共查询到20条相似文献,搜索用时 31 毫秒
1.
P. Mazzoleni B. Crispo S. Sivasubramanian E. Bertino 《The Journal of supercomputing》2009,49(1):108-126
In this paper, we present a novel resource brokering service for grid systems which considers authorization policies of the
grid nodes in the process of selecting the resources to be assigned to a request. We argue such an integration is needed to
avoid scheduling requests onto resources the policies of which do not authorize their execution. Our service, implemented
in Globus as a part of Monitoring and Discovery Service (MDS), is based on the concept of fine-grained access control (FGAC) which enables participating grid nodes to specify fine-grained policies concerning the conditions under which grid
clients can access their resources. Since the process of evaluating authorization policies, in addition to checking the resource
requirements, can be a potential bottleneck for a large scale grid, we also analyze the problem of the efficient evaluation
of FGAC policies. In this context, we present GroupByRule, a novel method for policy organization and compare its performance with other strategies.
相似文献
E. BertinoEmail: |
2.
Grid computing, which is characterized by large-scale sharing and collaboration of dynamic resources, is becoming an emerging
computing platform on a global scale for data-intensive and computation-intensive scientific application. However, the complications
of large-scale scientific computations and simulations harnessing massive computing resources are compounded by extensive
heterogeneity in environments arising from “the Grid.” Scientists and engineers lack an intuitive grid-based compilation tool,
which has contributed to the difficulty of exploiting these diverse resources and developing their applications on the grid.
While manual configuration of various toolkits simplifying the end-to-end completion of a job is adequate for a computational
grid with a limited number of nodes, the compilation procedure becomes inefficient for a computational grid with an increasing
number of heterogeneous computational service providers. On the other hand, a global-scale computational grid is a potentially
untrustworthy computing environment. How to take advantage of the potentially untrustworthy grid resources to provide trustworthy
computational services for large-scale scientific applications is another critical issue.
In this article, a remote compiling service for a heterogeneous computational grid is developed. In addition to running compilation
tasks, the remote compiling service provides security enforcement and validation facilities, including intermediate value
checking, secure source program submission, restricted compilation, and binary inspection, to support trustworthy compilation
and execution of grid-based scientific applications. Overall, it is expected that our remote compiling services on the grid
can tackle the heterogeneity problem of the grid and provide a secure, trustworthy, reliable, and state-of-the-art mechanism
to develop grid-aware scientific applications.
相似文献
Xiaohong YuanEmail: |
3.
4.
Zhangxi Lin Sathya Ramanathan Huimin Zhao 《Information Systems and E-Business Management》2005,3(3):221-242
Web services technology is becoming an important technological trend in Web application development and integration. Based on open standards, such as SOAP, WSDL, and UDDI, Web services allow Web-based applications to communicate with each other through standardized XML messaging and to form loosely coupled distributed systems. Although the open feature of Web services benefits service providers in servicing consumers, the unlimited computing resources access of Web services to network bandwidth, storage throughput, and CPU time may lead to overexploitation of the resources when applications based on the Web services technology are widely accepted. Therefore, it is critical to optimize the operation of Web services, subject to the QoS requirements of service requests, to assure the total benefits of the service providers and the service consumers. This paper proposes a usage-based dynamic pricing approach to optimizing resource allocation of Web services in the principle of economics, and reports on a pilot implementation demonstrating the technical feasibility of the proposed approach.
相似文献
Huimin ZhaoEmail: |
5.
