首页 | 本学科首页   官方微博 | 高级检索  
相似文献
 共查询到20条相似文献,搜索用时 186 毫秒
1.
Security is a fundamental but challenging issue in the dynamic and multi-organizational computational grid. Focusing on the closed system, traditional access control model considered static authorization decisions based on pre-assigned permissions. To facilitate collaborations and interoperations across the grid, we propose a usage control mechanism for computational grid. Our mechanism is based on the usage control model. By leveraging continuous usage control on grid services and monitoring the status and behaviors of the subjects involved in the collaborations, our mechanism improves collaboration's security. Furthermore, our mechanism enables richer and finer-grained control over authorizations on resources and services involved in collaborations and interoperations than that of traditional access control mechanisms. Our mechanism can contribute to maintain the security and interests of the service providers in the grid environment.  相似文献   

2.
Today, grid technology has evolved to the point where it is no longer a theory but a proven practice. It represents a viable direction for corporations to explore grid computing as an answer to their business needs within tight financial constraints. In general, grids enable the efficient sharing and management of computing resources for the purpose of performing large complex tasks. Data grid provides the data management features to enable data access, synchronization, and distribution of a grid. The main aim here is to ensure a efficient access and quality data, to improve the availability, and be able to continue delivering acceptable services. In such systems, these advantages are not yielded by means others than replication mechanisms. The effective use the replication technique involves several problems, in relation with the problem of the coherence maintenance of replicas. Our contribution consists new service for the consistency management in the data grid. This service combines between pessimistic and optimistic approaches, taking into account benefits of both approaches, to find a compromise between performance and quality. In addition, our service has been extended by a mechanism placement of replicas based on economics model.  相似文献   

3.
This paper presents an approach to recursively estimate the simplest linear model that approximates the time-varying local behaviors from imperfect(noisy and incomplete) measurements in the internet of things(IoT) based distributed decision-making problems. We first show that the problem of finding the lowest order model for a multi-input single-output system is a cardinality(l0) optimization problem, known to be NP-hard.To solve the problem a simpler approach is proposed which uses the recently developed atomic norm concept and the modified Frank-Wolfe(mFW) algorithm is introduced. Further, the paper computes the minimum data-rate required for computing the models with imperfect measurements. The proposed approach is illustrated on a building heating, ventilation, and air-conditioning(HVAC) control system that aims at optimizing energy consumption in commercial buildings using IoT devices in a distributed manner. The HVAC control application requires recursive thermal dynamical model updates due to frequently changing conditions and non-linear dynamics. We show that the method proposed in this paper can approximate such complex dynamics on single-board computers interfaced to sensors using unreliable communication channels. Real-time experiments on HVAC systems and simulation studies are used to illustrate the proposed method.  相似文献   

4.
Cloud computing is a new and rapidly emerging computing paradigm where applications,data and IT services are provided over the Internet.The task-resource management is the key role in cloud computing systems.Task-resource scheduling problems are premier which relate to the efficiency of the whole cloud computing facilities.Task-resource scheduling problem is NPcomplete.In this paper,we consider an approach to solve this problem optimally.This approach is based on constructing a logical model for the problem.Using this model,we can apply algorithms for the satisfiability problem(SAT) to solve the task-resource scheduling problem.Also,this model allows us to create a testbed for particle swarm optimization algorithms for scheduling workflows.  相似文献   

5.
网格计算技术及应用综述   总被引:12,自引:0,他引:12  
Grid computing is a new kind of distributed computing technology and computing environment ,and also an attentive hot point of information technology in the world. It launches a space for new generation internal application,due to its supporting the complicated service efficiently and useable resource in the Internet. This paper sums up the results and applications instance in the grid computing in the world during recent years ,and then analyzes emphatically the system architecture ,components ,working principle in the grid computing and some typical grid systems ,and then discusses the problems of the large scale science computing and network service in grid computing in China,and alsopoints out the future trends.  相似文献   

6.
This paper considers the formation control problem of multi-agent systems in a distributed fashion. Two cases of the information propagating topologies among multiple agents, characterized by graphics model, are considered. One is fixed topology. The other is switching topology which represents the limited and less reliable information exchange. The local formation control strategies established in this paper are based on a simple modification of the existing consensus control strategies. Moreover, some existing convergence conditions are shown to be a special case of our model even in the continuous-time consensus case. Therefore, the results of this paper extend the existing results about the consensus problem.  相似文献   

