Sandboxing for a free-to-join grid with support for secure site-wide storage area

Authors:
Edjozane Cavalcanti;Leonardo Assis;Matheus Gaudencio;Walfredo Cirne;Francisco Brasileiro
Affiliations:
Universidade Federal de Campina Grande, Brazil;Universidade Federal de Campina Grande, Brazil;Universidade Federal de Campina Grande, Brazil;Universidade Federal de Campina Grande, Brazil;Universidade Federal de Campina Grande, Brazil
Venue:
VTDC '06 Proceedings of the 2nd International Workshop on Virtualization Technology in Distributed Computing
Year:
2006

Citing 10
Cited 2

A security architecture for computational grids

CCS '98 Proceedings of the 5th ACM conference on Computer and communications security
Sabotage-tolerance mechanisms for volunteer computing systems

Future Generation Computer Systems - Best papers from symp. on cluster computing and the grid (CCGRID 2001)
Linux NFS Client Write Performance

Proceedings of the FREENIX Track: 2002 USENIX Annual Technical Conference
Xen and the art of virtualization

SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Terra: a virtual machine-based platform for trusted computing

SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
SoftUDC: A Software-Based Data Center for Utility Computing

Computer
SVGrid: a secure virtual environment for untrusted grid applications

MGC '05 Proceedings of the 3rd international workshop on Middleware for grid computing
When can an autonomous reputation scheme discourage free-riding in a peer-to-peer system?

CCGRID '04 Proceedings of the 2004 IEEE International Symposium on Cluster Computing and the Grid
Towards Protecting Sensitive Files in a Compromised System

SISW '05 Proceedings of the Third IEEE International Security in Storage Workshop
Exploiting replication and data reuse to efficiently schedule data-intensive applications on grids

JSSPP'04 Proceedings of the 10th international conference on Job Scheduling Strategies for Parallel Processing

The ShareGrid Peer-to-Peer Desktop Grid: Infrastructure, Applications, and Performance Evaluation

Journal of Grid Computing
Enhancing grid security using trusted virtualization

ATC'07 Proceedings of the 4th international conference on Autonomic and Trusted Computing

Quantified Score

Hi-index	0.00

Visualization

Abstract

Grid computing enables different institutions to access each other's resources, and hence requires very strong security guarantees. We here explore how virtualization was used to provide security for OurGrid, an easy-to-use free-to-join grid that supports Bag-of-Tasks applications. OurGrid poses interesting security challenges. It is free-to-join (which means one runs unknown applications) and strives for simplicity (which means that configuration must be trivial). We show how we have dealt with such challenges by using Xen to virtualize a single machine, and VNET, OCFS2 and NFS to virtualize a site-wide shared file system, creating a sandboxing solution called SWAN. We evaluate SWAN's security and performance. Our results indicate that SWAN is efficient in the single machine virtualization, but less so for the shared file system. Yet, a site-wide file system enables grid jobs to reuse files already transferred to other machines in the site, avoiding expensive inter-site file transfer.