Vangelis Gazis Nancy Alonistioti Nikos Houssos Maria Koutsopoulou Stefan Gessler Juergen Quittek 《Journal of Network and Systems Management》2006,14(2):221-241
Mobile communications beyond 3G will integrate different (but complementary) access technologies into a common platform to deliver value-added services and multimedia content in an optimum way. However, the numerous possible configurations of mobile networks complicated the dynamic deployment of mobile applications. Therefore, research is intensely seeking a service provisioning framework that is technology-independent, supports multiple wireless network technologies, and can interwork high-level service management tasks to network management operations. This paper presents an open value chain paradigm, a model for downloadable applications and a mediating platform for service provisioning in beyond 3G mobile settings. Furthermore, we introduce mechanisms that support a coupled interaction between service deployment and network configuration operations, focusing on the dynamic provisioning of QoS state to data path devices according to the requirements of dynamically downloadable mobile value-added services (VAS).
相似文献
Vangelis GazisEmail: |
6.
This article presents an enhanced platform that provides a friendly environment of developing grid services and accessing
grid services over Globus Toolkit 3 (GT3). This platform includes a class of functions for processing parameters input from
a developer via GUI, a class of functions for generating files required for defining a grid service specified, and a class
of functions for creating client program and facilitating accesses of the deployed services. As a result, the development
and access of grid services requires less special expert knowledge of a developer at the server side and users at the client
side, the efficiency of developing and accessing grid services can be improved. This paper describes our design ideas, necessary
functions, and implementations. The comparisons with other related toolkits are given and the extended version of the platform
on top of the web service environment rather than GT3.
相似文献
Jianhua MaEmail: |
7.
Grid computing, which is characterized by large-scale sharing and collaboration of dynamic distributed resources has quickly
become a mainstream technology in distributed computing and is changing the traditional way of software development. In this
article, we present a grid-based software testing framework for unit and integration test, which takes advantage of the large-scale
and cost-efficient computational grid resources to establish a testbed for supporting automated software test in complex software
applications. Within this software testing framework, a dynamic bag-of-tasks model using swarm intelligence is developed to
adaptively schedule unit test cases. Various high-confidence computing mechanisms, such as redundancy, intermediate value
checks, verification code injection, and consistency checks are employed to verify the correctness of each test case execution
on the grid. Grid workflow is used to coordinate various test units for integration test. Overall, we expect that the grid-based
software testing framework can provide efficient and trustworthy services to significantly accelerate the testing process
with large-scale software testing.
相似文献
Yong-Duan SongEmail: |
8.
Authentication and authorization in many distributed systems rely on the use of cryptographic credentials that in most of
the cases have a defined lifetime. This feature mandates the use of mechanisms able to determine whether a particular credential
can be trusted at a given moment. This process is commonly named validation. Among available validation mechanisms, the Online Certificate Status Protocol (OCSP) stands out due to its ability to carry
near real time certificate status information. Despite its importance for security, OCSP faces considerable challenges in
the computational Grid (i.e. Proxy Certificate’s validation) that are being studied at the Global Grid Forum’s CA Operations
Work Group (CAOPS-WG). As members of this group, we have implemented an OCSP validation infrastructure for the Globus Toolkit
4, composed of the CertiVeR Validation Service and our Open GRid Ocsp (OGRO) client library, which introduced the Grid Validation Policy. This paper summarizes our experiences on that work and the results obtained up to now. Furthermore we introduce the prevalidation concept, a mechanism analogous to the Authorization Push-Model, capable of improving OCSP validation performance in Grids.
This paper also reports the results obtained with OGRO’s prevalidation rules for Grid Services as a proof of concept.
相似文献
Oscar MansoEmail: |
9.
In a distributed environment remote entities, usually the producers or consumers of services, need a means to publish their
existence so that clients, needing their services, can search and find the appropriate ones that they can then interact with
directly. The publication of information is via a registry service, and the interaction is via a high-level messaging service.
Typically, separate libraries provide these two services. Tycho is an implementation of a wide-area asynchronous messaging
framework with an integrated distributed registry. This will free developers from the need to assemble their applications
from a range of potentially diverse middleware offerings, which should simplify and speed application development and more
importantly allow developers to concentrate on their own domain of expertise. In the first part of the paper we outline our
motivation for producing Tycho and then review a number of registry and messaging systems popular with the Grid community.
