Interposition agents: transparently interposing user code at the system interface
SOSP '93 Proceedings of the fourteenth ACM symposium on Operating systems principles
Efficient software-based fault isolation
SOSP '93 Proceedings of the fourteenth ACM symposium on Operating systems principles
Safe kernel extensions without run-time checking
OSDI '96 Proceedings of the second USENIX symposium on Operating systems design and implementation
UFO: a personal global file system based on user-level extensions to the operating system
ACM Transactions on Computer Systems (TOCS)
PUNCH: Web Portal for Running Tools
IEEE Micro
Mobile Agents and Security
Enhancing the Scalability and Usability of Computational Grids via Logical User Accounts and Virtual
IPDPS '01 Proceedings of the 15th International Parallel & Distributed Processing Symposium
A Sense of Self for Unix Processes
SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Intrusion Detection via Static Analysis
SP '01 Proceedings of the 2001 IEEE Symposium on Security and Privacy
Janus: an Approach for Confinement of Untrusted Applications
Janus: an Approach for Confinement of Untrusted Applications
USITS'97 Proceedings of the USENIX Symposium on Internet Technologies and Systems on USENIX Symposium on Internet Technologies and Systems
A secure environment for untrusted helper applications confining the Wily Hacker
SSYM'96 Proceedings of the 6th conference on USENIX Security Symposium, Focusing on Applications of Cryptography - Volume 6
Transparent run-time defense against stack smashing attacks
ATEC '00 Proceedings of the annual conference on USENIX Annual Technical Conference
IEEE Transactions on Parallel and Distributed Systems
A Case For Grid Computing On Virtual Machines
ICDCS '03 Proceedings of the 23rd International Conference on Distributed Computing Systems
Grid-computing portals and security issues
Journal of Parallel and Distributed Computing - Scalable web services and architecture
On Scheduling Mesh-Structured Computations for Internet-Based Computing
IEEE Transactions on Computers
A Self-Organizing Flock of Condors
Proceedings of the 2003 ACM/IEEE conference on Supercomputing
The entropia virtual machine for desktop grids
Proceedings of the 1st ACM/USENIX international conference on Virtual execution environments
Flow-net methodology for accountability in wireless networks
IEEE Network: The Magazine of Global Internetworking
A scheduling algorithm based on a trust mechanism in grid
CIS'05 Proceedings of the 2005 international conference on Computational Intelligence and Security - Volume Part II
Accountability and Q-Accountable Logging in Wireless Networks
Wireless Personal Communications: An International Journal
| Hi-index | 0.00 |
Computational grids provide computing power by sharing resources across administrative domains. This sharing, coupled with the need to execute untrusted code from arbitrary users, introduces security hazards. This paper addresses the security implications of making a computing resource available to untrusted applications via computational grids. It highlights the problems and limitations of current grid environments and proposes a technique that employs runtime monitoring and a restricted shell. The technique can be used for setting-up an execution environment that supports the full legitimate use allowed by the security policy of a shared resource. Performance analysis shows up to 2.14 times execution overhead improvement for shellbased applications. The approach proves effective and provides a substrate for hybrid techniques that combine static and dynamic mechanisms to minimize monitoring overheads.