security-aware scheduling for real-time parallel applications on clusters
DESCRIPTION
Outline: 1. Motivation Problem Statement Motivations 2. A Security-Aware Middleware Model Architecture of the Security Middleware Model Quality of Security Control Manager Security Service Requirements Specification 3. Security Overhead Models Confidentiality Overhead Integrity Overhead Authentication Overhead 4. A Task Allocation Scheme Mathematical Models System Models Task Models The TAPADS Task Allocation Scheme Performance Evaluation 5. Improving Security for Local Disk Systems Motivation Architecture and Disk Requests with Security Requirements An Adaptive Write Strategy Performance Evaluation Synthetic Benchmarks Real I/O-Intensive Applications 6. Quality of Security Adaptation for Cluster Storage Systems System Architecture The Framework Data Partitioning Estimating Response Times The Quality of Security Control Algorithm Performance Evaluation 7. ConclusionsTRANSCRIPT
![Page 1: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/1.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
1
Security-Aware Scheduling for Real-Time Parallel Applications on Clusters
Xiao Qin
![Page 2: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/2.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
2
Clusters
![Page 3: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/3.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
3
The PrairieFire Cluster at the University of Nebraska-Lincoln
![Page 4: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/4.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
4
Parallel Applications on Clusters
![Page 5: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/5.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
5
Security-Sensitive Real-Time Applications
Online Transaction Stock Trading
![Page 6: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/6.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
6
Common Threats and Security Services
Snooping
Alteration
Spoofing
Confidentiality
Authentication
Integrity
![Page 7: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/7.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
7
Scheduling Plays a Key Role
Conventional scheduling algorithms are inadequate for security-sensitive real-time applications on clusters
A process of assigning tasks to a set of resources
Head
Nodes
Tasks Users
![Page 8: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/8.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
8
Motivation
Improve Utilizatio
n
KeepLoad-Balancing
SupportScalability
Promote Throughput
EnableSecurity
Awareness
ReduceResponse
Time
![Page 9: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/9.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
9
Security-Aware System Architecture
OSHardware
Platform interfacePlatform interface
OSHardware
Middleware Services (including security services)
Low-Level Security Service APIs
User interface
Framework
Mapping to Middleware Services
Framework Private Service
Application Tool
High-Level Security Service APIs
Application Application
Quality of Security Control Manager (QSCM)
![Page 10: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/10.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
10
Quality of Security Control Manager - QSCM Module
Application Task
Application Task
Application Task
Low Level Security Service APIs
Global Security
Optimization
Local Security
Optimization
Security Optimization
Resource MonitoringSecurity Service 1
Security Service n
Local Schedulability
Analyzer
Quality of Security Control Manager
![Page 11: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/11.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
11
Task Submission StructureDEFINE Task : flight_control{
Input = (altitude: 1230, heading: 35, …); Output = (takeoff_distance, climb_rate);
Type = “Real Time”;Deadline = 80;Completion_Time = 0;Owner = “Gary Xie”;Cmd = “flight_con”;Processor_num= 5;Data_secured=250;Constraint Arch == “INTEL”; OS == “UNIX”; Disk >= 480;
Memory >=128; Deadline = 80;
0.3 <= Authentication <=0.6; 0.4 <= Integrity <= 0.8; 0.5 <= Confidentiality <= 0.9;}
![Page 12: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/12.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
12
Security Overhead Model
Security is achieved at the cost of performance degradation
P
S
SecurityOverheads
SP
![Page 13: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/13.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
13
Cryptographic Algorithms for Confidentiality Service
Cryptographic Algorithms
Security Level
Performance (KB/ms)
RC4 0.22 96.43
Blowfish 0.56 37.5
Knufu/Khafre 0.63 33.75
RC5 0.72 29.35
Rijndael 1.00 21.09
![Page 14: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/14.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
14
Hash Functions for Integrity Service
Hash Functions Security Level Performance (KB/ms)
MD4 0.18 23.90
MD5 0.26 17.09
RIPEMD 0.36 12.00
RIPEMD-128 0.45 9.73
SHA-1 0.63 6.88
RIPEMD-160 0.77 5.69
Tiger 1.00 4.36
![Page 15: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/15.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
15
Authentication Methods
Authentication Methods
Security Level Computation Time (ms)
HMAC-MD5 0.3 90
HMAC-SHA-1 0.6 148
CBC-MAC-AES 0.9 163
![Page 16: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/16.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
16
System Model
Rejected Queue
Dispatch Queue
Local Queue
N1
N2
NmUser
p
User 2
User 1
Schedule Queue
Admission Controller
Security Level
Optimizer
TAPADS
![Page 17: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/17.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
17
Parallel Application
A single application (job) that has multiple processes that run concurrently
t1
t11
e2
t4
t9
t8
t3
t2
t5 t6
t10
t7
e1
e3 e4 e5
e7e6 e10
e8 e9
![Page 18: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/18.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
18
Task Model
Deadline Constraints
Security Constraints
Precedence Constraints
![Page 19: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/19.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
19
Directed Acyclic Graphs (DAG)
a parallel application is defined as a vector (T, E, d) T: {t1, t2,...,tn}
E : a set of weighted and directed edges used to represent communication among tasks, e.g., (ti, tj) E is a message transmitted from task ti to tj
