John Brooke

Semantic Matching of Grid Resource Descriptions

The ability to describe the Grid resources needed by applications is essential for developing seamless access to resources on the Grid. We consider the problem of resource description in the context of a resource broker being developed in the Grid Interoperability Project (GRIP) which is able to broker for resources described by several Grid middleware systems, GT2, GT3 and Unicore. We consider it necessary to utilise a semantic matching of these resource descriptions, firstly because there is currently no common standard, but more fundamentally because we wish to make the Grid transparent at the application level. We show how the semantic approach to resource description facilitates both these aims and present the GRIP broker as a working prototype of this approach.

Authentication Mechanisms for Mobile Ad-Hoc Networks and Resistance to Sybil Attack

In Sybil attack, an attacker acquires multiple identities and uses them simultaneously or one by one to attack various operation of the network. Such attacks pose a serious threat to the security of self-organized networks like mobile ad-hoc networks (MANETs) that require unique and unchangeable identity per node for detecting routing misbehavior and reliable computation of nodes reputation. The purpose of this paper is to analyze the effectiveness of current authentication mechanism for MANETs in coping with the Sybil attack, the infrastructure requirement posed by these mechanisms and applicability of these mechanisms to different kinds of ad hoc networks. We identify open research issues that need to be addressed by the next generation of authentication mechanisms for MANETs.

A Framework & Negotiation Protocol for Service Contracts

This paper presents a specification for a domain-independent, symmetrical, two-party negotiation protocol to reach binding agreements between services based on the principles of contract law. The protocol is necessary as existing specifications, such as WS-agreement, lack the capability to form negotiated agreements and lack sufficient rigor in their design. This leads to ambiguities in their interpretations and, therefore, possible interoperability problems between different implementations. The negotiation protocol fits into the modular, high-level framework also presented here, that can be completed using a variety of existing contract monitoring and management procedures

Visual Supercomputing: Technologies, Applications and Challenges

If we were to have a Grid infrastructure for visualization, what technologies would be needed to build such an infrastructure, what kind of applications would benefit from it, and what challenges are we facing in order to accomplish this goal? In this survey paper, we make use of the term ‘visual supercomputing’ to encapsulate a subject domain concerning the infrastructural technology for visualization. We consider a broad range of scientific and technological advances in computer graphics and visualization, which are relevant to visual supercomputing. We identify the state‐of‐the‐art technologies that have prepared us for building such an infrastructure. We examine a collection of applications that would benefit enormously from such an infrastructure, and discuss their technical requirements. We propose a set of challenges that may guide our strategic efforts in the coming years.

Century-scale persistence in longitude distribution in the Sun and in silico

Using Greenwich sunspot data for 120 years it was recently observed that activity regions on the Suns surface tend to lie along smoothly changing longitude strips 180 ◦ apart from each other. However, numerical experiments with random input data show that most, if not all, of the observed longitude discrimination can be an artifact of the analysis method.

Enabling scientific collaboration on the Grid

We examine the problem of supporting access by collaborations of scientists to Grid resources. Our aim is to support dynamic collaborations, by which we mean collaborations that can be easily formed and easily dissolved. We argue that current technology for creating Virtual Organisations has difficulty meeting this requirement. We propose an alternative structure, called an Alliance, based on a separation of the mechanisms for forming collaborations of people from the mechanisms for allocating and integrating resources in a Grid infrastructure. The key tools for achieving the Alliance are, firstly, a security architecture and, secondly, an ontological approach to the defining of roles and processes within an organisation. An example is presented to show how these tools can be implemented without needing to change current existing Grid middleware.

Kinematic frames and "active longitudes": does the Sun have a face?

Context. It has recently been claimed that analysis of Greenwich sunspot data over 120 years reveals that sunspot activity clusters around two longitudes separated by 180 ◦ (“active longitudes”) with clearly defined differential rotation during activity cycles. In previous work we demonstrated that such effects can be observed in synthetic data without such features, as an artefact of the method of analysis. Aims. In the present work we extend this critical examination of methodology to the actual Greenwich sunspot data and also consider newly proposed methods of analysis claiming to confirm the original identification of active longitudes. Methods. We performed fits of different kinematic frames onto the actual sunspot data. Firstly, a cell-counting statistic was used to analyse a comoving system of frames and show that such frames extract useful information from the data. Secondly, to check the claim of century-scale persistent active longitudes in a contramoving frame system, we made a comprehensive exploration of parameter space following the original methodology as closely as possible. Results. Our analysis revealed that values obtained for the parameters of differential rotation are not stable across different methods of analysis proposed to track persistent active longitudes. Also, despite a very thorough search in parameter space, we were unable to reproduce results claiming to reveal the century-persistent active longitudes. Previous parameter space exploration has been restricted to frames whose latitudinal profile is opposite to solar surface differential rotation. Relaxing this restriction we found that the highest values of nonaxisymmetry occur for frames comoving with the solar surface flow. Further analysis indicates that even these solutions are the result of purely statistical fluctuations. Conclusions. We can therefore say that strong and well substantiated evidence for an essential and century-scale persistent nonaxisymmetry in the sunspot distribution does not exist.

