Abstract
With the growing influence of e-Science, substantial quantities of research are being facilitated, recorded, and reported by means of distributed computing. As a result, the scope for malicious intervention continues to grow and so do the rewards available to those able to steal the models and data that have significant commercial value. Researchers are often reluctant to exploit the full benefits of distributed computing because they fear the compromise of their sensitive data or the uncertainty of the returned results. In this chapter, we propose two types of trustworthy distributed systems – one suitable for a computational system and the other for a distributed data system. Central to these systems is the novel idea of configuration resolver, which, in both designs, is responsible for filtering trustworthy hosts and ensuring that jobs are dispatched to those considered trustworthy. Furthermore, the blind analysis server enables statistical analyses to be performed on sensitive raw data – collected from multiple sites – without disclosing it to anyone.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
This example has been developed with help from David Power and Mark Slaymaker who are involved in the GIMI project [6], and Peter Lee who is an intern at the Auckland Hospital.
References
2009.http://www.climateprediction.net/ (accessed February 08, 2010).
Thain, D, T Tannenbaum, and M Linvy. “Distributed computing in practice: the Condor experience.” Concurrency - Practice and Experience, 2005: 17(2–4):323–356.
Wallom, D C, and A E Trefethen. “OxGrid, a campus grid for the University of Oxford.” UK e-Science All Hands Meeting. 2006.
Power, D J, E A Politou, M A Slaymaker, and A C Simpson. “Towards secure grid-enabled healthcare.” Software Practice and Experience, 2002.
Duncan, G T, and R W Pearson. “Enhancing Access to Microdata While Protecting Confidentiality.” Statistical Science, 1991: 6(3):219–232.
Simpson, A C, D J Power, M A Slaymaker, and E A Politou. “GIMI: Generic Infrastructure for Medical Informatics.” Proceedings of the 18th IEEE Symposium on Computer-Based Medical Systems. 2005. 564–566.
Freeman, R. “Medical records and public policy: the discursive (re)construction of the patient in Europe.” Workshop 9: ‘Policy, Discourse and Institutional Reform. ECPR Joint Sessions of Workshops, 2001.
Trusted Computing Group Backgrounder. 2006. https://www.trustedcomputinggroup.org (accessed February 09, 2010).
Grawrock, D. “The Intel Safer Computing Initiative.” 119–142. Intel Press, 2006.
“TPM Main Specification Version 1.2.” TCG Workgroup. 2003. http://www.trustedcomputinggroup.org/resources/tpm_main_specification.
TCG. “TCG Infrastructure Working Group Architecture Part II - Integrity Management.” November 2006. http://www.trustedcomputinggroup.org/resources/infrastructure_work_group_architecture_part_ii__integrity_management_version_10.
Sugerman, J, G Venkitachalam, and B Lim. “Virtualizing I/O Devices on VMware Workstation’s Hosted Virtual Machine Monitor.” Proceedings of the General Track: 2002 USENIX Annual Technical Conference. USENIX, 2001. 1–14.
Xen. “Xen: Enterprise Grade Open Source Virtualization A XenSource White Paper.” 2005. http://xen.xensource.com/files/xensource_wp2.pdf.
Adams, K, and O Agesen. “A comparison of software and hardware techniques for x86 virtualization.” Proceedings of the 12th international conference on Architectural support for programming languages and operating systems. ACM, 2006. 2–13.
Strongin, G. “Trusted computing using AMD “Pacifica” and “Presidio” secure virtual machine technology.” Information Security Technical Report, 2005: 10(2):120–132.
Foster, I, C Kesselman, G Tsudik, and S Tuecke. “A security architecture for computational grids.” Proceedings of the 5th ACM conference on computer and communications security. ACM, 1998. 83–92.
Sadeghi, A R, and C Stüble. “Taming “Trusted Platforms” by Operating System Design.” Information Security Applications. Lecture Notes in Computer Science, 2004. 2908:1787–1801.
Hohmuth, M, M Peter, H Hartig, and J S Shapiro. “Reducing TCB size by using untrusted components: small kernels versus virtual-machine monitors.” EW11: Proceedings of the 11th workshop on ACM SIGOPS European workshop. ACM, 2004. 22.
Stumpf, F, M Benz, M Hermanowski, and C Eckert. “An Approach to a Trustworthy System Architecture Using Virtualization.” Autonomic and Trusted Computing. Lecture Notes in Computer Science, 2007. 191–202.
Figueiredo, R J, P A Dinda, and J A Fortes. “A case for grid computing on virtual machines.” 23rd IEEE International Conference on Distributed Computing Systems (ICDCS’03). IEEE Computer Society, 2003.
Keahey, K, K Doering, and I Foster. “From sandbox to playground: Dynamic virtual environments in the grid.” 5th International Conference on Grid Computing (Grid 2004). IEEE Computer Society, 2004.
Löhr, H, HV Ramasamy, and A R Sadeghi. “Enhancing Grid Security Using Trusted Virtualization.” Autonomic and Trusted Computing. 372-384: Lecture Notes in Computer Science, 2007. 372–384.