d : Deadline
![Page 20: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/20.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
20
A Task
A task ti = (ei, li, Si)
ei :execution time
li : amount of data to be protected
Si: a vector of security requirements
![Page 21: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/21.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
21
A DAG
e2
t1
t4
t9
t8
t3
t2
t11
t5 t6
t10
t7
e1
e3 e4 e5
e7e6 e10
e8 e9
10Sec.,500KB,
{ [0.3,0.6], [0.4,0.8],
[0.5,0.9] }
10Sec.,500KB,
{ [0.3,0.6], [0.4,0.8],
[0.5,0.9] }
10KB, { [0.4,0.8],
[0.5,0.9] }
10KB, { [0.4,0.8],
[0.5,0.9] }
![Page 22: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/22.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
22
PE3
Link
PE1
Link
PE2
t6 t8 t9
e5 e7 e9
t1 t10t7t4t3t2
e4 e10
t5 t11
0 2 4 6 8 10 12 14 16 18 20 22 24 26 28 30 32 34 36 38 40 42 44 46 48 50 52 54 56 58 60deadline
Befpre Security Optimization
Slack Time
![Page 23: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/23.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
23
After Security Optimization
0 2 4 6 8 10 12 14 16 18 20 22 24 26 28 30 32 34 36 38 40 42 44 46 48 50 52 54 56 58 60
t10
e9
t4t3t2t1
e4 e10
t11t5
e5
t6
e7
t8 t9
t7
PE3
Link
PE1
Link
PE2
deadline
![Page 24: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/24.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
24
Security Requirements for A Task Ti
1iS q
iSjiSSi = ( ,…, ,…, )
Security level range of the j th security service for task Ti
1iS [0.3,0.6] 2
iS [0.4,0.8] 3iS [0.5,0.9]
![Page 25: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/25.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
25
Security Benefits Gained by Task Ti
qiiii ssss ,...,, 21 and10 j
iw
q
j
jiw
1
1
q
j
ji
jii swsSL
1
)(
Weight of the j th security service for task Ti
Security level of the j th security service for task Ti
![Page 26: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/26.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
26
Weights of Security Services
>
>
![Page 27: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/27.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
27
Security Benefits Gained by A Task Set
n
iiSL
1
SL s )()(T
qiiii ssss ,...,, 21The task set
![Page 28: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/28.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
28
Optimize Security Benefit of An Application
maximizesubject to:
i k
n q
ki
ki swTSL
1 1
ks kk ),max()min( iii SS
SL s )( iThe task set
![Page 29: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/29.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
29
Security Requirements of Message (ti, tj)
)ˆ,...,ˆ,ˆ(ˆ 21 pijijijij SSSS
The required security level range
of the p th security service
i j(ti, tj)
![Page 30: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/30.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
30
Security Benefits Gained by One Message (ti, tj)
p
k
kij
kijij swsSL
1
ˆˆ)ˆ(
1ˆ0 kijw
p
j
kijw
1
1ˆand )ˆ,...,ˆ,ˆ(ˆ 21 pijijijij ssss
Security level of the
k th security service
![Page 31: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/31.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
31
Security Benefits Gained by A Message Set
Ett
ij
ji
sSLESL),(
)ˆ()(
.
)ˆ,...,ˆ,ˆ(ˆ 21 pijijijij ssss
![Page 32: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/32.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
32
Optimize Security Benefit of Message Set
,ˆˆ)(),( 1
Ett
p
k
kij
kij
ji
swESL
),ˆmax(ˆ)ˆmin( kij
kij
kij SsS
maximize
subject to
The message set )ˆ( ijsSL
![Page 33: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/33.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
33
Security Benefit of A Parallel Application
)()( ESLTSLSV
The message setThe task set
Security Value
![Page 34: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/34.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
34
The TAPADS Task Allocation Algorithm
Compute the critical path
path critical
min )(it
ii cef
Slack time= d – f
Allocate all ti subject to minimal security requirements
Identify the best candidate in V and E that has the highest benefit-cost ratio
Increase security levels of more important services at the minimal cost
Update the schedule in accordance with the increased security level
yes
Slack time > 0 ?no
Update slack time
End
![Page 35: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/35.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
35
Time Complexity of TAPADS
The time complexity of TAPADS is O(k(q|V|+p|E|))where k : the number of times Step 7 is repeatedq : the number of security services for computationp : the number of security services for communication
![Page 36: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/36.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
36
Performance Evaluation
LISTMIN: Selects the lowest security level of each security service required by each task and message of a parallel job
LISTMAX: Chooses the highest security level for each security requirement posed by each task and message within a parallel job
LISTRND: Randomly picks a value within the security level range of each service required by a task and a message
![Page 37: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/37.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
37
Experimental Parameters Parameter Value (Fixed) - (Varied)
CPU Speed 1000 million instructions/second or MIPS
Network bandwidth 1Gbps
Task execution time (min, top, max)=(1, 5, 10), (10,20,40), (40,80,160), (160,320,640) second
Number of nodes (32, 64,128, 256), (8, 12, 16, 20)
Deadlines (100, 200, 300, 400, 500, 600) second
Deadline ranges ([100, 200], [200, 300], [300, 400], [400, 500]) second
Out degrees (25, 50, 75, 100)
Size of data to be secured
(min, top, max)=(0.02, 0.1, 0.5), (0.2, 1, 5), (1, 5, 10), (10, 20, 30) MB
Weight of security services
0.2 (authentication), 0.5 (encryption), 0.3 (integrity)
![Page 38: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/38.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
38
Performance Metrics
Security Value Schedulability: a fraction of total submitted jobs that are
schedulable Quality of security (QSA): quality of security for applications
Guarantee factor: it is zero if a job’s deadline cannot be met. Otherwise, it is one.