7.
In pervasive computing environment, users can access to various information, resources and services at anytime and anywhere, so access control has become an exigent security problem. In the traditional access control modes, the decisions o[ access control are entirely dependent on the results of authentication. The access control can-not provide the security-relevant fault-tolerant function. But in pervasive computing environment, because of the var-ious reasons, security system can't assure the results of the authentication are absolutely correct. So we propose touse the knowledge-based access control, which can discovery some rules and knowledge from the previous process ofaccess control and combine these rules with traditional access controls to perfect the security system. The essence ofknowledge-based access control is to add some intelligent authentication function into the process of access control. In the paper, we expatiate the idea and principle of knowledge-based access control, as well as the advances of this method. Furthermore, we implement a prototype, called EH-GRBAC, which can discovery historical knowledge from the history of users' using resources to reinforce GRBAC. In the paper, we also explain the architecture and the details of EH_GRBAC.  相似文献   

8.
This paper considers the problem of stochastic stabilization and energy-to-peak control for a class of discrete stochastic fuzzy systems with interval time-delays. The objective is to design a state feedback controller suchthat the closed-loop system is stochastic stable and satisfies energy-to-peak performance. Based on the idea of interval partitioning, some new sufficient conditions are presented in LMI.  相似文献   

9.
崔鹏  张承慧 《自动化学报》2007,33(6):635-640
The finite time horizon indefinite linear quadratic(LQ) optimal control problem for singular linear discrete time-varying systems is discussed. Indefinite LQ optimal control problem for singular systems can be transformed to that for standard state-space systems under a reasonable assumption. It is shown that the indefinite LQ optimal control problem is dual to that of projection for backward stochastic systems. Thus, the optimal LQ controller can be obtained by computing the gain matrices of Kalman filter. Necessary and sufficient conditions guaranteeing a unique solution for the indefinite LQ problem are given. An explicit solution for the problem is obtained in terms of the solution of Riccati difference equations.  相似文献   

10.
The robust H∞ control problem for discrete-time uncertain systems is investigated in this paper. The uncertain systems are modelled as a polytopic type with linear fractional uncertainty in the vertices. A new linear matrix inequality (LMI) characterization of the H∞ performance for discrete systems is given by introducing a matrix slack variable which decouples the matrix of a Lyapunov function candidate and the parametric matrices of the system. This feature enables one to derive sufficient conditions for discrete uncertain systems by using parameter-dependent Lyapunov functions with less conservativeness. Based on the result, H∞ performance analysis and controller design are carried out. A numerical example is included to demonstrate the effectiveness of the proposed results.  相似文献   

11.
网格安全基础设施(GSI)解决了身份鉴别、保密性和完整性问题,却难以有效地解决访问控制问题,传统的访问控制模型也不能很好地满足网格的安全需求.为此,提出了一种基于任务的计算网格访问控制模型.该模型通过定义授权步和任务状态及系统条件约束,能动态地控制主体访问资源的权限,具有较好的通用性、灵活性和可扩展性,并已在计算网格实验平台中得到了实现.  相似文献   

12.
一种基于任务和角色的计算网格访问控制模型   总被引:1,自引:0,他引:1       下载免费PDF全文
龙涛  洪帆  刘铭 《计算机工程》2008,34(4):176-178
网格安全基础设施解决了身份鉴别、保密性和完整性问题,但难以有效解决访问控制问题,传统的访问控制模型也不能很好地满足网格的安全需求。该文提出一种基于任务和角色的计算网格访问控制模型。该模型通过定义授权步及系统条件约束,能动态地控制主体访问资源的权限,具有较好的通用性、灵活性和可扩展性,并已在计算网格实验平台中得到了实现。  相似文献   

