Advertisement

Springer Nature is making SARS-CoV-2 and COVID-19 research free. View research | View latest news | Sign up for updates

Credit-based scheme for security-aware and fairness-aware resource allocation in cloud computing

云计算中面向安全和公平资源分配的信誉模型

Abstract

Cloud computing systems include different types of participants with varied requirements for resources and multiple tasks; these varying requirements must be considered in the design of fairness-aware resource allocation schemes for better resources sharing. However, some participants may be malicious with a goal to damage the resource allocation fairness and increase their own utility. Hence, the resource scheduling policy must guarantee allocation fairness among the participants; further, it must ensure that fairness is not affected by the malicious usage of resources, that could cause resource exhaustion and lead to denial of service. In order to address this challenge, we propose a credit-based mechanism for resource allocation that will avoid the malicious usage of resources and, simultaneously, guarantee allocation fairness. In our scheme, a credit factor is introduced for each participant in order to evaluate the history of resource utilization and determine future resource allocation. Our model encourages a participant to release the occupied resources in timely manner after the completion of a task and imposes a punishment for malicious occupation of resources. We prove the fairness of our model and provide linear and variable gradient approaches to determine the credit factor for different scenarios. We simulate our model and perform experiments on a real cloud computing platform. The results prove the rationality, effectiveness and correctness of our approaches.

创新点

云计算资源分配过程中, 节点能够通过非法占用资源等恶意行为, 实现自身的资源份额最大化, 破坏资源分配公平性, 甚至造成DDoS攻击, 导致平台资源枯竭。针对该问题, 本文提出一种基于信誉的机制, 在考虑资源分配公平性的同时, 能够防止资源不被节点恶意侵占, 保证了资源分配的安全性。在节点信誉度评估方面, 针对相似任务和混合任务, 分别提出了线性和可变梯度信誉评估模型, 确保了在不同任务情况下信誉值变化的合理性。仿真实验和真实平台实验验证了本文方法的合理性、有效性和正确性。

This is a preview of subscription content, log in to check access.

References

  1. 1

    Bertsekas D P, Gallager R G, Humblet P. Data Networks. New Jersey: Prentice-Hall International, 1992

  2. 2

    Tan L, Pugh A C, Yin M. Rate-based congestion control in ATM switching networks using a recursive digital filter. Control Eng Practice, 2003, 11: 1171–1181

  3. 3

    Massoulié L, Roberts J. Bandwidth sharing: objectives and algorithms. In: Proceedings of 18th Annual Joint Conference of the IEEE Computer and Communications Societies, New York, 1999. 1395–1403

  4. 4

    Zukerman M, Tan L, Wang H, et al. Efficiency-fairness tradeoff in telecommunications networks. IEEE Commun Lett, 2005, 9: 643–645

  5. 5

    Baruah S K, Cohen N K, Plaxton C G, et al. Proportionate progress: a notion of fairness in resource allocation. Algorithmica, 1996, 15: 600–625

  6. 6

    Zhu D, Mossé D, Melhem R. Multiple-resource periodic scheduling problem: how much fairness is necessary? In: Real-Time Systems Symposium, Cancun, 2003. 142–151

  7. 7

    Blanquer J M, Özden B. Fair queuing for aggregated multiple links. In: Proceedings of the Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications, New York: ACM, 2001. 189–197

  8. 8

    Liu Y, Knightly E. Opportunistic fair scheduling over multiple wireless channels. In: Proceedings of the 22nd Annual Joint Conference of the IEEE Computer and Communications, San Francisco, 2003. 1106–1115

  9. 9

    Ghodsi A, Zaharia M, Hindman B, et al. Dominant resource fairness: fair allocation of multiple resource types. In: Proceedings of the 8th USENIX Symposium on Networked System Design and Implementation, Boston, 2011. 323–336

  10. 10

    Hu H, Li Z, Hu H. An anti-cheating bidding approach for resource allocation in cloud computing environments. J Comput Inf Syst, 2012, 8: 1641–1654

  11. 11

    Zhou F, Goel M, Desnoyers P, et al. Scheduler vulnerabilities and coordinated attacks in cloud computing. J Comput Secur, 2013, 21: 533–559

