ABSTRACT
This paper presents Sharp, a framework for secure distributed resource management in an Internet-scale computing infrastructure. The cornerstone of Sharp is a construct to represent cryptographically protected resource <it>claims</it>---promises or rights to control resources for designated time intervals---together with secure mechanisms to subdivide and delegate claims across a network of resource managers. These mechanisms enable flexible <it>resource peering</it>: sites may trade their resources with peering partners or contribute them to a federation according to local policies. A separation of claims into <it>tickets</it> and <it>leases</it> allows coordinated resource management across the system while preserving site autonomy and local control over resources. Sharp also introduces mechanisms for controlled, accountable <it>oversubscription</it> of resource claims as a fundamental tool for dependable, efficient resource management. We present experimental results from a Sharp prototype for PlanetLab, and illustrate its use with a decentralized barter economy for global PlanetLab resources. The results demonstrate the power and practicality of the architecture, and the effectiveness of oversubscription for protecting resource availability in the presence of failures.
- Karl Aberer and Zoran Despotovic. Managing Trust in a Peer to Peer Information System. In Tenth International Conference on Information and Knowledge Management, November 2001.]] Google ScholarDigital Library
- Mike Accetta, Robert Baron, William Bolosky, David Golub, Richard Rashid, Avadis Tevanian, and Michael Young. Mach: A New Kernel Foundation For UNIX Development. In Proceedings of the 1986 USENIX Summer Conference, pages 93--112, June 1986.]]Google Scholar
- William Adjie-Winoto, Elliot Schwartz, Hari Balakrishnan, and Jeremy Lilley. The Design and Implementation of an Intentional Naming System. In Symposium on Operating Systems Principles, December 1999.]] Google ScholarDigital Library
- D. Scott Alexander, Paul B. Menage, Angelos D. Keromytis, William A. Arbaugh, Kostas G. Anagnostakis, and Jonathan M. Smith. The Price of Safety in an Active Network. Journal of Communications and Networks, 3(1):4--18, March 2001.]]Google ScholarCross Ref
- K. Appleby, S. Fakhouri, L. Fong, G. Goldszmidt, M. Kalantar, S. Krishnakumar, D. Pazel, J. Pershing, and B. Rochwerger. Oceano - SLA Based Management of a Computing Utility. In Proceedings of the 7th IFIP/IEEE International Symposium on Integrated Network Management, May 2001.]]Google ScholarCross Ref
- Gaurav Banga, Peter Druschel, and Jeffrey~C. Mogul. Resource Containers: A New Facility for Resource Management in Server Systems. In Third Symposium on Operating Systems Design and Implementation, February 1999.]] Google ScholarDigital Library
- Andy Bavier, Thiemo Voigt, Mike Wawrzoniak, Larry Peterson, and Per Gunningberg. SILK: Scout Paths in the Linux Kernel. Technical Report 2002-009, Department of Information Technology, Uppsala University, Uppsala, Sweden, February 2002.]]Google Scholar
- Micah Beck, Terry Moore, James S. Plank, and Martin Swany. Active Middleware Services (Salim Hariri, Craig A. Lee, and Cauligi S. Raghavendra editors), chapter Logistical Networking: Sharing More Than the Wires. Kluwer Academic, Norwell, MA, 2000.]]Google Scholar
- Eshwar Belani, Amin Vahdat, Thomas Anderson, and Michael Dahlin. The CRISIS Wide Area Security Architecture. In Proceedings of the USENIX Security Symposium, San Antonio, Texas, January 1998.]] Google ScholarDigital Library
- Matt Blaze, Joan Feigenbaum, and Jack Lacy. Decentralized Trust Management. In Proceedings of the IEEE Symposium on Security and Privacy, May 1996.]] Google ScholarDigital Library
