Security-aware Resource Brokering for Bioinformatics Workflows across Federated Multi-cloud Infrastructures

Proceedings of the 21st International Conference on Distributed Computing and Networking Pub Date : 2020-01-04 DOI:10.1145/3369740.3369791

Minh Nguyen, S. Debroy, P. Calyam, Zhen Lyu, T. Joshi

{"title":"Security-aware Resource Brokering for Bioinformatics Workflows across Federated Multi-cloud Infrastructures","authors":"Minh Nguyen, S. Debroy, P. Calyam, Zhen Lyu, T. Joshi","doi":"10.1145/3369740.3369791","DOIUrl":null,"url":null,"abstract":"Data-intensive science applications often use federated multi-cloud infrastructures to support their compute-intensive processing needs. However, lack of knowledge about: a) individual domain's security policies, b) how that translates to application security assurance, and c) nature of performance and security trade-offs - can cause performance-security conflicts for applications and inefficient resource usage. In this paper, we propose a security-aware resource brokering middleware framework to allocate application resources by satisfying their performance and security requirements. The proposed middleware implements MCPS (Multi-Cloud Performance and Security) Broker that uses a common data model to represent applications' performance and security requirements. It performs a security-aware global scheduling to choose the optimal cloud domain, and a local scheduling to choose the optimal server within the chosen cloud domain. Using real SoyKB application workflows, we implement the proposed MCPS Broker in the GENI Cloud and demonstrate its utility through a NIST-guided risk assessment.","PeriodicalId":240048,"journal":{"name":"Proceedings of the 21st International Conference on Distributed Computing and Networking","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-01-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 21st International Conference on Distributed Computing and Networking","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3369740.3369791","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 3

Abstract

Data-intensive science applications often use federated multi-cloud infrastructures to support their compute-intensive processing needs. However, lack of knowledge about: a) individual domain's security policies, b) how that translates to application security assurance, and c) nature of performance and security trade-offs - can cause performance-security conflicts for applications and inefficient resource usage. In this paper, we propose a security-aware resource brokering middleware framework to allocate application resources by satisfying their performance and security requirements. The proposed middleware implements MCPS (Multi-Cloud Performance and Security) Broker that uses a common data model to represent applications' performance and security requirements. It performs a security-aware global scheduling to choose the optimal cloud domain, and a local scheduling to choose the optimal server within the chosen cloud domain. Using real SoyKB application workflows, we implement the proposed MCPS Broker in the GENI Cloud and demonstrate its utility through a NIST-guided risk assessment.

查看原文本刊更多论文

跨联邦多云基础设施的生物信息学工作流的安全感知资源代理

数据密集型科学应用程序通常使用联合多云基础设施来支持其计算密集型处理需求。然而，缺乏以下方面的知识:a)单个域的安全策略，b)如何将其转换为应用程序安全保证，以及c)性能和安全权衡的本质——可能会导致应用程序的性能安全冲突和低效的资源使用。本文提出了一种具有安全意识的资源代理中间件框架，通过满足应用程序的性能和安全需求来分配应用程序资源。所建议的中间件实现了MCPS(多云性能和安全)代理，该代理使用公共数据模型来表示应用程序的性能和安全需求。它执行安全感知的全局调度以选择最优云域，执行本地调度以选择所选云域中的最优服务器。使用真实的SoyKB应用程序工作流，我们在GENI云中实现了拟议的MCPS Broker，并通过nist指导的风险评估演示了其实用性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Proceedings of the 21st International Conference on Distributed Computing and Networking

自引率

0.00%

发文量