Job completion time: earliest time that a job can finish its execution
n
i
q
k
ki
ki swSV
1 1
,ˆˆ),( 1
Ett
p
k
kij
kij
ji
sw
)()()( XPXPXP LCSC
![Page 39: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/39.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
39
Experiment One: Overall Performance
One job with 433 tasks
32 nodes in a cluster
Deadline varies from 0 to 600 seconds
![Page 40: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/40.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
40
Overall Performance Comparisons(1)
![Page 41: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/41.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
41
Overall Performance Comparisons(2)
Improvement97.7%
Improvement25%
![Page 42: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/42.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
42
Overall Performance Comparisons(3)
Improvement54.5%
Improvement25.7%
![Page 43: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/43.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
43
Experiment Two: Adaptability
1000 diverse task graphs (54 tasks ~ 543 tasks)
4 deadline ranges [100, 200], [200, 300], [300, 400] and [400, 500]
32 nodes clusters
![Page 44: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/44.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
44
Adaptability(1)
TAPADS ties with LISTMIN
LISTMAX isthe worst
![Page 45: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/45.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
45
Adaptability(2)
TAPADS is always the best
TAPADS outperforms LISTMAX significantly
TAPADS outperforms LISTMAX significantly
![Page 46: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/46.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
46
Adaptability(3)
TAPADS noticeably outperforms all others
![Page 47: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/47.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
47
Experiment Three: Scalability
32 ~ 256 nodes in a cluster
A task graph with 520 tasks (nodes)
Deadline is set to 400 Seconds
![Page 48: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/48.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
48
Scalability
![Page 49: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/49.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
49
Experiment Four: Degree of Task Parallelism
A parallel application with 1074 tasks
Deadline is set to 400 Seconds
Number of nodes is 128
Maximal number of out degree varies from 25 to 100
![Page 50: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/50.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
50
Sensitivity to Degree of Task Parallelism
![Page 51: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/51.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
51
Experiment Five: Security Sensitive Data Size
Size of security sensitive data is in a triangle distribution
(min, top, max)=(0.02, 0.1, 0.5), (0.2, 1, 5), (1, 5, 10), (10, 20, 30) MB
![Page 52: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/52.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
52
Impact of Size of Security Sensitive Data
dx
dC
C
D
dt
dxv
B
dx
dC
C
D
dt
dxv
B
dx
dC
C
D
dt
dxv
B
![Page 53: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/53.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
53
Evaluation in Digital Signal Processing (1)
(a) Guarantee factor (b) Security value (c) QSA
Performance impact of deadline for DSP
![Page 54: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/54.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
54
Evaluation in Digital Signal Processing (2)
(a) Security value (b) QSA (c) Job completion time
Performance impact of number of nodes for DSP
![Page 55: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/55.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
55
Conclusions TAPADS can generate optimal allocations that
maximize quality of security for parallel applications running on clusters.
A security overhead model is proposed.
Experimental results show that TAPADS significantly improves the performance in terms of quality of security and schedulability over three existing allocation schemes.
![Page 56: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/56.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
56
Ph.D. Dissertation ProjectsMais Nijim [Summer 2007]
Adaptive quality of security control in storage systems.
Ziliang Zong [Ph.D. Candidate, Spring 2008 Expected] Conserving energy in clusters through resource allocation
Mohammed Alghamdi [Ph.D. Student, Spring 2008 Expected] Energy-efficient packet transmissions in real-time wireless
networks
Kiranmai Bellam [Ph.D. Student, Spring 2009 Expected] Power, fault tolerance, and security issues in real-time systems
![Page 57: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/57.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
57
Questions?
