中国科学院软件研究所机构知识库
Advanced  
ISCAS OpenIR  > 软件所图书馆  > 期刊论文
Title:
基于动态域划分的MapReduce安全冗余调度策略
Alternative Title: Securely redundant scheduling policy for MapReduce based on dynamic domains partition
Author: 沈晴霓 ; 卿斯汉 ; 吴中海 ; 张力哲 ; 杨雅辉
Corresponding Author: Wu, Z.-H.(wuzh@pku.edu.cn)
Keyword: 云计算 ; MapReduce框架 ; 动态域划分 ; 安全冗余调度 ; cloud computing ; MapReduce framework ; dynamic domain partition ; securely redundant scheduling
Source: 通信学报
Issued Date: 2014
Volume: 35, Issue:1, Pages:34-46
Indexed Type: EI
Department: 北京大学 软件与微电子学院,北京102600; 北京大学 网络与软件安全保障教育部重点实验室,北京100871 北京大学 软件与微电子学院,北京102600; 北京大学 网络与软件安全保障教育部重点实验室,北京100871; 中国科学院 软件研究所,北京 100190
Abstract: MapReduce现有调度策略无法实现云环境中多租户作业的安全隔离。提出一种基于动态域划分的安全冗余调度策略:通过引入冲突关系、信任度、安全标签等概念,建立一种动态域划分模型,以将待调度节点划分为与不同租户作业关联的冲突域、可信域或调度域;结合冗余方式,将租户作业同时调度到其可信域节点和调度域节点(但不允许为其冲突域节点),通过二者执行环境和部分计算结果的一致性验证决定是否重新调度。实验分析了其有效性和安全性。 MapReduce’s current scheduling policies could not ensure the isolation between multi-tenant Tasks in the cloud. A securely redundant scheduling policy based on dynamic domains partition was proposed. First, a kind of dy-namic domain partition model was introduced in this policy. Based on the node’s current belief, security labels with the conflict relationship between tenants, a computing node was partitioned into the conflict domain, trusted domain or schedulable domain in this model. Second, through redundantly computing, two copies of each Task were assigned re-spectively to its trusted domain node and its schedulable domain node (but not allow for its conflict domain node) in this policy. And the integrity of the two nodes’execution environments and the consistence of their results on a small part of original input data were verified. Accordingly, it decided whether the schedulable domain node was trusted. Finally, the performance and security analysis in the prototype show its effectiveness.
English Abstract: MapReduce's current scheduling policies could not ensure the isolation between multi-tenant Tasks in the cloud. A securely redundant scheduling policy based on dynamic domains partition was proposed. First, a kind of dynamic domain partition model was introduced in this policy. Based on the node's current belief, security labels with the conflict relationship between tenants, a computing node was partitioned into the conflict domain, trusted domain or schedulable domain in this model. Second, through redundantly computing, two copies of each Task were assigned respectively to its trusted domain node and its schedulable domain node (but not allow for its conflict domain node) in this policy. And the integrity of the two nodes' execution environments and the consistence of their results on a small part of original input data were verified. Accordingly, it decided whether the schedulable domain node was trusted. Finally, the performance and security analysis in the prototype show its effectiveness.
Language: 中文
Content Type: 期刊论文
URI: http://ir.iscas.ac.cn/handle/311060/16972
Appears in Collections:软件所图书馆_期刊论文

Files in This Item:

There are no files associated with this item.


Recommended Citation:
沈晴霓,卿斯汉,吴中海,等. 基于动态域划分的MapReduce安全冗余调度策略[J]. 通信学报,2014-01-01,35(1):34-46.
Service
Recommend this item
Sava as my favorate item
Show this item's statistics
Export Endnote File
Google Scholar
Similar articles in Google Scholar
[沈晴霓]'s Articles
[卿斯汉]'s Articles
[吴中海]'s Articles
CSDL cross search
Similar articles in CSDL Cross Search
[沈晴霓]‘s Articles
[卿斯汉]‘s Articles
[吴中海]‘s Articles
Related Copyright Policies
Null
Social Bookmarking
Add to CiteULike Add to Connotea Add to Del.icio.us Add to Digg Add to Reddit
所有评论 (0)
暂无评论
 
评注功能仅针对注册用户开放,请您登录
您对该条目有什么异议,请填写以下表单,管理员会尽快联系您。
内 容:
Email:  *
单位:
验证码:   刷新
您在IR的使用过程中有什么好的想法或者建议可以反馈给我们。
标 题:
 *
内 容:
Email:  *
验证码:   刷新

Items in IR are protected by copyright, with all rights reserved, unless otherwise indicated.

 

 

Valid XHTML 1.0!
Copyright © 2007-2020  中国科学院软件研究所 - Feedback
Powered by CSpace