A Framework for Trust Management System in Computational Grids

By

Grid Lab, Dept of I.T,

Madras Institute of Technology

Anna University

Chennai

What we cover….

Motivation

Trust Management System – Lifecycle & Metrics

Trust Based Scheduler

Trusted Grid Architecture

Experimental Results ..

Conclusion

Motivation

Grid is a dynamic collections of huge number

of resources spanning multiple administrative

domains, distributed across the globe to solve

a computationally intensive problem.

It involves Resources and Information sharing

with unknown parties that pose a great

challenge in ensuring trustworthiness of

resource providers

Current grid security mechanism lacks the

ability to determine how “trustworthy” a

resource provider is.

Objectives

To define a trust management system

with its life cycle to evaluate

trustworthiness of Grid Resource

Providers.

To develop trust resource broker that

discovers suitable and trusted grid

resource for reliable, accurate and in

time successful job execution

To propose a standard architecture that

enables Trust Based Scheduling in Grid

We define Trust…

The degree of belief in the resource provider’s competence to

complete user’s task dependably, securely and reliably in a specific

context at a given time

usersAgent / Resource Broker

Resources

User’sTrust

Broker’sTrust

InformationTrust

EquipmentProvision

Trust

ServiceProvision

Trust

VariousTrusts

Describes relying party’s trust in a service provider. The trustor trusts the trustee to provide a service that does not involve access to the trustor’s resource

• A trustor trusts a trustee to use resources that he owns or controls. •It measures whether a resource provided by the resource provider is trustworthy.

• It is the belief that information provided by the Information provider is reliable and accurate.

• It is a measure of belief that a resource broker has discovered a trustworthy resource

Types of trust

• Measures whether a resource provider is willing to offer his services to the user.• The previous behaviour / payment record may be considered for this trust

Trust Integration

Trust MetricIdentification

Trust ValueCalculation

Trust MetricEvaluation

Trust ValueUpdation

TMSTMS

• Identify suitable parameters with which the respective trust can be defined

• Apply suitable methodology to determine the value of those metrics

• Determine the overall trust value using the values for various trust metrics obtained

• Integrate the trust mechanism in the resource broker / Scheduler to find out the most trustworthy resource provider for successful job execution/task completion

• Modify or update the value of trust periodically for each resource provider

Trust Management Life Cycle

Our Focus is on Equipment Provision trust

EquipmentProvision

Trust

• In Grid environment, where

resources from diverse organizations

are shared, the real challenge is

determining the trustworthiness of

the resource providers.

Emphasis is on EQUIPMENT

PROVISION TRUST for Computationally intensive problems to be solved.

Trust Management System for Equipment Provision Trust

Estimates Trustworthiness of all Grid Resource Providers

Periodically updates the trust value

The trust calculation is based on

Resource performance Metrics

User feedback Metrics

Resource Registration Metrics

The Trust Management System integrated with a Grid

Metascheduler acts as Grid Resource Broker

EquipmentProvision

Trust

Resource Registration Metrics

Resource Performance Metrics

User Feedback Metrics

Dependency Metrics

These metrics reflect reputation of the resource in the user community

These metrics reflect the infrastructure of the organization. It is used to identify initial trust value of the resource provider

These metrics reflect the throughput of the resources and their QoS

Affordability, Bandwidth, Success, Failure

Reputation through feedback

Government / Private, Registration Number

Parameters… In our context….

How to calculate overall trust ?

How to integrate trust with metascheduler ?

Issues

Issues

How to obtain those parameters ?

1 2

3

2100 2100 2100 2100

2100 2100 2100 2100

Network Monitoring Tools (NMT)

Metascheduler

- Success- Failure (Obviously)

- Affordability- Bandwidth

Tools to determine parameters

Gridway

Local Scheduler & NWS

Trust per Job Execution and Overall Trust

Integration with GridwayIntegration with Gridway

To propose a trust based scheduling mechanism

Position of Gridway !!

PBS cluster SGE cluster Condor cluster

Globus core Middleware

Gridway Metascheduler

Gridway

• A metascheduler that uses Globus as

core middleware.

Performs• Resource Discovery

• Job scheduling

• Job submission

• Job Execution Monitoring

With…

• Transparent Resource access

• Adapting to dynamism of grid

environment

Users

Components of Gridway..

