Issue No.05 - May (2008 vol.19)
pp: 682-697
Security is increasingly becoming an important issue in the design of real-time parallel applications, which are widely used in industry and academic organizations. However, existing schedulers for real-time parallel jobs on clusters generally do not factor in security requirements when making allocation and scheduling decisions. Aiming at improving security for real-time parallel applications, we develop two resource allocation schemes, called TAPADS (Task Allocation for Parallel Applications with Deadline and Security constraints) and SHARP (Security- and Heterogeneity-Aware Resource allocation for Parallel jobs), by taking into account applications"?timing and security requirements in addition to precedence constraints. In this paper we consider two types of computing platforms: homogeneous clusters and heterogeneous clusters. To facilitate the presentation of the new schemes, we build mathematical models to describe a system framework, security overhead, and parallel applications with deadline and security constraints. The proposed schemes are applied to heuristically find resource allocations that maximize the quality of security and the probability of meeting deadlines for parallel applications running on clusters. We conducted extensive experiments using real world applications and traces as well as synthetic benchmarks. Experimental results are presented to demonstrate the effectiveness and practicality of the proposed schemes.
Scheduling and task partitioning, Real-time distributed
Tao Xie, Xiao Qin, "Security-Aware Resource Allocation for Real-Time Parallel Jobs on Homogeneous and Heterogeneous Clusters", IEEE Transactions on Parallel & Distributed Systems, vol.19, no. 5, pp. 682-697, May 2008, doi:10.1109/TPDS.2007.70776
[1] T.F. Abdelzaher, E.M. Atkins, and K.G. Shin, “QoS Negotiation in Real-Time Systems and Its Application to Automated Flight Control,” IEEE Trans. Computers, vol. 49, pp. 1170-1183, 2000.
[2] Q. Ahmed and S. Vrbsky, “Maintaining Security in Firm Real-Time Database Systems,” Proc. 14th Ann. Computer Security Application Conf. (ACSAC '98), pp. 83-90, 1998.
[3] A. Apvrille and M. Pourzandi, “XML Distributed Security Policy for Clusters,” Elsevier Computers and Security J., vol. 23, no. 8, pp.649-658, 2004.
[4] M. Bishop, Computer Security. Addison-Wesley, 2003.
[5] R. Chandramouli, S. Bapatla, K.P. Subbalakshmi, and R.N. Uma, “Battery Power-Aware Encryption,” ACM Trans. Information and System Security, vol. 9, no. 2, pp. 162-180, 2006.
[6] K. Connelly and A.A. Chien, “Breaking the Barriers: High Performance Security for High-Performance Computing,” Proc. 10th New Security Paradigms Workshop (NSPW '02), pp. 36-42, 2002.
[7] R.P. Dick, D.L. Rhodes, and W. Wolf, “TGFF: Task Graphs for Free,” Proc. Sixth Int'l Workshop Hardware/Software Codesign (CODES/CASHE '98), pp. 97-101, 1998.
[8] I. Foster, N.T. Karonis, C. Kesselman, and S. Tuecke, “Managing Security in High-Performance Distributed Computations,” Cluster Computing, vol. 1, no. 1, pp. 95-107, 1998.
[9] S. Gritzalis, “Enhancing Privacy and Data Protection in Electronic Medical Environments,” J. Medical Systems, vol. 28, no. 6, pp. 535-547, 2004.
[10] L. He, A. Jatvis, and D.P. Spooner, “Dynamic Scheduling of Parallel Real-Time Jobs by Modelling Spare Capabilities in Heterogeneous Clusters,” Proc. Fifth IEEE Int'l Conf. Cluster Computing (CLUSTER '03), pp. 2-10, 2003.
[11] A. Jones and J.C. Rabelo, “Survey of Job Shop Scheduling Techniques,” NISTIR. Nat'l Inst. Standards and Tech nology, 1998.
[12] C.-J. Hou and K.G. Shin, “Allocation of Periodic Task Modules with Precedence and Deadline Constraints in Distributed Real-Time Systems,” IEEE Trans. Computers, vol. 46, no. 12, pp.1338-1356, Dec. 1997.
[13] W.T.C. Kramer, A. Shoshani, D.A. Agarwal, B.R. Draney, G. Jin, G.F. Butler, and J.A. Hules, “Deep Scientific Computing Requires Deep Data,” IBM J. Research and Development, vol. 48, no. 2, pp.209-232, 2004.
[14] B. Krebs, “Hackers Strike Advanced Computing Networks,” Washington Post, Apr. 2004.
[15] Y.-K. Kwok and I. Ahmad, “Efficient Scheduling of Arbitrary TaskGraphs to Multiprocessors Using a Parallel Genetic Algorithm,” J. Parallel and Distributed Computing, vol. 47, no. 1, pp. 58-77, 1997.
[16] C. Irvine and T. Levin, “Towards a Taxonomy and Costing Method for Security Services,” Proc. 15th Ann. Computer Security Applications Conf. (ACSAC '99), pp. 183-188, 1999.
[17] W. Li and R.B. Vaughn, “Cluster Security Research Involving the Modeling of Network Exploitations Using Exploitation Graphs,” Proc. Sixth IEEE Int'l Symp. Cluster Computing and Grid (CCGrid'06), pp. 26-36, 2006.