Yau, P W, A Tomlinson, S Balfe, and E Gallery. “Securing Grid Workflows with Trusted Computing.” ECCS (3). Lecture Notes in Computer Science, 2008. 510–519.
Vejda, T, R Toegl, M Pirker, and T Winkler. “Towards Trust Services for Language-Based Virtual Machines for Grid Computing.” TRUST. Lecture Notes in Computer Science, 2008. 48–59.
Mao, W, F Yan, and C Chen. “Daonity: grid security with behaviour conformity from trusted computing.” STC. ACM, 2006. 43–46.
Sadeghi, A R, and C Stuble. “Property-based Attestation for Computing Platforms.” NSPW ‘04: Proceedings of the 2004 workshop on New security paradigms. ACM, 2004. 67–77.
Cooper, A, and A Martin. “Trusted Delegation for Grid Computing.” The Second Workshop on Advances in Trusted Computing. 2006.
Wang, D, and A Wang. “Trust Maintenance Toward Virtual Computing Environment in the Grid Service.” APWeb. Lecture Notes in Computer Science, 2008. 166–177.
Pradheep, S S, S Santhanam, P Elango, A Arpaci-dusseau, and M Livny. “Deploying Virtual Machines as Sandboxes for the Grid.” In Second Workshop on Real, Large Distributed Systems (WORLDS 2005). 2005. 712.
Garfinkel, T, B Pfaff, M Rosenblum, and D Boneh. “Terra: A Virtual Machine-Based Platform for Trusted Computing.” Proceedings of the 19th ACM Symposium on Operating Systems Principles (SOSP ‘03). ACM, 2003. 193–206.
Barham, P, et al. “Xen and the art of virtualization.” SOSP ‘03: Proceedings of the nineteenth ACM symposium on Operating systems principles. ACM, 2003. 164–177.
Nagarajan, A, V Varadharajan, and M Hitchens. “Trust management for trusted computing platforms in web services.” STC ‘07: Proceedings of the 2007 ACM workshop on Scalable trusted computing. ACM, 2007. 58–62.
Sailer, R, T Jaeger, X Zhang, and LV Doorn. “Attestation-based policy enforcement for remote access.” CCS ‘04: Proceedings of the 11th ACM Conference on Computer and Communications Security. ACM, 2004. 308–317.
Luna, J, M D Dikaiakos, T Kyprianou, A Bilas, and M Marazakis. “Data Privacy considerations in Intensive Care Grids.” Global Healthgrid: e-Science Meets Biomedical Informatics. IOS press, 2008. 178–187.
O’Keefe, CM. “Privacy and the Use of Health Data - Reducing Disclosure Risk.” Health Informatics, 2008: 3(1).
Maguire, T, and D Snelling. “Web Services Service Group 1.2 (WS-ServiceGroup).” OASIS Open, 2004.
Foster, I, and C Kesselman. “The Grid: Blueprint for a New Computing Infrastructure.” Chapter 2: Computational Grids. Morgan-Kaufman, 1999.
Ruth, P, x Jiang, D Xu, and S Goasguen. “Virtual Distributed Environments in a Shared Infrastructure.” Computer, 2005: 38(5):63–69.
Huh, JH, J Lyle, C Namiluko, and A Martin. “Application Whitelists in Virtual Organisations.” Future Generation Computer Systems, 2009: (Under Revision).
Geddes, N. “The National Grid Service of the UK.” e-Science and Grid Computing, International Conference on, 2006: 94.
Andreozzi, S, et al. “GLUE Specification v. 2.0.” February 2009. http://forge.gridforum.org/sf/docman/do/downloadDocument/projects.glue-wg/docman.root.drafts.archive/doc15023.
“Berkeley database information index v5.” EGEE Web. November 2009. https://twiki.cern.ch/twiki//bin/view/EGEE/BDII.
“Amazon Elastic Compute Cloud (Amazon EC2).” Amazon Web Services. http://aws.amazon.com/ec2/ (accessed February 17, 2010).
“Enomaly - Product Overview.” Enomaly. http://www.enomaly.com/Product-Overview.419.0.html (accessed February 17, 2010).
Nurmi, D, et al. “The Eucalyptus Open-Source Cloud-Computing System.” CCGRID ‘09: Proceedings of the 2009 9th IEEE/ACM International Symposium on Cluster Computing and the Grid. IEEE Computer Society, 2009. 124–131.
Acknowledgments
The work described is supported by a studentship from QinetiQ. David Power, Mark Slaymaker, and Peter Lee provided help with the healthcare grid example. David Wallom, Steven Young, and Matteo Turilli provided insights on the National Grid Service.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag London Limited
About this chapter
Cite this chapter
Huh, J.H., Martin, A. (2011). Trustworthy Distributed Systems Through Integrity-Reporting. In: Yang, X., Wang, L., Jie, W. (eds) Guide to e-Science. Computer Communications and Networks. Springer, London. https://doi.org/10.1007/978-0-85729-439-5_10
Download citation
DOI: https://doi.org/10.1007/978-0-85729-439-5_10
Published:
Publisher Name: Springer, London
Print ISBN: 978-0-85729-438-8
Online ISBN: 978-0-85729-439-5
eBook Packages: Computer ScienceComputer Science (R0)