13.
网格的安全性因其广泛的资源共享和动态、多域的异构环境而显得极为复杂.网格安全基础设施(GSI)可以解决身份鉴别、保密性和完整性问题,却难以有效解决访问控制问题,传统的访问控制模型也不能很好的满足网格的安全需求.本文在华中科技大学计算网格平台基础上,研究并提出了一种基于任务的计算网格访问控制模型,该模型通过定义授权步和任务状态及系统条件约束,能动态地控制主体访问资源的权限,具有较好的通用性、灵活性和可扩展性,并已在计算网格实验平台中得到了实现.  相似文献   

14.
黄刚  王汝传 《微计算机信息》2007,23(18):130-132,157
网格安全是网格计算中的一个重要问题,网格的访问控制可以解决网格环境下的资源共享和管理问题,基于角色的访问控制是最具影响的高级访问控制模型.首先介绍了RBAC模型,分析网格中基于RBAC访问控制的模型.在网格计算中访问控制存在着多个管理域RBAC问题,给出了网格中的标准RBAC扩展,并以此建立了的网格访问控制模型.  相似文献   

15.
网格的访问控制模型   总被引:4,自引:1,他引:4  
陈华 《微机发展》2004,14(8):27-29
网格要达到资源共享和管理的目的,必须解决资源的访问控制问题。网格的访问控制必须建立在现有的访问控制系统之上,但是网格计算的环境经常跨越多个不同的自治管理域,每个域的访问控制策略和需求可能十分不同.这就使得对网格资源的访问控制更加复杂,现有的访问控制系统必须进行扩展才能移植到网格系统中。文中将讨论三种基于不同方式的网格访问控制模型。每个都有其自身特点,可以根据不同需求来选用。  相似文献   

16.
The paper describes the problem of unauthorized access to the data processed in distributed grid computing networks. Existing implementations of entity authentication mechanisms in grid systems are analyzed, and their disadvantages are considered. An approach to the use of group signature schemes, which prevents unauthorized access to a computing environment and provides the integrity of transferred data, is proposed.  相似文献   

17.
基于RBAC策略的可信网格访问控制模型*   总被引:2,自引:1,他引:1  
针对网格环境的特点,分析了网格中实体间的信任关系,给出了信任度的计算方法。对RBAC技术进行了相应的改进,提出了基于RBAC的可信网格访问控制模型,给出了RTGM模型中的结构和模块以及访问控制部分的过程。可信网格访问控制提高了网格环境下的访问安全性。  相似文献   

18.
云计算是继网格计算后又一项正在兴起中的技术,它的出现使"互联网上众多的计算机成为一台虚拟超级计算机"的梦想慢慢变成了现实.云计算下高校图书馆的信息安全问题,一方面来自云服务提供商提供的安全保障,另一方面来自高校图书馆的信息安全需求.针对高校图书馆可能面临的安全存储、访问控制、权限管理、数据保密及知识权等信息安全问题,云...  相似文献   

19.
方艳湘  沈昌祥  黄涛 《计算机工程》2006,32(17):194-196
分布式计算系统安全问题分为两大类:分布式计算的安全和主机的安全。其中恶意主机问题较难解决,该文通过对恶意主机问题的形式化分析,提出了一种基于可信域的终端模型(Trust Domain Based Terminal Model, TDBTM)。该模型通过分布式应用参与制定本地访问控制决策来解决分布式系统对信息的机密性和完整性要求。同时提出了基于该模型以及可信计算思想设计的体系结构(Trust Domain Based Terminal Architecture, TDBTA),以满足远程证实终端系统可信的需要。结合上述两点内容,该方案有望从根本上解决分布式计算系统中恶意主机带来的安全问题。  相似文献   

20.
网格计算作为一种新的分布式计算基础架构,因其资源、服务的异构、动态等特征,决定了安全机制的重要性.访问控制是安全的一个重要的部分.现有的网格授权模型多是基于传统的访问控制方式,没有考虑到网格环境中主体属性和对象属性的多样性,以及具体的任务和执行环境.在借鉴和使用控制模型的基础上,提出一种基于属性和任务的网格授权模型.该模型在考虑主体属性和对象属性的同时,结合具体的任务和执行环境进行授权,并能够在主体属性和对象属性发生变动的情况下,实现动态授权,从而在一定程度上避免了滥用权限的现象.  相似文献   

设为首页 | 免责声明 | 关于勤云 | 加入收藏

Copyright©北京勤云科技发展有限公司  京ICP备09084417号