发布求助
文献互助 智能选刊 最新文献

HPDC-14. Proceedings. 14th IEEE International Symposium on High Performance Distributed Computing, 2005.最新文献

筛选
英文 中文
Identity boxing: secure user-level containment for the grid 标识装箱:对网格进行安全的用户级遏制
HPDC-14. Proceedings. 14th IEEE International Symposium on High Performance Distributed Computing, 2005. Pub Date : 2005-07-24 DOI: 10.1109/HPDC.2005.1520984
D. Thain
{"title":"Identity boxing: secure user-level containment for the grid","authors":"D. Thain","doi":"10.1109/HPDC.2005.1520984","DOIUrl":"https://doi.org/10.1109/HPDC.2005.1520984","url":null,"abstract":"Today, a public key infrastructure allows grid users to be identified with strong cryptographic credentials and and a descriptive, globally-unique name such as /O=UnivNowhere/CN=Fred. This powerful security infrastructure allows users to perform a single login and then access a variety of remote resources on the grid without further authentication steps. However, once connected to a specific system, a user's grid credentials must somehow be mapped to a local namespace. This creates a significant burden upon the administrator of each site to manage a continuously-changing user list. Large systems have worked around this by employing the old insecure standby of shared user accounts. A single user may be known by a different account name at every single site that he or she accesses, in addition to a variety of identity names given by certificate authorities. In order to access a resource, the user may need to have a local account generated. In order to share resources, each user must know the local identities of users that he/she wishes to share with. To solve these problems, we introduce the technique of identity boxing. An identity box is a well-defined execution space in which all processes and resources are associated with an external identity that need not have any relationship to the set of local accounts. That is, within an identity box, a program runs with an explicit grid identity string rather than with a simple integer UID. As a program executes, all access controls are performed using the high level name rather than the low-level account information. A single Unix account may be used to securely manage several identity boxes simultaneously, thus eliminating the need to services to run as root merely to change identities.","PeriodicalId":120564,"journal":{"name":"HPDC-14. Proceedings. 14th IEEE International Symposium on High Performance Distributed Computing, 2005.","volume":"30 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-07-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133285808","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Distributed streaming query planner in Calder system Calder系统中的分布式流查询规划器
HPDC-14. Proceedings. 14th IEEE International Symposium on High Performance Distributed Computing, 2005. Pub Date : 2005-07-24 DOI: 10.1109/HPDC.2005.1520992
Y. Liu, Beth Plale, N. Vijayakumar
{"title":"Distributed streaming query planner in Calder system","authors":"Y. Liu, Beth Plale, N. Vijayakumar","doi":"10.1109/HPDC.2005.1520992","DOIUrl":"https://doi.org/10.1109/HPDC.2005.1520992","url":null,"abstract":"The contribution of this work has two folds. First, we extend the current query planners' cost metric space by introducing network bandwidth cost, query deployment cost and query re-using cost; second, we develop a suite of algorithms for re-using existing query fragments under different scenarios. One of the most important reusable queries is called structure-sharable query.","PeriodicalId":120564,"journal":{"name":"HPDC-14. Proceedings. 14th IEEE International Symposium on High Performance Distributed Computing, 2005.","volume":"111 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-07-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130551726","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
CODO: firewall traversal by cooperative on-demand opening CODO:通过协作的按需打开来遍历防火墙
HPDC-14. Proceedings. 14th IEEE International Symposium on High Performance Distributed Computing, 2005. Pub Date : 2005-07-24 DOI: 10.1109/HPDC.2005.1520965
Se-Chang Son, W. Allcock, M. Livny
{"title":"CODO: firewall traversal by cooperative on-demand opening","authors":"Se-Chang Son, W. Allcock, M. Livny","doi":"10.1109/HPDC.2005.1520965","DOIUrl":"https://doi.org/10.1109/HPDC.2005.1520965","url":null,"abstract":"Firewalls and network address translators (NATs) cause significant connectivity problems along with benefits such as network protection and easy address planning. Connectivity problems make nodes separated by a firewall/NAT unable to communicate with each other. Due to the bidirectional and multi-organizational nature of grids, they are particularly susceptible to connectivity problems. These problems make collaboration difficult or impossible and cause resources to be wasted. This paper presents a system, called CODO, which provides applications end-to-end connectivity over firewalls/NATs in a secure way. CODO allows applications authorized through strong security mechanisms to traverse firewalls/NATs, while blocking unauthorized applications. This paper also formalizes the firewall/NAT traversal problem and clarifies how a traversal system fits in the overall security policy enforcement by a firewall/NAT.","PeriodicalId":120564,"journal":{"name":"HPDC-14. Proceedings. 14th IEEE International Symposium on High Performance Distributed Computing, 2005.","volume":"161 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-07-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122296704","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 29
Increasing application performance in virtual environments through run-time inference and adaptation 通过运行时推断和适应提高虚拟环境中的应用程序性能
