Operating System-Level Virtual Organization Support in XtreemOS

In computational grids, a virtual organization (VO) is a dynamic coupling of multiple Linux/Unix nodes for resource sharing under specific polices. Currently, VO support functionalities are generally implemented as grid middleware. However, the usability of grids is often impaired by the complexity of configuring and maintaining a new layer of security infrastructure as well as adapting to new interfaces of security enabled services. In this paper, we present an OS-level approach to provide native VO support functionalities, which is a part of XtreemOS project [18]. Our approach adopts pluggable frameworks existing in current OS as extension points to implement VO support, avoiding modification of kernel codes and easily turning traditional OSes into grid-aware ones. The performance evaluation of NAS parallel benchmarks (NPB) shows that our current implementation incurs trivial overhead on original systems.

[1]  Wpin Samur Unified Login with Pluggable Authentication Modules ( PAM ) , 1999 .

[2]  Ákos Frohner,et al.  From gridmap-file to VOMS: managing authorization in a Grid environment , 2005, Future Gener. Comput. Syst..

[3]  Russ Housley,et al.  Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile , 2002, RFC.

[4]  David Cooper,et al.  Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile , 2008, RFC.

[5]  Peter A. Dinda,et al.  Towards Virtual Networks for Virtual Machine Grid Computing , 2004, Virtual Machine Research and Technology Symposium.

[6]  Mike Loukides,et al.  Managing NFS and NIS , 1991 .

[7]  Gerald Carter LDAP System Administration , 2003 .

[8]  Crispin Cowan,et al.  Linux security modules: general security support for the linux kernel , 2002, Foundations of Intrusion Tolerant Systems, 2003 [Organically Assured and Survivable Information Systems].

[9]  Wayne Salamon,et al.  Implementing SELinux as a Linux Security Module , 2003 .

[10]  Renato J. O. Figueiredo,et al.  A case for grid computing on virtual machines , 2003, 23rd International Conference on Distributed Computing Systems, 2003. Proceedings..

[11]  Christine Morin,et al.  XtreemOS: A Grid Operating System Making your Computer Ready for Participating in Virtual Organizations , 2007, 10th IEEE International Symposium on Object and Component-Oriented Real-Time Distributed Computing (ISORC'07).

[12]  William E. Johnston,et al.  Certificate-based Access Control for Widely Distributed Resources , 1999, USENIX Security Symposium.

[13]  Ian T. Foster,et al.  Virtual Workspaces in the Grid , 2005, Euro-Par.

[14]  Jothy Rosenberg,et al.  Securing Web Services with WS-Security: Demystifying WS-Security, WS-Policy, SAML, XML Signature, and XML Encryption , 2004 .