Responsible for data transfer between the resources and staging of files

Responsible for resource discovery and monitoring

Responsible for job scheduling and initiates resource discovery

It receives resource request for executing the job

RequestManager

DispatchManager

Transfer Manager

MAD

ExecutionManager

MAD

InformationManager M

AD

User

gFTP RFTPre-WS GRAM

WS-GRAM

MDS2

MDS4

Grid File TransferServices

Grid Executionservices

Grid Informationservices

Middleware Access Drivers

Scheduler

Gridway Core

Responsible for job execution

Conventional Gridway Flow Trust Enabled Gridway Flow

Job Submit

<job template>

Gathers AvailableResource

MatchesAgainst JobReq

R1R2 R3

Invokes Scheduling Operation

Performs Matchmaking

Selects and submit

Job Submit

<job template>

Gathers AvailableResource

MatchesAgainst JobReq

R1R2 R3

Invokes Scheduling Operation

Performs Matchmaking

Selects and submit

TMSInvokes TMS

TrustDB

Selects Most TrustedResource

----

----

GWD_PORT = 6725

MAX_NUMBER_OF_CLIENTS = 20

NUMBER_OF_ARRAYS = 200

NUMBER_OF_JOBS = 5000

NUMBER_OF_HOSTS = 100

NUMBER_OF_USERS = 30

JOBS_PER_SCHED = 15

JOBS_PER_HOST = 10

JOBS_PER_USER = 30

----

----

----

---- GWD_PORT = 6725

MAX_NUMBER_OF_CLIENTS = 20

NUMBER_OF_ARRAYS = 200

NUMBER_OF_JOBS = 5000

NUMBER_OF_HOSTS = 100

NUMBER_OF_USERS = 30

# Trust_value=1 for the trust based resource selection

# Trust_value=0 for the normal Gridway resource selection

TRUST_VALUE = 1

JOBS_PER_SCHED = 15

JOBS_PER_HOST = 10

JOBS_PER_USER = 30

----

--- -

gwd.conf gwd.conf

Gridway Configuration File Trust Enabled Gridway Configuration File

Integrating Trust Management System with

gridway metascheduler will act as a Resource

Broker that select grid resource based on its

trust value

With this resource broker, we hereby proposing

a four layered grid architecture that facilitates

grid resource discovery and selection of most

trusted grid resource for job execution

Where do we evolve the architecture ?

Reaching the destination …

Layered Architecture of Trust Resource Broker for Equipment Provision Trust

UserFeedback

GridResource

Registration

Trust Management

System

GridwayMetascheduler

MDS GRAM GFTP/RFTP

GSI

Database

Resources

ApplicationPortlets

Application Layer

Trust Layer

Grid Middleware

Grid Fabrics

Receives feedback from the user and resource registration information from the resource provider

Monitors Trust metrics, evaluates trust and makes decision based on the trust and facilitates job execution

Constitutes grid middleware, provides grid resource information to trust layer, and take care grid resource authentication

Refers to the underlying grid resources where actual job execution takes place. They may use local job manager for monitoring job execution

Trust Broker

ApplicationPortletsApplication

Portlets

NMT

Experimental Setup

RockCluster

VOCluster

MITCluster

10 Nodes

15 Nodes

60 Nodes

Connected with

Garuda Resources

Trust Based Metascheduler

g09.grid

Most trustworthy resource will get more jobs for scheduling , i.e., a good shop

will have huge crowd

Results

The trust value of a resource that shows gradual decrease in the affordability

Results

Portal to submit job

Portal displaying output

Portal to know job status

Portal to submit feedback after job execution

Conclusion

The trust management system integrated with gridway

metascheduler enables discovery of a suitable resource that has the

highest trust value

Executing job in a trusted resource facilitates satisfactory usage of

grid resources with increased reliability and accuracy

References…

[Abr95] M.D. Abrams, M.V. Joyce. Trusted Computing Update. Computers and Security, 14(1): 57-68. 1995.

[Boe03] S. Boeyen et al. Liberty Trust Models Guidelines. In J. Linn (editor), Liberty Alliance Project. Liberty Alliance, draft version 1.0, 2003.