In-out intermittency in partial differential equation and ordinary differential equation models

We find concrete evidence for a recently discovered form of intermittency, referred to as in-out intermittency, in both partial differential equation (PDE) and ordinary differential equation (ODE) models of mean field dynamos. This type of intermittency [introduced in P. Ashwin, E. Covas, and R. Tavakol, Nonlinearity 9, 563 (1999)] occurs in systems with invariant submanifolds and, as opposed to on-off intermittency which can also occur in skew product systems, it requires an absence of skew product structure. By this we mean that the dynamics on the attractor intermittent to the invariant manifold cannot be expressed simply as the dynamics on the invariant subspace forcing the transverse dynamics; the transverse dynamics will alter that tangential to the invariant subspace when one is far enough away from the invariant manifold. Since general systems with invariant submanifolds are not likely to have skew product structure, this type of behavior may be of physical relevance in a variety of dynamical settings. The models employed here to demonstrate in-out intermittency are axisymmetric mean-field dynamo models which are often used to study the observed large-scale magnetic variability in the Sun and solar-type stars. The occurrence of this type of intermittency in such models may be of interest in understanding some aspects of such variabilities. (c) 2001 American Institute of Physics.Employing some recent results in dynamics of systems with invariant subspaces we find evidence in both truncated and full axisymmetric mean-field dynamo models of a recently discovered type of intermittency, referred to as in-out intermittency. This is a generalised form of on-off intermittency that can occur in systems that are not skew products. As far as we are aware this is the first time detailed evidence has been produced for the occurrence of a particular form of intermittency for such deterministic PDE models and their truncations. The specific signatures of this form of intermittency make it possible in principle to look for such behaviour in solar and stellar observations. Also in view of its generality, this type of intermittency is likely to occur in other physical models with invariant subspaces.

Towards Sybil Resistant Authentication in Mobile Ad Hoc Networks

In Sybil attack, an attacker acquires multiple identities and uses them simultaneously or one by one to attack network operations. Such attacks pose a serious threat to the security of self-organized networks like Mobile Ad hoc Networks (MANETs) that require unique and unchangeable identity per node for detecting routing misbehavior and reliable computation of node’s reputation. Current authentication mechanisms for MANETs are vulnerable to Sybil attack unless they resort to some out of band method like physical contact between nodes for building trust or relying on a Trusted Third Party (TTP) for issuing a unique and unchangeable identity to each node. In this paper we present an authentication mechanism for MANETs that utilizes hardware id of the device of each node for authentication. An authentication agent is developed that verifies the hardware id of the authenticatee node. A comprehensive defense model is employed to protect the authentication agent from various static and dynamic attacks from a potentially malicious authenticatee node. Security of authenticatee node is assured by involving a TTP that signs the authentication agent, verifying that it will perform only intended function and is safe to execute. With this minimal involvement of the TTP, the proposed authentication scheme offers increased resistance to the Sybil attack. The attacker is now required to either thwart agent protection mechanisms or to acquire multiple devices with different hardware ids, in order to gain multiple identities

Formal Modelling of a Usable Identity Management Solution for Virtual Organisations

This paper attempts to accurately model security requirements for computational grid environments with particular focus on authentication. We introduce the Audited Credential Delegation (ACD) architecture as a solution to some of the virtual organisations identity management usability problems. The approach uses two complementary models: one is state based, described in Z notation, and the other is event-based, expressed in the Process Algebra of Hoares Communicating Sequential Processes (CSP). The former will be used to capture the state of the WS and to model back-end operations on it whereas the latter will be used to model behavior, and in particular, front-end interactions and communications. The modelling helps to clearly and precisely understand functional and security requirements and provide a basis for verifying that the system meets its intended requirements.