![Page 58: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/58.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
58
Real-Time Stock Quote System
![Page 59: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/59.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
59
Some Typical Security Levels
Routing + message security
Routing + SSL
Routing + SSL + message security
Routing + SSL + client authentication
Routing + SSL + message security + client authentication
![Page 60: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/60.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
60
Related Work
[Hou&Shin] A task allocation scheme to schedule periodic tasks with precedence constraints in distributed real-time systems.
[He et al.] Dynamic scheduling of parallel real-time jobs executing on heterogeneous clusters.
[Yurcik et al.] Tools for managing cluster security via process monitoring.
[Azzedin&Maheswaran] The notion of “trust” into resource
management of a large-scale wide-area system.
![Page 61: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/61.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
61
Future Work
Extend our security overhead models to multi-dimensional computing resources
Accommodate more security services into our security overhead model
Apply TAPADS scheme to heterogeneous clusters
![Page 62: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/62.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
62
Selected Journal Publications X. Qin and T. Xie, “Allocation of Tasks with Availability Constraints in Heterogeneous Systems,”
IEEE Transactions on Computers. Accepted April 2007.
M. Nijim, X. Qin, and T. Xie, “Modeling and Improving Security of a Local Disk System for Write-Intensive Workloads,” ACM Transactions on Storage, vol. 2, no. 4, pp. 400-423, Nov. 2006.
T. Xie and X. Qin, “Improving Security for Periodic Tasks in Embedded Systems through Scheduling,” ACM Transactions on Embedded Computing Systems, vol. 6, no. 1, 2007.
T. Xie and X. Qin, “Scheduling Security-Critical Real-Time Applications on Clusters,” IEEE Transactions on Computers, vol. 55, no. 7, pp. 864-879, July 2006.
X. Qin, “Performance Comparisons of Load Balancing Algorithms for I/O-Intensive Workloads on Clusters,” Journal of Network and Computer Applications, 2007. Accepted
X. Qin, “Design and Analysis of a Load Balancing Strategy in Data Grids,” Future Generation Computer Systems: The Int'l Journal of Grid Computing, vol. 23, no. 1, pp. 132-137, Jan. 2007.
Z.-L. Zong, M. Nijim, and X. Qin, “Energy-Efficient Scheduling for Parallel Applications on Mobile Clusters,” Cluster Computing: The Journal of Networks, Software Tools and Applications, 2007. [In press]
M. Nijim, X. Qin, and Z.-L. Zong, “StReD: A Quality of Security Framework for Storage Resources in Data Grids,” Future Generation Computer Systems: The Int'l Journal of Grid Computing, 2007. [In press]
X. Qin and H. Jiang, “A Dynamic and Reliability-driven Scheduling Algorithm for Parallel Real-time Jobs on Heterogeneous Clusters,” Journal of Parallel and Distributed Computing, vol. 65, no. 8, pp.885-900, Aug. 2005.
![Page 63: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/63.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
63
Selected Conferences Publications X. Qin, M. Alghamdi, M. Nijim, and Z.-L. Zong, “Scheduling of Periodic Packets in Energy-
Aware Wireless Networks,” Proc. the 26th IEEE Int'l Performance Computing and Communications Conf. (IPCCC'07), New Orleans, Louisiana, April 2007.
T. Xie and X. Qin, “A Security-Oriented Task Scheduler for Heterogeneous Distributed Systems,” Proc. 13th Annual IEEE Inter’l Conf. on High Performance Computing (HiPC), Bangalore, India, Dec. 18-21, 2006. (Acceptance Rate: 15.5%, 52/335)
M. Nijim, X. Qin, and T. Xie, “Adaptive Quality of Security Control in Networked Parallel Disk Systems,” Proc. 15th Int’l Conf. Computer Communications and Networks (ICCCN'06), Arlington, Virginia, Oct. 2006. (Acceptance Rate: 32%, 71/221)
Z.-L. Zong, A. Manzanares, B. Stinar, and X. Qin, “Energy-Efficient Duplication Strategies for Scheduling Precedence Constrained Parallel Tasks on Clusters,” Proc. IEEE 8th Int’l Conf. Cluster Computing (Cluster'06), Sept. 2006. (Acceptance Rate: 33%, 42/127)
T. Xie and X. Qin, “Stochastic Scheduling with Availability Constraints in Heterogeneous Systems,” Proc. IEEE 8th Int’l Conf. Cluster Computing (Cluster'06), 2006. (Acceptance Rate: 33%, 42/127)
T. Xie, X. Qin, and M. Nijim, “Solving Energy-Latency Dilemma: Task Allocation for Parallel Applications in Heterogeneous Embedded Systems,” Proc. 35th Int’l Conf. Parallel Processing (ICPP), Columbus, Ohio, Aug. 2006. (Acceptance Rate: 32%, 64/200)
T. Xie and X. Qin, “SAHA: A Scheduling Algorithm for security-Sensitive Jobs on Data Grids,” Proc. IEEE/ACM 6th Int'l Symp. Cluster Computing and the Grid (CCGrid), 2nd Int'l Workshop on Cluster Security, May 2006. (Acceptance Rate: 25%)
T. Xie and X. Qin, “SHARP: A New Real-Time Scheduling Algorithm to Improve Security of Parallel Applications on Heterogeneous Clusters,” Proc. the 25th IEEE Int’l Performance Computing and Communications Conf. (IPCCC'06), Phoenix, AZ, April 2006. (Acceptance Rate: 35%)
![Page 64: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/64.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
64
Selected Conferences Publications (cont.) M. Nijim, X. Qin, T. Xie, and M. Alghamdi, “Awards: An Adaptive Write Scheme for Secure
Local Disk Systems,” Proc. the 25th IEEE Int’l Performance Computing and Communications Conf. (IPCCC'06), April 2006. (Acceptance Rate: 35%)
