A security architecture for computational grids
CCS '98 Proceedings of the 5th ACM conference on Computer and communications security
Sabotage-tolerance mechanisms for volunteer computing systems
Future Generation Computer Systems - Best papers from symp. on cluster computing and the grid (CCGRID 2001)
Linux NFS Client Write Performance
Proceedings of the FREENIX Track: 2002 USENIX Annual Technical Conference
Xen and the art of virtualization
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Terra: a virtual machine-based platform for trusted computing
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
SVGrid: a secure virtual environment for untrusted grid applications
MGC '05 Proceedings of the 3rd international workshop on Middleware for grid computing
When can an autonomous reputation scheme discourage free-riding in a peer-to-peer system?
CCGRID '04 Proceedings of the 2004 IEEE International Symposium on Cluster Computing and the Grid
Towards Protecting Sensitive Files in a Compromised System
SISW '05 Proceedings of the Third IEEE International Security in Storage Workshop
Exploiting replication and data reuse to efficiently schedule data-intensive applications on grids
JSSPP'04 Proceedings of the 10th international conference on Job Scheduling Strategies for Parallel Processing
The ShareGrid Peer-to-Peer Desktop Grid: Infrastructure, Applications, and Performance Evaluation
Journal of Grid Computing
Enhancing grid security using trusted virtualization
ATC'07 Proceedings of the 4th international conference on Autonomic and Trusted Computing
Hi-index | 0.00 |
Grid computing enables different institutions to access each other's resources, and hence requires very strong security guarantees. We here explore how virtualization was used to provide security for OurGrid, an easy-to-use free-to-join grid that supports Bag-of-Tasks applications. OurGrid poses interesting security challenges. It is free-to-join (which means one runs unknown applications) and strives for simplicity (which means that configuration must be trivial). We show how we have dealt with such challenges by using Xen to virtualize a single machine, and VNET, OCFS2 and NFS to virtualize a site-wide shared file system, creating a sandboxing solution called SWAN. We evaluate SWAN's security and performance. Our results indicate that SWAN is efficient in the single machine virtualization, but less so for the shared file system. Yet, a site-wide file system enables grid jobs to reuse files already transferred to other machines in the site, avoiding expensive inter-site file transfer.