HPDC-14. Proceedings. 14th IEEE International Symposium on High Performance Distributed Computing, 2005. Pub Date : 2005-07-24 DOI: 10.1109/HPDC.2005.1520935
Ananth I. Sundararaj, A. Gupta, P. Dinda
{"title":"Increasing application performance in virtual environments through run-time inference and adaptation","authors":"Ananth I. Sundararaj, A. Gupta, P. Dinda","doi":"10.1109/HPDC.2005.1520935","DOIUrl":"https://doi.org/10.1109/HPDC.2005.1520935","url":null,"abstract":"Virtual machine distributed computing greatly simplifies the use of widespread computing resources by lowering the level of abstraction, benefiting both resource providers and users. Towards that end our Virtuoso middleware closely emulates the existing process of buying, configuring and using physical machines. Virtuoso's VNET component is a simple and efficient layer two virtual network tool that makes these virtual machines (VMs) appear to be physically connected to the home network of the user while simultaneously supporting arbitrary topologies and routing among them. Virtuoso's VTTIF component continually infers the communication behavior of the application running in a collection of VMs. The combination of overlays like VNET and inference frameworks like VTTIF has great potential to increase the performance, with no user or developer involvement, of existing, unmodified applications by adapting their virtual environments to the underlying computing infrastructure to best suit the applications. We show here how to use the continually inferred application topology and traffic to dynamically control three mechanisms of adaptation, VM migration, overlay topology, and forwarding to significantly increase the performance of two classes of applications, bulk synchronous parallel applications and transactional Web e-commerce applications.","PeriodicalId":120564,"journal":{"name":"HPDC-14. Proceedings. 14th IEEE International Symposium on High Performance Distributed Computing, 2005.","volume":"7 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-07-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125367000","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 64
Design and evaluation of a new and effective fairness scheme for multicasting in Internet-scale distributed systems 互联网规模分布式系统中一种新的有效的多播公平性方案的设计与评价
HPDC-14. Proceedings. 14th IEEE International Symposium on High Performance Distributed Computing, 2005. Pub Date : 2005-07-24 DOI: 10.1109/HPDC.2005.1520977
Yijun Lu, Hong Jiang
{"title":"Design and evaluation of a new and effective fairness scheme for multicasting in Internet-scale distributed systems","authors":"Yijun Lu, Hong Jiang","doi":"10.1109/HPDC.2005.1520977","DOIUrl":"https://doi.org/10.1109/HPDC.2005.1520977","url":null,"abstract":"This paper argues that simply applying a multiple-tree scheme does not provide sufficient fairness for applications in an Internet-scale distributed system, in terms of performance. Motivated from the observation of the tax and donation systems in our society, we believe that a better way to define fairness, for performance's sake, is to factor in nodes' proportional contributions because it provides the opportunity to support many simultaneous multicasting sessions. This paper then presents a protocol, called FairOM (Fair Overlay Multicast), to enforce proportional contribution among peers in an Internet-scale distributed system.","PeriodicalId":120564,"journal":{"name":"HPDC-14. Proceedings. 14th IEEE International Symposium on High Performance Distributed Computing, 2005.","volume":"77 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-07-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125965173","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Distributed application management using Plush 使用Plush进行分布式应用程序管理
HPDC-14. Proceedings. 14th IEEE International Symposium on High Performance Distributed Computing, 2005. Pub Date : 2005-07-24 DOI: 10.1109/HPDC.2005.1520975
Jeannie R. Albrecht, Christopher Tuttle, A. Snoeren, Amin Vahdat
{"title":"Distributed application management using Plush","authors":"Jeannie R. Albrecht, Christopher Tuttle, A. Snoeren, Amin Vahdat","doi":"10.1109/HPDC.2005.1520975","DOIUrl":"https://doi.org/10.1109/HPDC.2005.1520975","url":null,"abstract":"Recent computing trends have shown an increase in the demand for large-scale, distributed, federated computing environments. Two of the more popular environments that have emerged are the grid and PlanetLab. At a high level, these systems are similar in many ways; both are comprised of a set of heterogeneous interconnected machines that allows secure resource sharing for a variety of different users and applications. However, at a lower level, the systems are very distinct in the sense that they were designed to solve different types of problems, and therefore have fundamental differences that make it difficult to develop and deploy applications on both platforms. As a result, application designers and researchers create software that runs on either the grid or PlanetLab, but not both. We propose to solve this problem by describing a common abstraction for both PlanetLab and grid applications. Further, we present Plush - a tool that implements the distributed application abstraction by providing a pluggable and extensible infrastructure allowing users to customize their environment for running experiments on both PlanetLab and the grid.","PeriodicalId":120564,"journal":{"name":"HPDC-14. Proceedings. 14th IEEE International Symposium on High Performance Distributed Computing, 2005.","volume":"78 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-07-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121665903","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
首页 上一页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信