T. Xie and X. Qin, “A New Allocation Scheme for Parallel Applications with Deadline and Security Constraints on Clusters,” Proc. the 7th IEEE Int’l Conf. Cluster Computing (Cluster 2005), 2005. (Acceptance Rate: 32%, 48/150)
T. Xie, X. Qin, and A. Sung, "SAREC: A Security-Aware Scheduling Strategy for Real-Time Applications on Clusters," Proc. the 34th Int’l Conf. Parallel Processing (ICPP 2005), pp.5-12, Norway, June 14-17, 2005. (Acceptance Rate: 28%, 69/241)
X. Qin and Hong Jiang, “Improving Effective Bandwidth of Networks on Clusters using Load Balancing for Communication-Intensive Applications,” Proceedings of the 24th IEEE International Performance, Computing, and Communications Conference (IPCCC 2005), pp.27-34, Phoenix, Arizona, April 7-9, 2005. (Acceptance Rate: 35%, 36/103)
X. Qin, “Improving Network Performance through Task Duplication for Parallel Applications on Clusters,” Proc. the 24th IEEE Int’l Performance, Computing, and Communications Conference (IPCCC 2005), 2005. (Acceptance Rate: 35%, 36/103)
X. Qin, H. Jiang, Y. Zhu, and D. Swanson, "Dynamic Load Balancing for I/O-Intensive Tasks on Heterogeneous Clusters," Proceedings of the 10th International Conference on High Performance Computing (HiPC 2003), pp.300-309, 2003 (Acceptance Rate: 29%)
X. Qin, H. Jiang, Y. Zhu, and D. Swanson, "Towards Load Balancing Support for I/O-Intensive Parallel Jobs in a Cluster of Workstations," Proc. of the 5th IEEE International Conference on Cluster Computing(Cluster 2003), 2003. (Acceptance Rate: 29%)
![Page 65: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/65.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
65
Adaptive Quality of Security Control in Storage Systems
Xiao Qin
![Page 66: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/66.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
66
Outline
Introduction to Storage Systems Local Disk Systems Parallel Disk Systems Security-Aware Cache Partitioning Conclusion Publications
![Page 67: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/67.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
67
Data-Intensive Applications
Video Surveillance Digital Libraries
Radio Astronomy Observatory
![Page 68: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/68.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
68
Data-Intensive Applications (Cont.)
long running simulations
remote-sensing database systems
biological sequence analysis
![Page 69: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/69.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
69
Motivation
Existing storage systems fail to meet the security requirements of modern data- intensive applications
There is no way to dynamically choose security services to meet disk requests flexible security requirements
Existing storage systems are not suitable to guarantee desired response times of disk requests
![Page 70: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/70.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
70
Common Threats and Security Services
Snooping
Alteration
Spoofing
Confidentiality
Authentication
Integrity
![Page 71: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/71.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
71
Cache Partitioning Scheme
Topics Security-Aware Local Disk Systems
Adaptive Quality of Security Control in Parallel Disk Systems
![Page 72: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/72.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
72
System model of a Data Grid
![Page 73: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/73.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
73
Quality of Security Framework for Disk Systems
![Page 74: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/74.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
74
Security-Aware Local Disk Systems
![Page 75: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/75.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
75
Contributions
A Security-Aware Adaptive Write Strategy (AWARDS) for Local Disk Systems
AWARDS can achieve high security for local disk systems while making the best effort to guarantee desired response times
AWARDS
Security
Performance
![Page 76: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/76.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
76
The Architecture of AWARDS
Security Service 1Security Service 1 Security Service mSecurity Service m
Adaptive Security Service ControllerAdaptive Security Service Controller
Disk Request SchedulerDisk Request Scheduler
Disk Request
Security Mechanism
Disk DriverUntrusted Local Disk
![Page 77: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/77.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
77
Modeling Disk Requests
Each disk request specifies quality of service requirement A security requirement can be defined as a lower bound security level The range is between 0.1 and 1.0 A performance requirement is specified as a desired response time
Disk Requests
![Page 78: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/78.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
78
Quality of security for each security service is measured by a security level
For example: An encryption service with high security level means the
high quality of security provided by the service A disk request specifies a lower bound security level as 0.4 Encryption services with security levels higher than or equal
to 0.4 can successfully meet the disk request’s security requirements
Modeling Disk Requests (Cont.)
