Journal of KIISE:Computer Systems and Theory (한국정보과학회논문지:시스템및이론)

Korean Institute of Information Scientists and Engineers (한국정보과학회)
권호 표지

An Integrated Access Control for Sharing of E-Science Grid Resources

유휴 멀티 e-Science 그리드 자원 공유를 위한 통합 자원 접근 제어

  • 정임영 (서울대학교 컴퓨터공학부) ;
  • 정은진 (Univ. of Iowa 컴퓨터사이언스) ;
  • 염헌영 (서울대학교 컴퓨터공학부)
  • Published : 2008.10.15
Download PDF
⟨ Previous Next ⟩

Abstract

This paper proposes a light-weight, seamless integrated access control for global e-Science resource sharing. E-Science, based on Grid Computing, was designed to help scientists to remotely control and process the Grid resources such as high-end equipments and remote machines. As many researchers engage in the e-Science Grids, the researchers in a grid often have to wait for or give up use of the Grid resources, even when there are idle resources in other Grids. In this case, provided that proper compensation is given, Grid resource sharing is helpful both for the researchers and the Grids which provide their resources. But, sharing Grid resources globally is not simple, as each e-Science Grid is especially designed for resource sharing in its Virtual Organization(VO) and already has its unique access control policy for its resources. This paper proposes a new integrated access control for e-Science Grid resource sharing. The access control is light-weight without any priori service level agreement(SLA)s among the Grids which share their resources and seamless because the users can use the resources shared as the ones belonging to their Grids without their additional registration to the other Grids.

본 논문은 e-Science 그리드 자원 공유를 위한 가볍고 솔기없는 통합 자원 접근제어를 제안한다. 그리드 컴퓨팅에 기반한 e-Science는 고가의 과학 실험 장비를 포함하는 그리드 자원을 원격조정하고 이로부터 얻은 데이타를 고성능 컴퓨터를 통해 처리하는 총체적인 도메인을 구성하여 과학자들의 연구를 돕는다. 그런데, 많은 사용자들이 그리드 자원을 이용할 때, 사용자가 소속된 e-Science 그리드에서 자원이 부족할 경우, 원하는 자원을 이용하기 위해 기다리거나 자원이용을 포기할 수 있다. 이런 경우, 적절한 보상 하에 타 그리드의 유휴 자원을 이용할 수 있으면 자원제공자와 사용자 모두에게 도움이 될 수 있다. 그런데, e-Science 그리드는 개개 그리드 단위로 특정 과학응용을 연구하는 과학자들의 사용편의를 위해, 가상 조직(Virtual Organization-VO)에 특화된 자원 접근정책이 운영되고 있기 때문에, 자원의 공유가 결코 쉬운 문제가 아니다. 본 논문은 e-Science 그리드 사용자가 복수 개 타 그리드의 공유자원을 이용할 때, 전체 그리드 차원의 자원접근정책 통합을 위한 선협정(Service Level Agreement-SLA)이 필요 없어 가볍고, 사용자가 소속 그리드의 자원을 이용하는 것과 같은 과정으로 추가적인 등록이 필요하지 않아 솔기없는 새로운 통합 자원 접근 제어를 제안한다.