[Buy04] S. Venugopal, R. Buyya and L. Winton, “A Grid Service Broker for Scheduling Distributed Data-Oriented Applications on Global Grids”, Proceedings of the 2nd International Workshop on Middleware for Grid Computing (Co-located with Middleware 2004, Toronto, Canada, October 18, 2004), ACM Press, 2004, USA

[Cas98] C. Castelfranchi, R. Falcone. Principles of Trust for MAS: Cognitive Anatomy, Social Importance, and Quantification. In Y. Demazeau (editor), Proceedings of the Third International Conference on Multi-Agent Systems. IEEE C.S., Los Alamitos, 1998.

[Kin98] A. Kini, J. Choobineh. Trust in Electronic Commerce: Definition and Theoretical Consideration. Proceedings of 31st International Conference on System Sciences, IEEE, 1998.

[Gra00] T. Grandison, M. Sloman. A Survey of Trust in Internet Applications. IEEE Communications Survey and Tutorials, 3, 2000.

[Dim01] T. Dimitrakos. System Models, e-Risk and e-Trust. Towards Bridging the Gap? in Towards the ESociety: E-Business, E-Commerce, and E-Government, eds. B. Schmid, K. Stanoevska-Slabeva, V. Tschammer. Kluwer Academic Publishers, 2001.

[Jos05] A. Josang, R. Ismail, C. Boyd. A Survey of Trust and Reputation Systems for Online Service Provision. Decision Support Systems, 2005.

[Chi04] Ching L., Vijay V. and Yan W. Vineet P., “Enhancing Grid Security with Trust Management”, Proceedings of the 2004 IEEE International Conference on Services Computing (SCC’04).

[Xia04] G. Xiaolin, X.Bing, L.Yinan, Q.Depei, “A Grid Security Infrastructure Based on Behaviors and

Trusts” GCC 2004 Workshops, LNCS 3252 pp. 482–489, Springer-Verlag Berlin Heidelberg, 2004.

Wang, Y., Vassileva, J., “Bayesian Network-Based Trust Model”, Web Intelligence, Halifax Canada,

2003, pp 372-378. [Nat05] G. Nathan, C. Kuo-Ming, “Experience-Based Trust: Enabling Effective

Resource Selection in a Grid Environment”, iTrust 2005, LNCS 3477, Springer-Verlag Berlin Heidelberg 2005, pp. 240–255.

[Muh06] Muhammad Hanif Durad, Yuanda Cao,” A Vision for the Trust Managed Grid”, Proceedings of the Sixth IEEE International Symposium on Cluster Computing and the Grid Workshops (CCGRIDW'06)

References…

[Dim04] T. Dimitrakos, D. Golby P. Kearney. Towards a Trust and Contract Management Framework for Dynamic Virtual Organisations. In eAdoption and the Knowledge Economy: eChallenges 2004. Vienna, Austria, 2004.

[Gra00] T. Grandison, M. Sloman. A Survey of Trust in Internet Applications. IEEE Communications Survey and Tutorials, 3, 2000.

[Bro03a] P.J. Broadfoot, G. Lowe. Architectures for Secure Delegation within Grids. Oxford University Computing Laboratory Technical Report, PRG-RR-03-19, 2003.

[Roo71] Rotter, J. B. 1971. Generalized expectancies for interpersonal trust. American Psychologist, 26: 443-452.

[Lew85] Lewis, J. D. & Weigert, A. J. 1985b. Social atomism, holism, and trust. The Sociological Quarterly, 2l6(4):455-471.

[Sur02] M. Surridge. A Rough Guide to Grid Security. Technical Report, IT Innovation Centre, V1.1a, 2002.

[Gas90] M. Gasser, E. McDermott. An Architecture for Practical Delegation in a Distributed System. IEEE

Symposium on Research in Security and Privacy, 1990.

References

[Fos98] I. Foster, C. Kesselman, G. Tsudki, S. Tuecke. A Security Architecture for Computational Grids. In Proceedings of 5th ACM Conference on Computer and Communication Security, 1998.

