Yiduo Mei

An Energy-Efficient Management Mechanism for Large-Scale Server Clusters

With the increase of the computing demand, high performance server clusters are becoming one of the most important computing infrastructures. The current clusters are designed to meet peak load with all the computing resources keeping running. However, this static reservation with full computing resources can not adapt to the time-varying computing requirement, and may incur low resource utilization and needless power consumption when the cluster system is underloaded. In this paper, we present an extensible architecture of cluster management system. This architecture promises a good extensibility by integrating job scheduler and resource manager in loose couple. Concentrating on the power saving of large-scale clusters, we describe the power model of servers, and based on the presented management system architecture, we propose a novel resource management way, adaptive pool based resource management (APRM) method, for adaptive provision of computing resources in accordance with the time- varying workload demand. APRM enables a cost- effective operating by providing dynamic computing capacity with automatic resource control. We validated APRM on the energy efficiency and quality of service (QoS) by simulation measurement, and the results showed that APRM yields significant power saving with little impact on QoS.

Towards Automated Trust Negotiation for Grids

Trust is an important aspect of decision making for grid applications. It has been a fundamental but challenging problem to gain assurance of the trustworthiness of service providers or requesters. This paper proposes a novel trust negotiation framework, ENVOY, to establish trust relationship between service providers and requesters in grids. ENVOY supports various kinds of delegation by leveraging attribute-based credentials and defines delegation range expediently by using attribute constraint, and we develop a negotiation strategy based on protection tree to support ENVOY, which provides the support for protection of sensitive information of the two negotiation parties. Moreover, ENVOY employs multithreaded technology and trust ticket to speed up negotiation. This paper describes the implementation of ENVOY and designs experiments to evaluate its performance, and the experimental results show that it is applicable.

EntityTrust: Feedback credibility-based global reputation mechanism in cooperative computing system

Trust and reputation are important decision-making factors in cooperative computing systems. It is a fundamental but challenging task for reputation systems to estimate entitys reputation accurately and efficiently in distributed environment. We propose EntityTrust, a global reputation mechanism in cooperative computing systems. EntityTrust introduces a new direct feedback metrics to reflect the dynamic feature of trust. Besides that, an entitys feedback credibility can affect its reputation in a direct way. Experimental results show that EntityTrust can improve the accuracy and efficiency of evaluation for global reputation. Moreover, it can effectively combat malicious behaviors presented in the cooperative communities.

FORT: A decentralized automated trust negotiation framework for grids

Trust has been recognized as an important factor for grid security. This paper proposes a decentralized automated trust negotiation framework, FORT, to establish trust relationship between service providers and service requesters in grids. FORT presents many innovative features. First, FORT is decentralized, so it scales well and is well-suited for large-scale grids. Second, FORT refines its policy language with attribute constraint, so it can provide the support for effective protection of sensitive information of the two negotiation parties and flexible limitation of delegation range. Last, we employ multithreaded technology to speed up negotiation. This paper depicts the implementation of FORT and designs experiments to evaluate its performance. Experimental results show that FORT can effectively protect sensitive services at the cost of little performance of systems and is scalable.

Taxonomy and an Ontology for Grid Metrics

Grid metrics is the essential way for both human and software (machine) to understand the state of a grid system and evaluate its performance. To achieve a better insight into the grid system, the knowledge and profiling of grid metrics are indispensable for the selection and calculation of metrics. We formulate the resource model and workflow model in grid, then introduce an ontology to capture critical characteristics of grid metrics. Based on the ontology, a taxonomy is proposed to organize and characterize grid metrics to build general knowledge of them. Better understanding of grid metrics helps for further decision-making such as designing monitoring services or improving system performance.

Automated Trust Negotiation Based on Concurrent Zero-Knowledge for e-Business Applications

Exchange of attribute certificates is a means to establish mutual trust between strangers wishing to share resources or conduct business transactions. Automated trust negotiation (ATN) is a promising approach to regulating the exchange of sensitive information during this process. It has been a fundamental but challenging problem to preserve the privacy of the two negotiation parties during the period of ATN. We present the enhanced hidden credentials and improved concurrent zero-knowledge proof protocol. Based on the above technologies, we propose an ATN for e-business applications, named CASTLE. CASTLE can not only enable the oblivious and selective usage of an attribute or a certificate, but also be resistible for many attacks, especially conspiracy attack. We illustrate the usage of CASTLE through a typical example.