![Page 79: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/79.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
79
r = (o, a, d, s, t) o: type of the request
a: disk address
d: data size (KB)
s: lower security level bound
t: desired response time
Modeling Disk Requests (Cont.)
![Page 80: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/80.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
80
Rr
i
i
Security Level
. and ,1: iiiii tsRr
Disk Request
Desired response time
Real response time
Subject to
Maximize
Modeling Disk Requests (Cont.)
![Page 81: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/81.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
81
Security Overhead Model
Eight encryption algorithms In accordance with the cryptographic algorithms’
performance Each cryptographic algorithm is assigned a
security level from 0 to 1 e.g., Assign security level 1 to the strongest yet
slowest encryption algorithm (IDEA)
![Page 82: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/82.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
82
The AWARDS Strategy
To aim at improving the quality of security for local disks (i.e., to increase the security levels)
To guarantee timing constraints. (i.e., response time desired response time)
![Page 83: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/83.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
83
Example
Requests
Data Size (di) Minimal Security Level (si)
Desired Response Time (ti)
Response Time (T) under AWARDS
Security Level (i)
under AWARDS
r190 KB 0.2 18 ms 17.7 ms 0.8
r2150 KB 0.1 41 ms 40.7 ms 0.7
r3
30 KB 0.3 55 ms 54.5 ms 0.9
r1 r2 r3
r1 r2 r3
Time
Time
Sl = 0.1 Sl = 0.3Sl = 0.2
SO= 0.93ms SO= 0.89ms SO= 0.8ms
Security level of r1 = 0.8Response time =17.7 ms
Security level of r1 = 0.7Response time =40.7 ms
Security level of r1 = 0.9Response time =54.5 ms
![Page 84: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/84.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
84
The AWARDS Algorithm
![Page 85: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/85.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
85
StartStart
Insert ri into Q
For each ri in Q
Initialize Security Level
Sl < 1.0
For each ri in the Q
Sl = Sl + 0.1
For each rk
rk can’t finsihed Sl = Sl - 0.1
Yes
Yes
NoENDEND
No
ENDEND
![Page 86: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/86.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
86
Property of AWARDS
If the security level ri is increased by 0.1, the following conditions must hold.
1. The current security level of ri is less than 1.0, i.e., i < 0.1
2.
.),()es(:, kkkkikk trTrttQr
Start time processing time
![Page 87: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/87.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
87
Estimated Start Time (es)
lll ttQr
llk rTr,
),,()es(
),()()(),( iisecuritydisk
iirotiseekii dT
B
daTaTrT
![Page 88: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/88.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
88
Experimental Result
Disk Parameters
IBM Ultrastar 36Z15
Size 18.4 GB
RPM 15000
Seek Time, Tseek 7.18 ms
Rotational Time, Trot4.02 ms
Disk Bandwidth, Bdisk 30 MB/Sec.
![Page 89: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/89.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
89
Experimental Result
Workload Configurations
Parameter Value (Fixed) - (Varied)
Disk Bandwidth 30MB/Sec.
Request Arrival Rate (0.1, 0.2, 0.3, 0.4, 0.5) No./Sec.
Desired Response Time 10 Sec.
Security Level (0.5) - (0.1, 0.2, 0.3, 0.4, 0.5, 0.6, 0.7, 0.8, 0.9)
Write Ratio (100%) - (0%, 10%, 20%, 30%, … 100%)
Data Size (500 KB) – (300, 400, 500, 600, 700) KB
![Page 90: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/90.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
90
Performance Metrics
Satisfied ratio: a fraction of total arrived disk requests that are found to be finished before their desired response times
Average security level: measured by the average value of security levels of all disk requests issued
Average security overhead : measured in sec. Overall performance: product of satisfied ratio and
the average security level
![Page 91: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/91.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
91
Impact of Arrival Rate
Improvement138.2%
Improvement125.6%
![Page 92: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/92.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
92
Impact of Data Size
![Page 93: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/93.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
93
Impact of Disk Bandwidth
![Page 94: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/94.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
94
Sparse Cholesky
Desired response time
![Page 95: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/95.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
95
Lu Decomposition
Desired response time
![Page 96: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/96.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
96Sparse Cholesky
Bandwidth
![Page 97: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/97.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
97
Lu Decomposition
Bandwidth
![Page 98: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/98.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
98
Adaptive Quality of Security Control
in Parallel Disk Systems
![Page 99: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/99.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
99
Parallel Disk Systems
![Page 100: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/100.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
100
Motivation
Existing parallel disk systems lack the means to adaptively control quality of security for dynamically changing workloads
To develop an adaptive quality of security control scheme for parallel disk systems (ASPAD)
![Page 101: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/101.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
101
Contributions
ASPAD aims to adapt to changing security requirements and workload conditions
ASPAD endeavors to determine security services for disk requests while guaranteeing the desired response time for the requests
ASPAD
Security
Performance
![Page 102: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/102.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
102
Disk 1 Disk 2 Disk m
Adaptive Security Quality Controller
Data Partitioning mechanism
Security Service Middleware
Security Service q Security Service 1
Clients
Disk Requests
Parallel Disk System
Network
Response Time Estimator
Security Service 2
The ASPAD Framework
![Page 103: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/103.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
103
Quality of Security
The quality of security for each security service is measured by security level.