[Joh03] W.E. Johnston, J.M. Brooke, R. Butler, D. Foster and M. Mazzucato. Production Deployment:

Experiences and Recommendations. In [Fos03], 2003. [Nag03] N. Nagaratnam, P. Janson, J. Dayka, A. Nadalin, F. Siebenlist,

V. Welch, S. Tuecke, I. Foster. Security Architecture for Open Grid Services. Available at http://forge.gridforum.org/projects/ogsa-sec-wg.

[Ton06] N. Tonellotto, R. Yahyapour, Ph. Wieder, CoreGRID Technical Report ,Number TR-0015 January 11, 2006

[Ji06] Ji Ma and Mehmet A. Orgun, Trust Management and Trust Theory Revision, IEEE Transactions On Systems, Man, And Cybernetics—Part A: Systems And Humans, Vol. 36, No. 3, May 2006.

[Ind04] Indrajit Ray and Sudip Chakraborty, “A vector Model of Trust for Developing Trustworthy Systems”, Proceedings of 9th European Symposium on Research in Computer Security (ESORICS'04), 2004.

References

[Dan01] Dan J. Kim, Y. Il Song, S. B. Braynov and H. R. Rao, “A B-to-C Trust Model for On-line Exchange”, Americas Conference on Information Systems(AMCIS), Boston, Massachusetts, August 3-5, .2001.

[Pat05] V.Patel, R.K.Shyamasundar, “Trust management for e-transactions”, sadana, vol. 30, April/June 2005, pp 141-158.

[Ros57] Rosenberg, M. Occupations and values. Glencoe, IL: Free Press.

http://www.mobilegrids.org/ http://www.ist-daidalos.org/ http://www.eu-egee.org/ http://www.hpc4u.org/ http://www.nextgrid.org/ http://www.gridprovenance.org/ http://www.simdat.org http://www.eu-trustcom.com http://www.unigrids.org

References

Thank youThank you QuestionsQuestions

Backup Slides

Ganglia Ganglia is a scalable distributed monitoring tool

used for high-performance computing systems

such as clusters and Grids.

Two unique daemons

- gmetad (Ganglia Meta daemon)

- gmond (Ganglia Monitoring daemon)

gmond

- monitor/announce/listen to the changes in

host state

gmetad

- Runs in master node and gathers information

from all nodes that runs gmond

Node A Node BNode C

Node D (Master Node)

gmond gmondgmond

gmetad

Network Weather Service

• a generalized distributed monitoring

system

• periodically monitors and dynamically

forecasts the performance of various

network and computational resources

• The nameserver running in the master

node gathers network characteristics

from all sensor nodes and stores in

memory

Node ANode B Node C

Node D (Master Node)

nws-sensor

nws-nameservermemory

nws-sensor nws-sensor

Gives MIPS of an executable

Instruction count – Using Linux command

MIPS = Instruction count / Execution time*106

Whetstone/Dhrystone Benchmarks

Further Literature

Issues

Literature Survey

How to evaluate each trust metric?

Implementation Ahead …..

Implementation – Parameter RetrievalActual Execution time, Success & Failure

Job Submission

Gridway Metascheduler

Actual Execution Time

Success

FailureReads Status

Obtains

Status of Execution

Gridway Metascheduler

Actual Execution Time

Success

Failure

Resource A

DRMAAs

JAVAModule

Trust Layer

Fabric Layer

Grid Middleware Layer

Implementation – Parameter RetrievalAvailability

Gridway

Ganglia gmetad

Master Node of Resource A

JAVA Module

POLLS

Down time

Up timequeries JAVA

Module Availability

Trust Layer

Fabric Layer

Grid Middleware Layer

Ganglia gmond

Implementation – Parameter RetrievalBandwidth, Latency

Gridway

nws-nameserver JAVAModule

Bandwidth

Memory Latency

Master Node of A

Trust Layer

Fabric Layer

Grid Middleware Layer

nws-sensor nws-sensor nws-sensor

Master Node of B Master Node of C

Portal InterfaceUser Feedback, Resource Registration

UserFeedback

ResourceRegistration

JAVAModule Database

userResource Provider

Trust Layer

Application Layer

Portal

Database

TrustManagement

GridwayMetascheduler

NWS

Ganglia

1 2

MDS

4

5

3

8

6

6

Whetstone/Dhrystone

512

9

Resource Domain

users

6

6

1011

Trust Resource Broker

The Ultimate Flow …