[18] B. Littlewood, S. Brocklehurst, N.E. Fenton, P. Mellor, S. Page, D. Wright, J. Dobson, J. McDermid, and D. Gollmann, “Towards Operational Measures of Computer Security,” J.Computer Security, vol. 2, no. 3, pp. 211-230, 1993.
[19] C.L. Liu and J.W. Layland, “Scheduling Algorithms for Multiprogramming in a Hard Real-Time Environment,” J. ACM, vol. 20, no. 1, pp. 46-61, 1973.
[20] M. Maheswaran, S. Ali, H.J. Siegel, D. Hensgen, and R.F. Freund, “Dynamic Matching and Scheduling of a Class of Independent Tasks onto Heterogeneous Computing Systems,” Proc. Eighth IEEE Heterogeneous Computing Workshop (HCW '99), pp. 30-44, 1999.
[21] J. Nechvatal, E. Barker, D. Dodson, M. Dworkin, J. Foti, and E. Roback, “Status Report on the First Round of the Development of the Advanced Encryption Standard,” J.Research of the Nat'l Inst. Standards and Technology, vol. 104, no. 5, pp. 435-459, 1999.
[22] J. Pamula, S. Jajodia, P. Ammann, and V. Swarup, “A Weakest-Adversary Security Metric for Network Configuration Security Analysis,” Proc. Second ACM Workshop Quality of Protection (QoP'06), pp. 31-38, 2006.
[23] M. Pourzandi, D. Gordon, W. Yurcik, and G.A. Koenig, “Clusters and Security: Distributed Security for Distributed Systems,” Proc. Fifth IEEE Int'l Symp. Cluster Computing and the Grid (CCGrid '05), pp. 96-104, 2005.
[24] W. Shi, H.H.S. Lee, C. Lu, and M. Ghosh, “Towards the Issues in Architectural Support for Protection of Software Execution,” ACM SIGARCH Computer Architecture News, special issue workshop on architectural support for security and antivirus (WASSA '05), vol.33, no. 1, pp. 6-15, 2005.
[25] S. Song, K. Hwang, and Y.K. Kwok, “Risk-Resilient Heuristics and Genetic Algorithms for Security-Assured Grid Job Scheduling,” IEEE Trans. Computers, vol. 55, no. 6, June 2006.
[26] J.A. Stankovic, M. Spuri, K. Ramamritham, and G.C. Buttazzo, Deadline Scheduling for Real-Time Systems: EDF and Related Algorithms. Kluwer Academic Publishers, 1998.
[27] V. Subramani, V.R. Kettimuthu, S. Srinivasan, J. Johnston, and P. Sadayappan, “Selective Buddy Allocation for Scheduling Parallel Jobs on Clusters,” Proc. Fourth IEEE Int'l Conf. Cluster Computing (CLUSTER '02), pp. 107-116, 2002.
[28] M.E. Thomadakis and J.-C. Liu, “On the Efficient Scheduling of Non-Periodic Tasks in Hard Real-Time Systems,” Proc. 20th IEEE Real-Time Systems Symp. (RTSS '99), pp. 148-151, 1999.
[29] A. Wagner, H.-W. Jin, D.K. Panda, and R. Riesen, “NIC-Based Offload of Dynamic User-Defined Modules for Myrinet Clusters,” Proc. Sixth IEEE Int'l Conf. Cluster Computing (CLUSTER '04), pp.205-214, 2004.
[30] B. Wilkinson and M. Allen, Parallel Programming, Techniques and Applications Using Networked Workstations and Parallel Computers. Prentice Hall, 1999.
[31] C.M. Woodside and G.G. Monforton, “Fast Allocation of Processes in Distributed and Parallel Systems,” IEEE Trans. Parallel and Distributed Systems, vol. 4, no. 2, pp. 164-174, Feb. 1993.
[32] T. Xie, “Security-Aware Scheduling for Real-Time Systems,” PhDdissertation, New Mexico Inst. Mining and Tech nology, May 2006.
[33] T. Xie and X. Qin, “Scheduling Security-Critical Real-Time Applications on Clusters,” IEEE Trans. Computers, vol. 55, no. 7, pp. 864-879, July 2006.
[34] T. Xie and X. Qin, “A New Allocation Scheme for Parallel Applications with Deadline and Security Constraints on Clusters,” Proc. Seventh IEEE Int'l Conf. Cluster Computing (CLUSTER '05), pp.1-10, 2005.
[35] T. Xie and X. Qin, “A Security Middleware Model for Real-time Applications on Grids,” IEICE Trans. Information and Systems, special issue on parallel/distributed computing and networking, vol. E89-D, no. 2, pp. 631-638, 2006.
[36] T. Xie and X. Qin, “A Security-Oriented Task Scheduler for Heterogeneous Distributed Systems,” Proc. 13th Ann. IEEE Int'l Conf. High-Performance Computing (HiPC '06), pp. 35-46, 2006.
[37] T. Xie, X. Qin, and M. Nijim, “SHARP: A New Real-Time Scheduling Algorithm to Improve Security of Parallel Applications on Heterogeneous Clusters,” Proc. 25th IEEE Int'l Performance Computing and Comm. Conf. (IPCCC '06), Apr. 2006.
[38] Q. Zheng and K.G. Shin, “On the Ability of Establishing Real-Time Channels in Point-to-Point Packet Switched Network,” IEEE Trans. Comm., vol. 42, pp. 1096-1105, 1994.