Wonjun Lee

The Design and Evaluation of Accountable Grid Computing System

Accountability is an important aspect of any computer system. It assures that every action executed in the system can be traced back to some entity. Accountability is even more crucial for assuring the safety and security in grid systems, given the very large number of users active in these sophisticated environments. However, to date no comprehensive approach to accountability for grid systems exists. Our work addresses such inadequacy by developing a comprehensive accountability system driven by policies and supported by accountability agents. In this paper we first discuss the requirements that have driven the design of our accountability system and then present some interesting aspects related to our accountability framework. We describe a fully working implementation of our accountability system, and conduct extensive experimental evaluations. Our experiments, carried out using the Emulab testbed, demonstrate that the implemented system is efficient and it scales for grid systems of large number of resources and users.

End-to-end accountability in grid computing systems for coalition information sharing

Accountability is crucial for any computer system. It assures that every action executed in the system can be traced back to some entity. Accountability for grid computing systems is even more crucial given the very large number of users and active entities in these systems. However, so far no comprehensive approach to accountability for grid systems exists. Our work addresses such lack by developing a comprehensive accountability system driven by policies and supported by accountability agents. This paper first discusses the requirements that have driven the design of our accountability system. It then presents the key elements of our approach, namely the accountability data, the accountability policy language, and the agents.

A Policy-Based Accountability Tool for Grid Computing Systems

The dynamic and multi-organizational nature of Grid systems requires effective and efficient accountability systems to scale for accommodating large number of users and resources. The availability of detailed and complete accountability data is crucial for both the Grid administrators and the overall Grid community. In this paper we present a layered architecture for addressing the end-to-end accountability problem. We introduce the concept of accountability agents, entities in charge of collecting accountability data, keeping track of submitted jobs and their users. We present a simple yet effective language to specify the relevant accountability data to be collected and selectively distributed by the accountability agents. Additionally, we design a decentralized and scalable approach to accountability, so to be able to monitor jobs workflow with relatively little intrusion.

Detection and Protection against Distributed Denial of Service Attacks in Accountable Grid Computing Systems

By exploiting existing vulnerabilities, malicious parties can take advantage of resources made available by grid systems to attack mission-critical websites or the grid itself. In this paper, we present two approaches for protecting against attacks targeting sites outside or inside the grid. Our approach is based on special-purpose software agents that collect provenance and resource usage data in order to perform detection and protection. We show the effectiveness and the efficiency of our approach by conducting various experiments on an emulated grid test-bed.

Profile-Based Selection of Accountability Policies in Grid Computing Systems

Accountability in grid computing systems is an important requirement, in that it makes it possible to control activities of users and resource providers through the collection and analysis of accountability data. The accountability policies specify what to collect and when, and more importantly how to coordinate the data collection among different administrative domains. If elements of the data to be sent from a node to another are missing or different from the ones required by the policy due to the insufficient capabilities of the node to collect data, conflicts -- inability to comply - may occur. To solve such conflicts and yet obtain flexible accountability processes, we propose a profile-based policy selection mechanism. We show how by this mechanism we can adapt the accountability policies according to the specific features of jobs and nodes, while at the same time achieving a minimum level of accountability.

Bringing high performance climate modeling into the classroom

Climate science educators face great challenges on combining theory with hands-on practices in teaching climate modeling. Typical model runs require large computation and storage resources that may not be available on a campus. Additionally, the training and support required to bring novices up to speed would consume significant class time. The same challenges also exist across many other science and engineering disciplines. The TeraGrid science gateway program is leading the way of a new paradigm in addressing such challenges. As part of the TeraGrid science gateway initiative, The Purdue CCSM portal aims at assisting both research and education users to run Community Climate System Model (CCSM) simulations using the TeraGrid high performance computing resources. It provides a one-stop shop for creating, configuring, running CCSM simulations as well as managing jobs and processing output data. The CCSM portal was used in a Purdue graduate class for students to get hands-on experience with running world class climate simulations and use the results to study climate change impact on political policies. The CCSM portal is based on a service-oriented architecture with multiple interfaces to facilitate training. This paper describes the design of the CCSM portal with the goal of supporting classroom users, the challenges of utilizing the portal in a classroom setting, and the solutions implemented. We present two student projects from the fall 2009 class that successfully used the CCSM portal.

Vulnerabilities leading to denial of services attacks in grid computing systems: a survey

Grid is designed with no security in mind at first. The complexity and scalability of grid architecture make easy for intruders to attack the system in several ways. In this paper, we discuss several possible or known vulnerabilities existing in each layer of the grid system. Attackers can take advantage of such vulnerabilities to break into grid systems and exploit grid resource to launch Denial of Service attack targeting servers located outside the grid such as mission critical web servers, or internal node inside the grid by shutting down one of important grid components.

An assessment of accountability policies for large-scale distributed computing systems

Grid computing systems offer resources to solve large-scale computational problems and are thus widely used in a large variety of domains, including computational sciences, energy management, and defense. Accountability in these application domains is an important requirement, in that it enables controlling activities of users and resource providers through the collection and analysis of accountability data. However, because it is not feasible to simply collect all the potentially useful data, we propose an accountability policy language to simplify administration tasks. In this paper, we show the efficiency of a system that we have developed to implement the language. We first present a short overview of the system, and then assess the proposed accountability policies based on the experiments.

Hiding Kernel Level Rootkits Using Buffer Overflow and Return Oriented Programming

Kernel Level Rootkits are malwares that can be installed and hidden on a user’s computer without revealing their existence. The goal of all rootkits is to carry out malicious execution while being hidden as long as possible on the user’s system. We have developed and demonstrated, such a hiding technique for kernel level rootkits from static detection mechanisms. The hiding mechanism uses Return Oriented Programming, which allows the user to execute malicious code in the presence of certain inbuilt security defenses and detection tools. In this technique, an attacker diverts the control flow without injecting any new code in the program overflowing the buffer. We chain together short instruction sequences already present in a program’s address space, each of which ends in a “return” instruction. This implemented hiding technique was tested using a custom detection tool which performs static analysis, for specified malicious behavior patterns along with other techniques. We have also examined it with other detection techniques. Experimental results indicate that our prototype was effective in hiding kernel level rootkits.

Secure Cloud Container: Runtime Behavior Monitoring Using Most Privileged Container (MPC)

Hypervisor-based virtualization rapidly becomes a commodity, and it turns valuable in many scenarios such as resource optimization, uptime maximization, and consolidation. Container-based application virtualization is an appropriate solution to develop a light weighted partitioning by providing application isolation with less overhead. Undoubtedly, container based virtualization delivers a lightweight and efficient environment, however raises some security concerns as it allows isolated processes to utilize an underlying host kernel. A new security layer with the Most Privileged Container (MPC) is proposed in this article. The proposed MPC layer exhibits three main functional blocks: Access policies, Black list database, and Runtime monitoring. The introduced MPC layer implements privilege based access control and assigns resource access permissions based on policies and the security profiles of containerized application user processes. Furthermore, the monitoring block examines the runtime behavior of containers and black list database is updated if the container violets its policies. The proposed MPC layer provides higher level of application container security against potential threats.