Advertisement

Towards Job Accounting in Existing Resource Schedulers: Weaknesses and Improvements

  • Herbert Rosmanith
  • Peter Praxmarer
  • Dieter Kranzlmüller
  • Jens Volkert
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4208)

Abstract

The vision of having access to tremendous amounts of computation and storage resources on demand, together with access to special devices, similar to the availability of today’s power grids has been formulated by Ian Foster and Carl Kesselman in [1] in 1997 and since then has been known by the term Grid computing.

As this vision slowly became reality and we’re now at the verge to having Grids production ready not only for scientific communities but also for industrial partners security, accounting and billing are now major concerns that need to be reflected and further improved.

This paper analyzes two of the major local resource managers, Condor [2] and Torque[3], that are being used as local resource managers in the major grid middlewares Globus [4,5,6,7,8] as well as in the gLite and LCG [9,10] software stack with respect of being able to track malicious jobs and enforce a site policy.

As weaknesses have been found we also present an approach that is capable of truly tracking any kind of job.

Keywords

System Call Kernel Module Child Process Open Grid Service Architecture Site Policy 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Foster, I., Kesselman, C.: Globus: A metacomputing infrastructure toolkit. The International Journal of Supercomputer Applications and High Performance Computing 11(2), 115–128 (1997)CrossRefGoogle Scholar
  2. 2.
    Litzkow, M., Livny, M., Mutka, M.: Condor - a hunter of idle workstations. In: Proceedings of the 8th International Conference of Distributed Computing Systems (1988)Google Scholar
  3. 3.
  4. 4.
    Foster, I., Kesselman, C., Tuecke, S.: The anatomy of the grid: Enabling scalable virtual organizations. International J. Supercomputer Applications 15(3) (2001)Google Scholar
  5. 5.
    Foster, I., Kesselman, C.: Globus: A metacomputing infrastructure toolkit. The International Journal of Supercomputer Applications and High Performance Computing 11(2), 115–128 (1997)CrossRefGoogle Scholar
  6. 6.
    Foster, I., Kesselman, C. (eds.): The grid: blueprint for a new computing infrastructure. Morgan Kaufmann Publishers Inc., San Francisco (1999)Google Scholar
  7. 7.
    Foster, I., Kesselman, C.: Computational Grids. In: Palma, J.M.L.M., Dongarra, J., Hernández, V. (eds.) VECPAR 2000. LNCS, vol. 1981, pp. 3–37. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  8. 8.
    Foster, I., Kesselman, C., Nick, J., Tuecke, S.: The physiology of the grid: An open grid services architecture for distributed systems integration (2002)Google Scholar
  9. 9.
    gLite - Lightweight Middleware for Grid Computing, http://www.glite.org/
  10. 10.
    LCG - LHC Computing Grid Project, http://lcg.web.cern.ch/LCG/
  11. 11.
    LSF - Load Sharing Facility, http://accl.grc.nasa.gov/lsf/
  12. 12.
    Microsystems, W.G.S.: Sun grid engine: Towards creating a compute power grid. In: CCGRID 2001: Proceedings of the 1st International Symposium on Cluster Computing and the Grid, Washington, DC, USA, p. 35. IEEE Computer Society, Los Alamitos (2001)Google Scholar
  13. 13.
    OpenPBS - The Portable Batch System Software, http://www.altair.com/software/
  14. 14.
    Stevens, W.R.: Advanced programming in the UNIX environment. Addison Wesley Longman Publishing Co., Inc., Redwood City (1992)MATHGoogle Scholar
  15. 15.
    Tannenbaum, T., Wright, D., Miller, K., Livny, M.: Condor – a distributed job scheduler. In: Sterling, T. (ed.) Beowulf Cluster Computing with Linux. MIT Press, Cambridge (2001)Google Scholar
  16. 16.
    Mauerer, W.: Linux Kernelarchitektur. Hanser Fachbuchverlag (2003)Google Scholar
  17. 17.
    Goldberg, I., Wagner, D., Thomas, R., Brewer, E.A.: A secure environment for untrusted helper applications. In: Proceedings of the 6th Usenix Security Symposium, San Jose, CA, USA (1996)Google Scholar
  18. 18.
    Wagner, D.A.: Janus: an approach for confinement of untrusted applications. Technical Report UCB/CSD-99-1056, EECS Department, University of California, Berkeley (1999)Google Scholar
  19. 19.
    Garfinkel, T.: Traps and pitfalls: Practical problems in system call interposition based security tools. In: Proc. Network and Distributed Systems Security Symposium (2003)Google Scholar
  20. 20.
    Jain, K., Sekar, R.: User-level infrastructure for system call interposition: A platform for intrusion detection and confinement. In: NDSS, The Internet Society (2000)Google Scholar
  21. 21.
    Provos, N.: Improving host security with system call policies. In: Proceedings of the 12th USENIX Security Symposium (2003)Google Scholar
  22. 22.
    Loscocco, P., Smalley, S.: Integrating flexible support for security policies into the linux operating system. In: Proceedings of the FREENIX Track: 2001 USENIX Annual Technical Conference, Berkeley, CA, USA, USENIX Association, pp. 29–42 (2001)Google Scholar
  23. 23.
    Smalley, S., Fraser, T., Vance, C.: Linux security modules: General security hooks for Linux (2003), http://lsm.immunix.org/docs/overview/linuxsecuritymodule.html
  24. 24.
    Spencer, R., Smalley, S., Loscocco, P., Hibler, M., Andersen, D., Lepreau, J.: The Flask Security Architecture: System Support for Diverse Security Policies. In: Proc. 8th USENIX Security Symposium, Washington, DC (1999)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Herbert Rosmanith
    • 1
  • Peter Praxmarer
    • 1
  • Dieter Kranzlmüller
    • 1
  • Jens Volkert
    • 1
  1. 1.GUPJoh. Kepler University LinzLinzAustria/Europe

Personalised recommendations