In the second part of the paper we describe the architecture and implementation of Tycho. In the third part of the paper we
present and discuss various performance tests that were undertaken to compare Tycho with alternative similar systems. Finally,
we summarise and conclude the paper and outline future work.
相似文献
Mark A. BakerEmail: |
10.
Efficient collaboration allows organizations and individuals to improve the efficiency and quality of their business activities.
Delegations, as a signif icant approach, may occur as workflow collabora tions, supply chain collaborations, or collaborative
commerce. Role-based delegation models have been used as flexible and efficient access management for collaborative business
environments. Delegation revocations can provide significant functionalities for the models in business environments when
the delegated roles or permissions are required to get back. However, problems may arise in the revocation process when one
user delegates user U a role and another user delegates U a negative authorization of the role. This paper aims to analyse various role-based delegation revocation features through
examples. Revocations are categorized in four dimensions: Dependency, Resilience, Propagation and Dominance. According to
these dimensions, sixteen types of revocations exist for specific requests in collaborative business environments: DependentWeakLocalDelete,
Dependent WeakLocalNegative, DependentWeakGlobalDelete, DependentWeakGlobalNegative, IndependentWeak LocalDelete, IndependentWeakLocalNegative,
Inde pendentWeakGlobalDelete, IndependentWeakGlobal Negative, and so on. We present revocation delegating models, and then
discuss user delegation authorization and the impact of revocation operations. Finally, comparisons with other related work
are discussed.
相似文献
Yanchun ZhangEmail: |
11.
Ludwig Seitz Göran Selander Erik Rissanen Cao Ling Babak Sadighi 《Journal of Network and Systems Management》2008,16(3):303-316
Configuration management is of great importance for network operators and service providers today. Sharing of resources between
business parties with conflicting interests is a reality and raises many issues with respect to configuration management.
One issue is access control to configuration data. A network operator or service provider needs appropriate tools, not only
to control its networked resources, but also to specify how this control should be exercised. We propose an access control
model for the IETF NETCONF network configuration protocol, based on the OASIS XACML access control standard, which allows
a flexible and fine-grained control for NETCONF commands. Our approach does not require any additions to the NETCONF protocol
and is independent of the configuration’s data-model. Furthermore our approach can easily be extended to cover new NETCONF
functionality.
相似文献
Babak SadighiEmail: |
12.
Enabling Location-based Services—Multi-Graph Representation of Transportation Networks 总被引:2,自引:2,他引:0
Advances in wireless communications, positioning technologies, and consumer electronics combine to enable a range of applications
that use a mobile user’s geo-spatial location to deliver on-line, location-enhanced services, often referred to as location-based
services. This paper assumes that the service users are constrained to a transportation network, and it delves into the modeling
of such networks, points of interest, and the service users with the objective of supporting location-based services. In particular,
the paper presents a framework that encompasses two interrelated models—a two-dimensional, spatial representation and a multi-graph
presentation. The former, high-fidelity model may be used for the positioning of content and users in the infrastructure (e.g.,
using map matching). The latter type of model is recognized as an ideal basis for a variety of query processing tasks, e.g.,
route and distance computations. Together, the two models capture central aspects of the problem domain needed in order to
support the different types of queries that underlie location-based services. Notably, the framework is capable of capturing
roads with lanes, lane shift and u-turn regulations, and turn restrictions. As part of the framework, the paper constructively
demonstrates how it is possible map instances of the semantically rich two-dimensional model to instances of the graph model
that preserve the topology of the two-dimensional model instances. In doing so, the paper demonstrates how a wealth of previously
proposed query processing techniques based on graphs are applicable even in the context of complex transportation networks.
The paper also presents means of compacting graphs while preserving aspects of the graphs that are important for the intended
applications.
相似文献
Christian S. JensenEmail: |
13.
