miron Livny,et al.  Condor-a hunter of idle workstations , 1988, [1988] Proceedings. The 8th International Conference on Distributed.

[8]  John F. Karpovich,et al.  The Legion Resource Management System , 1999, JSSPP.

[9]  S. Strogatz Exploring complex networks , 2001, Nature.

[10]  Ion Stoica,et al.  A Simple and Fast Distributed Algorithm to Compute a Minimum Spanning Tree in the Internet , 1995 .

[11]  Yunhao Liu,et al.  Efficient information service management using service club in CROWN Grid , 2005, 2005 IEEE International Conference on Services Computing (SCC'05) Vol-1.

[12]  Yiwei Thomas Hou,et al.  Service overlay networks: SLAs, QoS, and bandwidth provisioning , 2003, TNET.

[13]  Sun Hailong,et al.  Web Service-Based Grid Architecture and Its Supporting Environment , 2004 .

[14]  Xu Feng Research and Development of Trust Management in Web Security , 2002 .

[15]  Randy H. Katz,et al.  OverQoS: An Overlay Based Architecture for Enhancing Internet QoS , 2004, NSDI.

[16]  Dennis G. Kafura,et al.  The PRIMA system for privilege management, authorization and enforcement in grid environments , 2003, Proceedings. First Latin American Web Congress.

[17]  Francine Berman,et al.  The AppLeS Parameter Sweep Template: User-Level Middleware for the Grid , 2000, ACM/IEEE SC 2000 Conference (SC'00).

[18]  Prasant Mohapatra,et al.  The impact of topology on overlay routing service , 2004, IEEE INFOCOM 2004.

[19]  Albert-László Barabási,et al.  Statistical mechanics of complex networks , 2001, ArXiv.

[20]  Himanshu Khurana,et al.  Negotiation and management of coalition resources , 2002 .

[21]  John S. Baras,et al.  Towards automated negotiation of access control policies , 2003, Proceedings POLICY 2003. IEEE 4th International Workshop on Policies for Distributed Systems and Networks.

[22]  Li Jianxin,et al.  Research on Automated Trust Negotiation , 2006 .

[23]  Amir Herzberg,et al.  Access control meets public key infrastructure, or: assigning roles to strangers , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[24]  Steven Tuecke,et al.  The Physiology of the Grid An Open Grid Services Architecture for Distributed Systems Integration , 2002 .

[25]  Norman W. Paton,et al.  The design and implementation of Grid database services in OGSA‐DAI , 2005, Concurr. Pract. Exp..

[26]  Hu Chun,et al.  Research and Implementation of Web Service Runtime Platform , 2004 .

[27]  Srinivasan Seshan,et al.  A case for end system multicast , 2002, IEEE J. Sel. Areas Commun..

[28]  John Darlington,et al.  ICENI: An Open Grid Service Architecture Implemented with Jini , 2002, ACM/IEEE SC 2002 Conference (SC'02).

[29]  Marianne Winslett,et al.  Negotiating Trust on the Web , 2002, IEEE Internet Comput..

[30]  John Shalf,et al.  Solving Einstein's Equations on Supercomputers , 1999, Computer.

[31]  Ian T. Foster,et al.  A community authorization service for group collaboration , 2002, Proceedings Third International Workshop on Policies for Distributed Systems and Networks.

[32]  Robert Tappan Morris,et al.  Resilient overlay networks , 2001, SOSP.

[33]  Yunhao Liu,et al.  Early Experience of Remote and Hot Service Deployment with Trustworthiness in CROWN Grid , 2005, APPT.

[34]  Hyoungwoo Park,et al.  GAIS: grid advanced information service based on P2P mechanism , 2004, Proceedings. 13th IEEE International Symposium on High performance Distributed Computing, 2004..

[35]  Marianne Winslett,et al.  Automated Trust Negotiation in Open Systems , 2007, Secure Data Management in Decentralized Systems.

[36]  A. Stephen McGough,et al.  ICENI: Optimisation of component applications within a Grid environment , 2002, Parallel Comput..

[37]  Ian T. Foster,et al.  Globus: a Metacomputing Infrastructure Toolkit , 1997, Int. J. High Perform. Comput. Appl..

[38]  Ian T. Foster,et al.  The Anatomy of the Grid: Enabling Scalable Virtual Organizations , 2001, Int. J. High Perform. Comput. Appl..

[39]  K.E. Seamons,et al.  Automated trust negotiation , 2000, Proceedings DARPA Information Survivability Conference and Exposition. DISCEX'00.

[40]  Aniruddha S. Gokhale,et al.  GriT: a CORBA-based grid middleware architecture , 2003, 36th Annual Hawaii International Conference on System Sciences, 2003. Proceedings of the.

[41]  Hari Balakrishnan,et al.  Resilient overlay networks , 2001, SOSP.

[42]  Yunhao Liu,et al.  Access control policy negotiation for remote hot-deployed grid services , 2005, First International Conference on e-Science and Grid Computing (e-Science'05).

[43]  Dong Fang Research on Resource Discovery Mechanisms in Grids , 2003 .

[44]  Srilekha Mudumbai,et al.  Certificate-based authorization policy in a PKI environment , 2003, TSEC.

[45]  David D. Clark,et al.  A Comparison of Commercial and Military Computer Security Policies , 1987, 1987 IEEE Symposium on Security and Privacy.

[46]  Rajesh Raman,et al.  Matchmaking: distributed resource management for high throughput computing , 1998, Proceedings. The Seventh International Symposium on High Performance Distributed Computing (Cat. No.98TB100244).

[47]  Ian T. Foster,et al.  Grid information services for distributed resource sharing , 2001, Proceedings 10th IEEE International Symposium on High Performance Distributed Computing.

[48]  S. N. Dorogovtsev,et al.  Evolution of networks , 2001, cond-mat/0106144.