CASTTE: A Trust Management for Securing the Grid

It has been a fundamental but challenging problem to gain assurance of the trustworthiness of service providers or requesters and ensure their interests. We present the formal definition of trust management, and then propose a trust management, CASTTE, to secure sensitive services and requesters in grids. CASTTE verifies access trust by using trust negotiation so as to protect sensitive services, and protects sensitive information of the two negotiators effectively by using a negotiation strategy based on protection tree. Furthermore, we utilize trust force to specify provision trust and apply trust force to service selection. This paper implements CASTTE and designs experiments to evaluate its performance. The experimental results show that it can not only protect sensitive services at the cost of little performance of systems, but also identify good services from bad ones effectively.

A Framework for Reputation Management in Large-Scale Distributed Systems

The increasing security requirements for distributed collaborations, as well as the trend toward large-scale and remote geographically-dispersed computer systems, have created a growing demand for better trustfulness evaluation of participants involved in the collaboration. We propose a novel local-weighted and global feedback-based reputation framework for reputation management to facilitate secure collaborations in large-scale distributed systems. Different from existing works, we evaluate feedback trustfulness of participants involved in the collaboration in our proposed framework. Experimental results show that our proposed framework is applicable, effective and robust in combating malicious participants and malicious behaviors in large-scale distributed systems such as peer-to-peer networks.

Effective Reformulation for Resource Allocation in Computational Grid

Grid enables resource sharing and dynamic allocation of computational resources. It is a great challenge to make numerous resources available on-demand to guarantee the Quality-of-Service for jobs. This paper presents a two-stage optimization model for resource allocation in grid. Job constraints are classified into mandatory constraints and negotiated constraints. In the first stage, a preprocessing procedure such as resource discovery deals with the mandatory constraints. This has been fulfilled as our previous work. In the second stage, negotiated constraints are treated as Knapsack Problem-based optimization problem. Centralized scheduling and decentralized scheduling have been considered in this paper. This work is fulfilled as part of the Constellation Model for grid resource management. We formulate centralized scheduling as Multi-Constraint Multiple Knapsack Problem (MCMKP). In centralized scheduling, jobs are submitted to a global job queue. A global scheduler assigns each job to a proper grid site according to the scheduling strategy. The scheduling is done periodically (e.g. daily or weekly). We formulate decentralized scheduling as Multi-Dimensional Knapsack Problem (MDKP). In decentralized scheduling, jobs are submitted to local job queues. Allocation decisions are made by local schedulers individually. Jobs that can not be executed immediately are sent to a global waiting queue. When local scheduling is initialized, a local scheduler can select jobs from both the local job queue and the global waiting queue. Objectives of both centralized scheduling and decentralized scheduling are to optimize the utility defined by a grid economy approach. The defined utility makes the trade-offs between user-concerned metrics and system-concerned metrics. Heuristic algorithms such as Very Large-Scale Neighborhood Search proposed by R. K. Ahuja and C. B. Cunha [2005] can be used to solve the combinatorial optimization problem. We implemented a prototype of the Constellation Model. Genetic algorithms for constrained optimization which is proposed by S. Venkatraman and G. G. Yen [2005] have been implemented to solve the above optimization problems. Experimental results show that, performance metrics such as gained utility, response rate, and resource utilization are improved and resources are allocated in an optimal way.

A Novel Automated Trust Negotiation Framework for Securing Grids

Automated Trust Negotiation (ATN) is a promising approach to allowing strangers to access sensitive services in open environments. Although many ATN systems are proposed, some issues still remain to be addressed: 1) they are centralized and cannot scale well; and 2) their policy languages are coarse-grained. To address the above problems and secure grids, we present a novel automated trust negotiation framework, FORT, to establish trust relationship between service providers and service requesters. FORT is decentralized, so it scales well. Furthermore, we utilize attribute constraints to refine its language. This paper implements FORT and designs experiments to evaluate its performance. Experimental results show that FORT can effectively protect sensitive services at the cost of little performance of systems and scale well.