- Rebecca Braynard, Dejan Kostić, Adolfo Rodriguez, Jeffrey Chase, and Amin Vahdat. Opus: an Overlay Peer Utility Service. In Proceedings of the 5th International Conference on Open Architectures and Network Programming (OPENARCH), June 2002.]]Google ScholarCross Ref
- Randy Butler, Von Welch, Douglas Engert, Ian Foster, Steven Tuecke, John Volmer, and Carl Kesselman. A National-Scale Authentication Infrastructure. IEEE Computer, 33(12):60--66, December 2000.]] Google ScholarDigital Library
- Jeffrey S. Chase, Darrell C. Anderson, Prachi N. Thakar, Amin M. Vahdat, and Ronald P. Doyle. Managing Energy and Server Resources in Hosting Centers. In Proceedings of the 18th ACM Symposium on Operating System Principles (SOSP), pages 103--116, October 2001.]] Google ScholarDigital Library
- Jeffrey S. Chase, Laura E. Grit, David E. Irwin, Justin D. Moore, and Sara E. Sprenkle. Dynamic Virtual Clusters in a Grid Site Manager. In Proceedings of the Twelfth International Symposium on High Performance Distributed Computing (HPDC-12), June 2003.]] Google ScholarDigital Library
- Brent N. Chun and David E. Culler. User-centric Performance Analysis of Market-based Cluster Batch Schedulers. In 2nd IEEE International Symposium on Cluster Computing and the Grid, May 2002.]] Google ScholarDigital Library
- Landon Cox and Brian Noble. Samsara: Honor Among Thieves in Peer-to-Peer Storage. In Proceedings of the ACM Symposium on Operating Systems Principles, October 2003.]] Google ScholarDigital Library
- Karl Czajkowski, Steven Fitzgerald, Ian Foster, and Carl Kesselman. Grid Information Services for Distributed Resource Sharing. In Proceedings of the Tenth IEEE International Symposium on High-Performance Distributed Computing (HPDC), August 2001.]] Google ScholarDigital Library
- Karl Czajkowski, Iand Foster, Carl Kesselman, Von Sander, and Steven Tuecke. SNAP: A Protocol for Negotiating Service Level Agreements and Coordinating Resource Management in Distributed Systems. In 8th Workshop on Job Scheduling Strategies for Parallel Processing, July 2002.]] Google ScholarDigital Library
- John Douceur. The Sybil Attack. In International Peer-to-Peer Symposium, February 2002.]] Google ScholarDigital Library
- Ronald P. Doyle, Omer Asad, Wei Jin, Jeffrey S. Chase, and Amin Vahdat. Model-Based Resource Provisioning in a Web Service Utility. In Proceedings of the Fourth USENIX Symposium on Internet Technologies and Systems (USITS), March 2003.]] Google ScholarDigital Library
- Boris Dragovic, Keir Fraser, Steve Hand, Tim Harris, Alex Ho, Ian Pratt, Andrew Warfield, Paul Barham, and Rolf Neugebauer. Xen and the Art of Virtualization. In Proceedings of the ACM Symposium on Operating Systems Principles, October 2003.]] Google ScholarDigital Library
- Ian Foster, Carl Kesselman, Craig Lee, Robert Lindell, Klara Nahrstedt, and Alain Roy. A Distributed Resource Management Architecture that Supports Advance Reservations and Co-Allocation. In Proceedings of the International Workshop on Quality of Service (IWQoS), June 1999.]]Google ScholarCross Ref
- Ian Foster, Carl Kesselman, Jeffrey Nick, and Steven Tuecke. The Physiology of the Grid: An Open Grid Services Architecture for Distributed Systems Integration. In Open Grid Service Infrastructure Working Group, Global Grid Forum, June 2002.]]Google Scholar
- Garth A. Gibson, David F. Nagle, Khalil Amiri, Fay W. Chang, Howard Gobioff, Charles Hardin, Erik Riedel, David Rochberg, and Jim Zelenka. A Cost-Effective, High-Bandwidth Storage Architecture. In Proceedings of the Eighth International Conference on Architectural Support for Programming Languages and Operating Systems, October 1998.]] Google ScholarDigital Library
- C. Gray and D. Cheriton. Leases: An Efficient Fault-Tolerant Mechanism for Distributed File Cache Consistency. In Proceedings of the 12th ACM Symposium on Operating Systems Principles, pages 202--210, 1989.]] Google ScholarDigital Library