Keywords

References

  1. e-Science Definition, http://e-Science.ox.ac.uk/public/ general/definitions.xml, Oxford e-Science Centre
  2. Foster, I. and Kesselman, C. and Tuecke, S., "The anatomy of the grid : Enabling scalable virtual organizations," Intl., J. Supercomputer Applications, 2001
  3. Globus Toolkit 3.2, http://www.globus.org/toolkit/
  4. Catalin Dumitrescu, Ian Foster and Ioan Raicu, "A Scalability and Performance Evaluation of a distributed Usage SLA-based Broker in Large Grid Environments," Technical Paper, University of Chicago
  5. Gnutella Protocol, http://www9.limewire.com/developer/gnutella_protocol_0.4.pdf
  6. BitTorrent Guide, http://www.dessent.net/btfaq/
  7. Jian Liang, Rakesh Kumar and Keith W. Ross, "Understanding KaZaA," http://cis.poly.edu/~ross/papers /UnderstandingKaZaA.pdf
  8. SETI@Home: The Search for Extraterrestrial Intelligence Project, http://setiathome.berkeley.edu/
  9. Hyuck Han, Hyungsoo Jung, Heon Y. Yeom, Hee S. Kweon, and Jysoo Lee, "HVEM Grid: Experiences in Constructing an Electron Microscopy Grid," The Eighth Asia Pacific Web Conference, Jan. 2006, Harbin, China (Also published in LNCS 3841, pp.1159-1162)
  10. Ricahrd T. B. Ma, Sam C. M. Lee, John C. S. Lui, and David K. Y. Yay, "Incentive Resource Distribution in P2P Networks," In Proc. IEEE International Conference on Distributed Computing Systems, 2004
  11. Oscar Ardaiz, Felix Freitag, Leandro Navarro, Torsten Eymann, and Michael Reinicke, "CatNet - Catallactic Mechanisms for Service Control and Resource Allocation in Large Scale Application- Layer Networks," Workshop on Global and Peer- to-Peer Computing on Large Scale Distributed Systems, 2nd IEEE/ACM International Symposium on Cluster Computing and the Grid, 2002
  12. "CatNet Project," http://research.ac.upc.edu/catnet/
  13. "SORMA Project," http://www.sorma-project.eu/
  14. Alexander Barmouta, and Rajkumar Buyya, "GridBank: A Grid Accounting Services Architecture (GASA) for Distributed Systems Sharing and Integration," International Parallel and Distributed Processing Symposium (IPDPS'03), 2003
  15. Japan NAREGI project, http://www.naregi.org
  16. R. Alfieri, R. Cecchini, V. Ciaschini, L. dell' Agnello, A. Frohner, A. Gianoli, K. Lrentey, and F. Spataro, "VOMS: an Authorization System for Virtual Organizations," in 1st European Across Grids Conference, February 2003
  17. Ajith Kamath, Ramiro et.al, "User-Credential Based Role Mapping in Multi-domain Environment," Proceedings of the Privacy, Security, Trust (PST), 2006
  18. Catalin Dumitrescu, Ian T. Foster, "GRUBER: A Grid Resource Usage SLA Broker," Euro-Par 2006
  19. Mohamed Shehab, Elisa Bertino and Arif Ghafoor, "SERAT: SEcure Role mApping Technique for Decentralized Secure Interoperability," In Proc. ACM Symposium on Access Control, Models and Technologies(SACMAT'05), Sweden, June, 2005, Eilat, Israel, (Also published in LNCS 4360, pp. 175-190)
  20. Belokosztolszki, A. and Moody, K., "Meta-Policies for Distributed Role-Based Access Control Systems," Third International Workshop on Policies for Distributed Systems and Networks, 2002
  21. ARM 1300s, 기초과학지원연구원 소속, http://www. kbsi.re.kr
  22. Im Young Jung, In Soon Cho, Heon Y. Yeom, Hee S. Kweon and Jysoo Lee, "HVEM DataGrid: Implementation of a Biologic Data Management System for Experiments with High Voltage Electron Microscope," Distributed, High-Performance and Grid Computing in Computational Biology (GCCB 2006), Jan. 2007
  23. David F. Ferraiolo and Richard Kuhn, "Role- Based Access Control," Proceedings of the 15th NIST-NSA National Computer Security Conference, 1992
  24. D Ferraiolo, J Cugini, DR Kuhn, "Role based access control : features and motivations," ACM Transactions on Information and System Security (TISSEC), 1995
  25. DF Ferraiolo, R Sandhu, S Gavrila, DR Kuhn, "Proposed NIST standard for role-based access control," ACM Transactions on Information and System Security (TISSEC), 2001
  26. L. Gong and X. Qian, "Computational Issues in Secure Interoperation," IEEE Transaction on Software and Engineering, Vol. 22, No. 1, Jan., 1996