Protecting scientific workflows in clouds with an intrusion tolerant system

With the development of cloud computing technology, more and more scientific workflows are delivered to cloud platforms to complete. However, there are many threats in clouds due to the multi-tenant coexistence. In order to protect scientific workflows in clouds, the authors propose an intrusion tolerant scientific workflow system. In this system, the task executors containing multiple virtual machines are used for workflow sub-task execution to enhance reliability. Then lagged decision mechanism is presented to ensure uninterrupted workflow execution while checking the intermediate data, and assessing the confidence of these data. Inspired by moving target defence, they propose a dynamic task scheduling strategy based on resource circulation to periodically generate and recycle task executors, keeping the clean state of the workflow execution environment. Furthermore, temporary workflow intermediate data backup mechanism is presented, the stored intermediate data can be used for the re-execution of workflow sub-tasks with low confidence. Experiments are conducted in both the actual test environment based on OpenStack and the simulated test environment based on WorkflowSim toolkit. Experimental results demonstrate that the proposed system can effectively enhance intrusion tolerance of scientific workflows.

[1]  Miron Livny,et al.  Pegasus, a workflow management system for science automation , 2015, Future Gener. Comput. Syst..

[2]  Albert Y. Zomaya,et al.  Resource-efficient workflow scheduling in clouds , 2015, Knowl. Based Syst..

[3]  Rajkumar Buyya,et al.  Enhancing Reliability of Workflow Execution Using Task Replication and Spot Instances , 2016, ACM Trans. Auton. Adapt. Syst..

[4]  Wenyan Liu,et al.  Scientific workflow execution system based on mimic defense in the cloud environment , 2018, Frontiers of Information Technology & Electronic Engineering.

[5]  Yongsheng Ding,et al.  Using Imbalance Characteristic for Fault-Tolerant Workflow Scheduling in Cloud Systems , 2017, IEEE Transactions on Parallel and Distributed Systems.

[6]  Junping Du,et al.  Adaptive and attribute-based trust model for service level agreement guarantee in cloud computing , 2013, IET Inf. Secur..

[7]  Xiaomin Zhu,et al.  Scheduling for Workflows with Security-Sensitive Intermediate Data by Selective Tasks Duplication in Clouds , 2017, IEEE Transactions on Parallel and Distributed Systems.

[8]  Jianwu Wang,et al.  Workflow as a Service in the Cloud: Architecture and Scheduling Algorithms , 2014, ICCS.

[9]  Franco Zambonelli,et al.  Engineering Pervasive Service Ecosystems: The SAPERE Approach , 2015, TAAS.

[10]  Bingsheng He,et al.  Monetary Cost Optimizations for Hosting Workflow-as-a-Service in IaaS Clouds , 2013, IEEE Transactions on Cloud Computing.

[11]  Jin Sun,et al.  Minimizing cost and makespan for workflow scheduling in cloud using fuzzy dominance sort based HEFT , 2019, Future Gener. Comput. Syst..

[12]  Shiyong Lu,et al.  Enabling scalable scientific workflow management in the Cloud , 2015, Future Gener. Comput. Syst..

[13]  Yongsheng Ding,et al.  An immune system-inspired rescheduling algorithm for workflow in Cloud systems , 2016, Knowl. Based Syst..

[14]  Chao Yang,et al.  Securing the Intermediate Data of Scientific Workflows in Clouds With ACISO , 2019, IEEE Access.

[15]  LiGuo Huang,et al.  A security and cost aware scheduling algorithm for heterogeneous tasks of scientific workflow in clouds , 2016, Future Gener. Comput. Syst..

[16]  Xiao Liu,et al.  Concurrency and Computation: Practice and Experience a Data Dependency Based Strategy for Intermediate Data Storage in Scientific Cloud Workflow Systems ‡ , 2022 .

[17]  Bingsheng He,et al.  Transformation-Based Monetary CostOptimizations for Workflows in the Cloud , 2014, IEEE Transactions on Cloud Computing.

[18]  Rajkumar Buyya,et al.  Using Proactive Fault-Tolerance Approach to Enhance Cloud Service Reliability , 2018, IEEE Transactions on Cloud Computing.

[19]  Xuyun Zhang,et al.  EnReal: An Energy-Aware Resource Allocation Method for Scientific Workflow Executions in Cloud Environment , 2016, IEEE Transactions on Cloud Computing.

[20]  Jing Hua,et al.  A Reference Architecture for Scientific Workflow Management Systems and the VIEW SOA Solution , 2009, IEEE Transactions on Services Computing.

[21]  Salim Hariri,et al.  Performance-Effective and Low-Complexity Task Scheduling for Heterogeneous Computing , 2002, IEEE Trans. Parallel Distributed Syst..

[22]  Xiaohui Liu,et al.  Evolutionary Multi-Objective Workflow Scheduling in Cloud , 2016, IEEE Transactions on Parallel and Distributed Systems.