Fine-Grain Access Control for Securing Shared Resources in Computational Grids
نویسندگان
چکیده
Computational grids provide computing power by sharing resources across administrative domains. This sharing, coupled with the need to execute untrusted code from arbitrary users, introduces security hazards. This paper addresses the security implications of making Q computing resource available to untrusted a&cations via computational grids. It highlights the problems and limitations of current grid environments and proposes Q technique that employs runtime monitoring and Q restricted shell. The technique can be used for setting-up an execution environment that supports the full legitimate use allowed by the security policy of Q shared resource. Performance analysis shows up to Z.l,j times execution overhead improvement for shellbased applications. The approach proves effective and provides Q substrate for hybrid techniques that combine static and dynamic mechanisms to minimize monitor-
منابع مشابه
Security Implications of Making Computing Resources Available via Computational Grids
This report inrvestigates the issues of securing access to computin,g resources in computation.al grids. Grid en,viron,men.ts are built orb top of platforms that corrtrol access to resources within a sin,gle adenin.istrative domairr, at the g.r-an,ular.ity of a use,r. In wide-area multi-domain. grid en.viron,men.ts, the overhead of mainiainin,g user accounts is prohibitive, a.rad secu7.in,g acc...
متن کاملTrust Models and NetShield Architecture for Securing Grid Computing*
Highly shared resources over multiple grid platforms make insecurity and privacy abuse major obstacles hindering general-purpose Grid applications. A scalable grid system demands the allocation and release of resources dynamically. A distributed Grid security (GridSec) architecture is introduced to meet these demands. The architecture is built with distributed firewalls, packet filters, securit...
متن کاملFine-Grain Distributed Shared Memory on Clusters of Workstations
Shared memory, one of the most popular models for programming parallel platforms, is becoming ubiquitous both in low-end workstations and high-end servers. With the advent of low-latency networking hardware, clusters of workstations strive to offer the same processing power as high-end servers for a fraction of the cost. In such environments, shared memory has been limited to page-based systems...
متن کاملA New Job Scheduling in Data Grid Environment Based on Data and Computational Resource Availability
Data Grid is an infrastructure that controls huge amount of data files, and provides intensive computational resources across geographically distributed collaboration. The heterogeneity and geographic dispersion of grid resources and applications place some complex problems such as job scheduling. Most existing scheduling algorithms in Grids only focus on one kind of Grid jobs which can be data...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2002