0.1 to 1.0 The quality of security can be quantitatively
measured using seven levels Extremely high, very high, high, medium, low, very
low, and no security protection Translation mechanism is implemented to make the
conversions
![Page 104: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/104.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
104
Modeling Quality of Security
ip
jijirS
1
)( Security level of the jth stripe
unit of ri
mps iiij and
Parallelism degree
No. of disks
![Page 105: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/105.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
105
Modeling Quality of Security (Cont.)
nrrrR ,,, 21
n
iirSRS
1
)()(
![Page 106: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/106.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
106
Optimize Quality of Security
To maximize security benefit of the parallel disk system
Maximize
n
i
p
jij
i
RS1 1
Subject to
a) ,max:11
ipj
ij tnii
b) mps iiij and
Where θij : the response time of jth strip unit of request ri
![Page 107: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/107.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
107
Optimize Quality of Security (Cont.)
The response time of all stripe unit in request ri must be smaller than the desired response time
The parallelism degree of ri ≤ number of disks in the system
![Page 108: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/108.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
108
The ASPAD Framework
Data Partitioning
Response time estimator
Adaptive Quality of Security Controller
Adaptive control
![Page 109: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/109.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
109
Data Partitioning
Determine the optimal parallelism degree for disk request Reduces the response time of the disk request to increase
the security level Dynamically calculate the optimal parallelism degree of the
request
![Page 110: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/110.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
110
Data Partitioning (cont.)
Expected disk service time
,),()()(),( iitransirotiseekiidisk pdTEpTEpTEpdTE
Where
),( and ,)(,)( iitransirotiseek pdTEpTEpTE
Expected values of seek time, rotational time, and transfer time
![Page 111: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/111.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
111
Data Partitioning (cont.) Scheuermann et al., VLDB98
fpbaeCpTE iiseek )ln(1)(
Where C: number of cylinders on disk
a, b : two disk type independent constants
e, f : disk type dependent constants
![Page 112: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/112.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
112
Data Partitioning (cont.)
The expected value of rotation time
The expected transfer time
ROTi
iirot T
p
ppTE
1)(
diski
iiitrans Bp
dpdTE
1),(
![Page 113: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/113.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
113
Data Partitioning (cont.) Scheuermann et al., VLDB98
Expected disk service time
Parallelism degree
.1
1)ln(1),(
diski
iROT
i
iiiidisk Bp
dT
p
pfpbaeCpdTE
.0
1
)1(1
),(22
diski
i
ii
ROTi
i
ROT
i
iidisk
Bp
d
p
eCb
p
Tp
p
T
pdE
pdTdE
The optimal parallelism degree is given by min(pi,m)
![Page 114: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/114.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
114
Estimate Response Time
Estimate the maximum response time of a disk request
Response time is the interval between the time a request sent by a client and the time the parallel disk system complete disk I/O operation
![Page 115: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/115.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
115
Estimate Response Time (cont.)
The response time of a disk request is:
),,(max),,(1
iiproc
p
ipartitionqueue prTTTprT
p : is the parallelism degree
: request vector of security level for p stripes unit
Tqueue : queuing delay at the client side
Tpartition : time spent in data partition
: system processing delay
),,,( 21 p
iprocT
![Page 116: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/116.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
116
The ASPAD Algorithm
![Page 117: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/117.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
117
Start
Insert r into Q
For each r in Q
Calculate pi of ri
Partition ri into pi stripe unit
For each stripe unit
Initialize SL
Ph
a se1
. Da t
a P
a rt i
tio n
i ng
Estimate response time
Ph
ase2
res
pon
se t
ime
SL < 1.0
While est. < desired
YSL = SL + 0.1
Estimate response timeEND
N
EST >des. dec. SLYN
Apply the security service with level ij to the jth stripe unit
![Page 118: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/118.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
118
Property of ASPAD
With respect to the ith request, the following two conditions must hold if the jth stripe unit’s security level is increased by 0.1:
1. The current security level ij is less than 1.0;
2. , where Tj is the response time of the jth
stipe unit, ti is the desired response time of the request,
and . iiiij tprT ),,(
![Page 119: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/119.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
119
Experimental Results
a) data size is 100KB and P = 3
![Page 120: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/120.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
120
Impact of Arrival Rate
a) data size is 100KB and P = 3
ASPAD is always the best
![Page 121: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/121.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
121
Impact of Parallelism Degree
The impact of the parallelism degree when arrival rate = 0.5 No./sec.
ASPAD noticeably outperforms the other
Add more slides for results!!!