PRIMA, a system for PRIvilege Management and Authorization, provides enhanced Grid security services. The requirements for these services are derived from usage scenarios and supported by a survey of Grid users. The requirements for added flexibility, increased expressiveness, and more precise enforcement are met by a combination of three mechanisms: (1) use of secure, fine-grained privileges representing externalized access rights for Grid resources that can be freely created, shared, and employed by Grid users; (2) a dynamic policy generated for each request combining the requests user-provided privileges with the resources access control policy; and (3) dynamic execution environments specially provisioned for each request that are enforced by the resources native operating system and which support legacy applications. PRIMA has been implemented as an extension of the Globus Toolkit Grid middleware. 相似文献
14.
Dan Hong Dickson K. W. Chiu Vincent Y. Shen S. C. Cheung Eleanna Kafeza 《Information Systems Frontiers》2007,9(4):343-358
Recent advances in mobile technologies and infrastructures have created the demand for ubiquitous access to enterprise services
from mobile handheld devices. Further, with the invention of new interaction devices, the context in which the services are
being used becomes an integral part of the activity carried out with the system. Traditional human–computer interface (HCI)
theories are now inadequate for developing these context-aware applications, as we believe that the notion of context should
be extended to different categories: computing contexts, user contexts, and physical contexts for ubiquitous computing. This
demands a new paradigm for system requirements elicitation and design in order to make good use of such extended context information
captured from mobile user behavior. Instead of redesigning or adapting existing enterprise services in an ad hoc manner, we
introduce a methodology for the elicitation of context-aware adaptation requirements and the matching of context-awareness
features to the target context by capability matching. For the implementation of such adaptations, we propose the use of three
tiers of views: user interface views, data views, and process views. This approach centers on a novel notion of process views
to ubiquitous service adaptation, where mobile users may execute a more concise version or modified procedure of the original
process according to their behavior under different contexts. The process view also serves as the key mechanism for integrating
user interface views and data views. Based on this model, we analyze the design and implementation issues of some common ubiquitous
access situations and show how to adapt them systematically into a context-aware application by considering the requirements
of a ubiquitous enterprise information system.
相似文献
Eleanna KafezaEmail: |
15.
Design and implementation of a workflow-based resource broker with information system on computational grids 总被引:1,自引:0,他引:1
The grid is a promising infrastructure that can allow scientists and engineers to access resources among geographically distributed
environments. Grid computing is a new technology which focuses on aggregating resources (e.g., processor cycles, disk storage,
and contents) from a large-scale computing platform. Making grid computing a reality requires a resource broker to manage
and monitor available resources. This paper presents a workflow-based resource broker whose main functions are matching available
resources with user requests and considering network information statuses during matchmaking in computational grids. The resource
broker provides a graphic user interface for accessing available and the appropriate resources via user credentials. This
broker uses the Ganglia and NWS tools to monitor resource status and network-related information, respectively. Then we propose
a history-based execution time estimation model to predict the execution time of parallel applications, according to previous
execution results. The experimental results show that our model can accurately predict the execution time of embarrassingly
parallel applications. We also report on using the Globus Toolkit to construct a grid platform called the TIGER project that
integrates resources distributed across five universities in Taichung city, Taiwan, where the resource broker was developed.
相似文献
Po-Chi ShihEmail: |
16.
Eduardo Souto Germano Guimarães Glauco Vasconcelos Mardoqueu Vieira Nelson Rosa Carlos Ferraz Judith Kelner 《Personal and Ubiquitous Computing》2006,10(1):37-44
A wireless sensor network (WSN) consists of a large number of small devices with computational power, wireless communication
and sensing capability. These networks have been developed for a wide range of applications, such as habitat monitoring, object
tracking, precision agriculture, building monitoring and military systems. Meanwhile, middleware systems have also been proposed
in to facilitate both the development of these applications and provide common application services. The development of middleware
for sensor networks, however, places new challenges on middleware developers due to the low availability of resources and
processing capacity of the sensor nodes. In this context, this paper presents the design and implementation of a middleware
for WSN named Mires. Mires incorporates characteristics of message-oriented middleware by allowing applications communicate
in a publish/subscribe way. In order to illustrate the proposed middleware, we have also developed an environment-monitoring
application and a data aggregation service.
