Title :
Sandboxing for a free-to-join grid with support for secure site-wide storage area
Author :
Cavalcanti, Edjozane ; Assis, Leonardo ; Gaudencio, Matheus ; Cirne, Walfredo ; Brasileiro, Francisco
Author_Institution :
Univ. Fed. de Campina Grande, Campina Grande
Abstract :
Grid computing enables different institutions to access each other´s resources, and hence requires very strong security guarantees. We here explore how visualization was used to provide security for OurGrid, an easy-to-use free-to-join grid that supports bag-of-tasks applications. OurGrid poses interesting security challenges. It is free-to-join (which means one runs unknown applications) and strives for simplicity (which means that configuration must be trivial). We show how we have dealt with such challenges by using Xen to virtualize a single machine, and VNET, OCFS2 and NFS to virtualize a site-wide shared file system, creating a sandboxing solution called SWAN. We evaluate SWANs security and performance. Our results indicate that SWAN is efficient in the single machine virtualization, but less so for the shared file system. Yet, a site-wide file system enables grid jobs to reuse files already transferred to other machines in the site, avoiding expensive inter-site file transfer.
Keywords :
grid computing; security of data; NFS; OCFS2; OurGrid; SWAN; VNET; Xen; bag-of-tasks applications; free-to-join grid; grid computing; sandboxing solution; secure site-wide storage area; single machine virtualization; site-wide shared file system; Application virtualization; Computer crime; Computer security; Distributed computing; File systems; Grid computing; Isolation technology; Protection; Secure storage; Virtual machining;
Conference_Titel :
Virtualization Technology in Distributed Computing, 2006. VTDC 2006. First International Workshop on
Conference_Location :
Tampa, FL
Print_ISBN :
0-7695-2873-1
Electronic_ISBN :
978-0-7695-2873-1
DOI :
10.1109/VTDC.2006.11