![Page 122: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/122.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
122
A Caching Strategy to Improve Security of Cluster Storage Systems
![Page 123: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/123.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
123
Security Service 1Security Service 1 Security Service mSecurity Service m
Cache (Volatile/Non-volatile memory)Cache (Volatile/Non-volatile memory)
Adaptive Security Service ControllerAdaptive Security Service Controller
Security-aware cache management mechanismSecurity-aware cache management mechanism
A Cluster Storage SystemA Cluster Storage System
Network
Clients
Disk Request
Disk1 Disk 2 Disk n
![Page 124: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/124.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
124
Cache Partitioning
The entire cache of the cluster storage system is divided into separate partitions, one for each disk, by a security-aware cache partitioning mechanism.
Each cache partition for a disk is managed separately using the conventional LRU replacement algorithm.
![Page 125: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/125.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
125
ip
jdijdi PrSLPrS
1
),(),(
,, PPmp di Total cache size
is the partition size of the dth disk
![Page 126: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/126.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
126
![Page 127: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/127.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
127
Conclusion
AWARDS and ASPAD maximize the quality of security for local and parallel disk system
Experimental result shows that AWARDS and ASPAD significantly increase the security level as well as the overall performance over an existing algorithm
A security-aware cache management mechanism (CaPaS) for cluster storage systems. CaPaS can achieve high security and
desired performance for clusters.
![Page 128: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/128.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
128
Future Work
Security-Aware Load Balancing Energy-Efficient Mobile Storage Systems
![Page 129: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/129.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
129
StReD : A Quality of Security Framework for Storage Resources in Data Grids. M. Nijim, Z.-L. Zong, and X. Qin, Future Generation Computer Systems: The Int'l Journal of Grid Computing, 2007. (Forthcoming)
Modeling and Improving Security of a Local Disk System for Write-Intensive Workloads. M. Nijim, X. Qin, and T. Xie, ACM Transactions on Storage, vol. 2, no. 4, pp. 400-423, Nov. 2006
Performance Analysis of an Admission Controller for CPU- and I/O-Intensive Applications in Self-Managing Computer Systems. M. Nijim, T. Xie, and X. Qin, ACM Operating Systems Review, vol. 39, no. 4, pp.37-45, October, 2005
Energy-Efficient Scheduling for Parallel Applications on Mobile Clusters. Z.-L. Zong, M. Nijim, and X. Qin, Cluster Computing: The Journal of Networks, Software Tools and Applications, 2007. (In press)
Journal Publications
![Page 130: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/130.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
130
Awards: An Adaptive Write Scheme for Secure Local Disk Systems. M. Nijim, X. Qin, T. Xie, and M. Alghamdi, Proc. 25th IEEE Int'l Performance Computing and Communications Conference (IPCCC), April 2006 (Acceptance rate 30%)
Integrating a Performance Model in Self-Managing Computer Systems under Mixed Workload Conditions. M. Nijim, T. Xie, and X. Qin, Proc. IEEE Int’l Conf. Information Reuse and Integration, Aug. 2005
An Adaptive Strategy for Secure Distributed Disk Systems. M. Nijim, T. Xie, Z.-L. Zong, and X. Qin, NASA/IEEE Conference on Mass Storage Systems and Technologies, WIP Session, May 2006
Sharp: A New Real-Time Scheduling Algorithm to Improve Security of Parallel Applications on Heterogeneous Clusters. T. Xie, X. Qin, and M. Nijim, Proc. 25th IEEE Int'l Performance Computing and Communications Conference (IPCCC), April 2006. (Acceptance rate 30%)
Solving Energy-Latency Dilemma: Task Allocation for Parallel Applications in Heterogeneous Embedded Systems. T. Xie, X. Qin, and M. Nijim, Proc. 35th International Conference on Parallel Processing (ICPP), Columbus, Ohio, Aug. 2006. (Acceptance rate 28%)
Adaptive Quality of Security Control in Networked Parallel Disk Systems. M. Nijim, X. Qin, and T. Xie, Proc. 15th Int'l Conference on Computer Communications and Networks (ICCCN), Oct. 2006 (Acceptance rate 29%)
Selected Conference Publications
![Page 131: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/131.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
131
Questions?
![Page 132: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/132.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
132
AWARDS Complexity
The complexity of AWARDS is O(n2)
Proof : To increase the security level of the request, it takes O(n).
There is O(n) number of write requests
![Page 133: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/133.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
133
Download the presentation slideshttp://www.slideshare.net/xqin74
Google: slideshare Xiao Qin
![Page 134: Security-Aware Scheduling for Real-Time Parallel Applications on Clusters](https://reader037.vdocuments.net/reader037/viewer/2022103110/54b6efb54a7959fd508b466b/html5/thumbnails/134.jpg)
04/10/23 Department of Computer Science and Software EngineeringAuburn University
134
Complexity of ASPAD
The time complexity is O(n2p)
P: the maximum parallelism degree
n: is the number of disk requests