- M. Frans Kaashoek, Dawson R. Engler, Gregory R. Ganger, Hector M. Briceno, Russell Hunt, David Mazieres, Thomas Pinckney, Robert Grimm, John Jannotti, and Kenneth Mackenzie. Application Performance and Flexibility on Exokernel Systems. In Proceedings of the 16th ACM Symposium on Operating Systems Principles (SOSP), October 1997.]] Google ScholarDigital Library
- Butler Lampson, Martin Abadi, Michael Burrows, and Edward Wobber. Authentication in Distributed Systems: Theory and Practice. In The 13th ACM Symposium on Operating Systems Principles, pages 165--182, October 1991.]] Google ScholarDigital Library
- Butler W. Lampson. How to Build a Highly Available System Using Consensus. In Babaoglu and Marzullo, editors, 10th International Workshop on Distributed Algorithms (WDAG 96), volume 1151, pages 1--17. Springer-Verlag, Berlin Germany, 1996.]] Google ScholarDigital Library
- Seungjoon Lee, Rob Sherwood, and Bobby Bhattacharjee. Cooperative Peer Groups in NICE. In IEEE INFOCOM, April 2003.]]Google ScholarCross Ref
- Ian Leslie, Derek McAuley, Richard Black, Timothy Roscoe, Paul Barham, David Evers, Robin Fairbairns, and Eoin Hyden. The Design and Implementation of an Operating System to Support Distributed Multimedia Applications. IEEE Journal on Selected Areas In Communications, 14(7):1280--1297, September 1996.]]Google ScholarDigital Library
- Henry M. Levy. Capability-Based Computer Systems. Digital Press, Bedford, Massachusetts, 1984.]] Google ScholarDigital Library
- David Mazieres, Michael Kaminsky, M. Frans Kaashoek, and Emmett Witchel. Separating Key Management From File System Security. In Proceedings of the 17th ACM Symposium on Operating System Principles (SOSP), December 1999.]] Google ScholarDigital Library
- B. C. Neuman. Proxy-Based Authorization and Accounting for Distributed Systems. In Proceedings of the 13th International Conference on Distributed Computing Systems, May 1993.]]Google ScholarCross Ref
- Tsuen-Wan Ngan, Dan Wallach, and Peter Druschel. Enforcing Fair Sharing of Peer-to-Peer Resources. In Proceedings of the International Peer to Peer Symposium, February 2003.]]Google Scholar
- Laura Pearlman, Von Welch, Ian Foster, Carl Kesselman, and Steven Tuecke. A Community Authorization Service for Group Collaboration. In Proceedings of the IEEE 3rd International Workshop on Policies for Distributed Systems and Networks, June 2002.]] Google ScholarDigital Library
- Larry Peterson, Tom Anderson, David Culler, and Timothy Roscoe. A Blueprint for Introducing Disruptive Technology into the Internet. In Proceedings of ACM HotNets-I, October 2002.]]Google Scholar
- Rajesh Raman, Miron Livny, and Marvin Solomon. Matchmaking: Distributed Resource Management for High Throughput Computing. In Proceedings of the Seventh IEEE International Symposium on High Performance Distributed Computing (HPDC), July 1998.]] Google ScholarDigital Library
- Jeff Shneidman and David Parkes. Rationality and Self-Interest in Peer to Peer Networks. In Proceedings of the International Peer to Peer Symposium, February 2003.]]Google ScholarCross Ref
- Jennifer G. Steiner, Clifford Neuman, and Jeffrey I. Schiller. Kerberos: An Authentication Service for Open Network Systems. In Proceedings of the USENIX Technical Conference, March 1988.]]Google Scholar
- Andrew Tanenbaum, Sape Mullender, and Robert van Renesse. Using Sparse Capabilities in a Distributed Operating System. In Proceedings of the 6th International Conference on Distributed Computing Systems (ICDCS), May 1986.]]Google Scholar
- Bhuvan Urgaonkar, Prashant Shenoy, and Timothy Roscoe. Resource Overbooking and Application Profiling in Shared Hosting Platforms. In Proceedings of the Fifth Symposium on Operating Systems Design and Implementation (OSDI), December 2002.]] Google ScholarDigital Library