相似文献
Judith KelnerEmail: |
17.
Defining the grid: a snapshot on the current view 总被引:1,自引:0,他引:1
Heinz Stockinger 《The Journal of supercomputing》2007,42(1):3-17
The term “Grid” was introduced in early 1998 with the launch of the book “The Grid. Blueprint for a new computing infrastructure”.
Since that time many technological changes have occurred in both hardware and software. One of the most important ones seems
to be the wide acceptance of Web services. Although the basic Grid idea has not changed much in the last decade, many people
have different ideas about what a Grid really is. In the following article we report on a survey where we invited many people
in the field of Grid computing to give us their current understanding.
相似文献
Heinz StockingerEmail: |
18.
Ada Gavrilovska Sanjay Kumar Srikanth Sundaragopalan Karsten Schwan 《Multimedia Tools and Applications》2007,34(2):179-200
Increased network speeds coupled with new services delivered via the Internet have increased the demand for intelligence and
flexibility in network systems. This paper argues that both can be provided by new hardware platforms comprised of heterogeneous
multi-core systems with specialized communication support. We present and evaluate an experimental network service platform
that uses an emergent class of devices—network processors—as its communication support, coupled via a dedicated interconnect
to a host processor acting as a computational core. A software infrastructure spanning both enables the dynamic creation of
application-specific services on the network processor, mediated by middleware and controlled by kernel-level communication
support. Experimental evaluations use a Pentium IV-based computational core coupled with an IXP 2400 network processor. The
sample application services run on both include an image manipulation application and application-level multicasting.
相似文献
Karsten SchwanEmail: |
19.
With the continuing advances in wireless communications, geo-positioning, and portable electronics, an infrastructure is emerging
that enables the delivery of on-line, location-enabled services to very large numbers of mobile users. A typical usage situation
for mobile services is one characterized by a small screen and no keyboard, and by the service being only a secondary focus
of the user. Under such circumstances, it is particularly important to deliver the “right” information and service at the
right time, with as little user interaction as possible. This may be achieved by making services context aware. Mobile users
frequently follow the same route to a destination as they did during previous trips to the destination, and the route and
destination constitute important aspects of the context for a range of services. This paper presents key concepts underlying
a software component that identifies and accumulates the routes of a user along with their usage patterns and that makes the
routes available to services. The problems associated with of route recording are analyzed, and algorithms that solve the
problems are presented. Experiences from using the component on logs of GPS positions acquired from vehicles traveling within
a real road network are reported.
相似文献
Christian S. Jensen (Corresponding author)Email: |
20.
Leonardo Bidese de Pinho Claudio Luis de Amorim 《Journal of Network and Systems Management》2008,16(2):183-200
The growing need for ubiquitous access to video on demand (VoD) applications by large audiences has driven researches to build
new scalable VoD systems that can guarantee Quality of Service (QoS) over wireless networks. In this paper, we propose and
evaluate a novel system-level design that guarantees QoS by eliminating the service latency for short videos over IEEE 802.11
networks. Furthermore, our VoD system attains scalable performance by employing collocated access points (APs) coupled with
an efficient association management of clients to the APs using a generic least-loaded-first heuristic on non-overlapping
channels. Simulated results of our VoD system demonstrated that it achieved scalable performance due to its effective use
of available bandwidth of the APs while supporting a low blockage rate for short videos up to 360 s. These results suggest
that our VoD system can be an attractive solution for several classes of scalable VoD applications that require QoS guarantee
such as movie trailers, news, video clips, and commercials.
相似文献
Claudio Luis de AmorimEmail: |