  12. 12

    Booth G, Soknacki A, Somayaji A. Cloud security: attacks and current defenses. In: Proceedings of the 8th Annual Symposium on Information Assurance, New York, 2013. 56

  13. 13

    Lazri K, Laniepce S, Ben-Othman J. Reconsidering intrusion monitoring requirements in shared cloud platforms. In: Proceedings of the 8th International Conference on Availability, Reliability and Security, Salzburg, 2013. 630–637

  14. 14

    Satsiou A, Tassiulas L. Reputation-based resource allocation in P2P systems of rational users. IEEE Trans Parall Distrib Syst, 2010, 21: 466–479

  15. 15

    Satsiou A, Tassiulas L. Reputation-based internet sharing in wireless neighborhood community networks. In: Proceedings of International Conference on Communications, Cape Town, 2010. 1–5

  16. 16

    Shen H, Liu G. An efficient and trustworthy resource sharing platform for collaborative cloud computing. IEEE Trans Parall Distrib Syst, 2014, 25: 862–875

  17. 17

    Gupta R, Singha N, Singh Y N. Reputation based probabilistic resource allocation for avoiding free riding and formation of common interest groups in unstructured P2P networks. Peer-to-Peer Netw Appl, in press. doi: 10.1007/s12083-015-0389-0

  18. 18

    Tian J, Yuan P, Lu Y. Security for resource allocation based on trust and reputation in computational economy model for grid. In: Proceedings of the 4th International Conference on Frontier of Computer Science and Technology, Shanghai, 2009. 339–345

  19. 19

    Mashayekhy L, Grosu D. A reputation-based mechanism for dynamic virtual organization formation in grids. In: Proceedings of the 41st International Conference on Parallel Processing, Pittsburgh, 2012. 108–117

  20. 20

    Bendahmane A, Essaaidi M, Moussaoui A E, et al. Tolerating malicious resources to ensure safe computations in grid systems. In: Proceedings of International Conference on Multimedia Computing and Systems, Ouarzazate, 2011. 1–6

  21. 21

    Bawa R K, Sharma G. Reliable resource selection in grid environment. Int J Grid Comput Appl, 2012, 1: 1–10

  22. 22

    Kaur D, SenGupta J. P2P trust and reputation model for securing grid resource management. In: Proceedings of International Conference on Advances in Engineering, Science and Management, Nagapattinam, 2012. 524–529

  23. 23

    Bouchenak S, Chockler G, Chockler H, et al. Verifying cloud services: present and future. ACM SIGOPS Operat Syst Rev, 2013, 47: 6–19

  24. 24

    Campegiani P. A genetic algorithm to solve the virtual machines resources allocation problem in multi-tier distributed systems. In: Proceedings of the 2nd International Workshop on Virtualization Performance: Analysis, Characterization, and Tools, Boston, 2009

  25. 25

    Gu J, Hu J, Zhao T, et al. A new resource scheduling strategy based on genetic algorithm in cloud computing environment. J Comput, 2012, 7: 42–52

  26. 26

    Teng Y L, Huang T, Liu Y Y, et al. Cooperative game approach for scheduling in two-virtual-antenna cellular networks with relay stations fairness consideration. China Commun, 2013, 10: 56–70

  27. 27

    Joe-Wong C, Sen S, Lan T, et al. Multiresource allocation: fairness-efficiency tradeoffs in a unifying framework. IEEE/ACM Trans Netw, 2013, 21: 1785–1798

  28. 28

    Gupta R, Singh Y N. Trust estimation in peer-to-peer network using BLUE. ArXiv:1304.1649, 2013

Download references

Author information

Correspondence to Di Lu.

Rights and permissions

Reprints and Permissions

About this article

Verify currency and authenticity via CrossMark

Cite this article

Lu, D., Ma, J., Sun, C. et al. Credit-based scheme for security-aware and fairness-aware resource allocation in cloud computing. Sci. China Inf. Sci. 60, 52103 (2017). https://doi.org/10.1007/s11432-015-5492-6

Download citation

Keywords

  • credit
  • resource allocation
  • security
  • fairness
  • cloud computing

关键词

  • 信誉度
  • 资源分配
  • 安全
  • 公平性
  • 云计算