- Virtual Private Servers and Security Contexts. http://www.solucorp.qc.ca/miscprj/s_context.hc, 2002.]]Google Scholar
- Jim Waldo. The Jini Architecture for Network-centric Computing. Communications of the ACM, 42(7):76--82, July 1999.]] Google ScholarDigital Library
- Carl A. Waldspurger. Memory Resource Management in VMware ESX Server. In Symposium on Operating Systems Design and Implementation, December 2002.]] Google ScholarDigital Library
- Carl A. Waldspurger, Tad Hogg, Bernardo A. Huberman, Jeffrey O. Kephart, and W. Scott Stornetta. Spawn: A Distributed Computational Economy. Software Engineering, 18(2):103--117, February 1992.]] Google ScholarDigital Library
- Carl A. Waldspurger and William E. Weihl. Lottery Scheduling: Flexible Proportional-Share Resource Management. In Operating Systems Design and Implementation, pages 1--11, Novemeber 1994.]] Google ScholarDigital Library
- Andrew Whitaker, Marianne Shaw, and Steven D. Gribble. Denali: Lightweight Virtual Machines for Distributed and Networked Applications. In Proceedings of Operating Systems Design and Implementation, December 2002.]]Google Scholar
- Brian White, Jay Lepreau, Leigh Stoller, Robert Ricci, Shashi Guruprasad, Mac Newbold, Mike Hibler, Chad Barb, and Abhijeet Joglekar. An Integrated Experimental Environment for Distributed Systems and Networks. In Proceedings of the 5th Symposium on Operating Systems Design and Implementation (OSDI), December 2002.]] Google ScholarDigital Library
- John Wilkes, Patrick Goldsack, G. (John) Janakiraman, Lance Russell, Sharad Singhal, and Andrew Thomas. eOS: the Dawn of the Resource Economy. In Workshop on Hot Topics in Operating Systems (HotOS), May 2001.]] Google ScholarDigital Library
- Edward Wobber, Martin Abadi, Michael Burrows, and Butler Lampson. Authentication in the Taos Operating System. In Proceedings of the Fourteenth ACM Symposium on Operating Systems Principles, pages 256--269, December 1993.]] Google ScholarDigital Library
- Jian Yin, Lorenzo Alvisi, Michael Dahlin, and Arun Iyengar. Engineering Server-Driven Consistency for Large Scale Dynamic Web Services. In Proceedings of the 2001 International World Wide Web Conference, May 2001.]] Google ScholarDigital Library
- Haifeng Yu and Amin Vahdat. Design and Evaluation of a Conit-Based Continuous Consistency Model for Replicated Services. Transactions on Computer Systems, 20(3):239--282, August 2002.]] Google ScholarDigital Library
- Tao Zhao and Vijay Karamcheti. Enforcing Resource Sharing Agreements among Distributed Server Clusters. In Proceedings of the Sixteenth International Parallel and Distributed Processing Symposium (IPDPS), April 2002.]] Google ScholarDigital Library
- Phil Zimmerman. PGP User's Guide. Online Documentation, 1994.]]Google Scholar
Index Terms
- SHARP: an architecture for secure resource peering
Recommendations
SHARP: an architecture for secure resource peering
SOSP '03This paper presents Sharp, a framework for secure distributed resource management in an Internet-scale computing infrastructure. The cornerstone of Sharp is a construct to represent cryptographically protected resource <it>claims</it>---promises or ...
Dynamic Load Sharing in Peer-to-Peer Systems: When Some Peers Are More Equal than Others
Object caching and replication are the primary mechanisms for addressing load balancing in peer-to-peer systems. In structured P2P networks, object popularity compounds the challenge as both the request and forwarding loads increase for the nodes ...
Bandwidth allocation in peer-to-peer file sharing networks
We present a model of bandwidth allocation in a stylized peer-to-peer file sharing network with s peers (sharers) who share files and download from each other and f peers (freeriders) who download from sharers but do not contribute files. Assuming that ...
Comments