Identity boxing: A new technique for consistent global identity

Proceedings of the ACM/IEEE 2005 Supercomputing Conference, SC'05

Volumn 2005, Issue , 2005, Pages 51-

  Thain, Douglas ^a  

^a University of Notre Dame   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

ELECTRONIC DOCUMENT IDENTIFICATION SYSTEMS; INTELLIGENT AGENTS; METADATA; PUBLIC KEY CRYPTOGRAPHY; SECURITY OF DATA;

COMPUTING RESOURCES; GRID SYSTEMS; IDENTITY BOXING; PUBLIC KEY SECURITY INFRASTRUCTURE;

PARALLEL PROCESSING SYSTEMS;

EID: 33845413675     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/SC.2005.34     Document Type: Conference Paper

References (44)

1. A. Acharya and M. Raje. MAPbox: Using parameterized behavior classes to confine applications. Technical Report UCSB TRCS99-15, University of California at Santa Barbara, Computer Science Department, 1999.
2. W. Allcock, A. Chervenak, I. Foster, C. Kesselman, and S. Tuecke. Protocols and services for distributed data-intensive science. In Proceedings of Advanced Computing and Analysis Techniques in Physics Research, pages 161-163, 2000.
3. S. Altschul, W. Gish, W. Miller, E. Myers, and D. Lipman. Basic local alignment search tool. Journal of Molecular Biology, 3(215):403-410, Oct 1990.
4. C. Baru, R. Moore, A. Rajasekar, and M. Wan. The SDSC storage resource broker. In Proceedings of CASCON, Toronto, Canada, 1998.
5. J. Bent, D. Thain, A. C. Arpaci-Dusseau, R. H. Arpaci-Dusseau, and M. Livny. Explicit control in a batch-aware distributed file system. In USENIX Networked Systems Design and Implementation, 2004.
6. J. Bent, V. Venkataramani, N. LeRoy, A. Roy, J. Stanley, A. Arpaci-Dusseau, R. Arpaci-Dusseau, and M. Livny. Flexibility, manageability, and performance in a grid storage appliance. In Proceedings of the Eleventh IEEE Symposium on High Performance Distributed Computing, Edinburgh, Scotland, July 2002.
7. J. Bester, I. Foster, C. Kesselman, J. Tedesco, and S. Tuecke. GASS: A data movement and access service for wide area computing systems. In 6th Workshop on I/O in Parallel and Distributed Systems, May 1999.
8. D. Brumley and D. Song. Privtrans: Automatically partitioning programs for privilege separation. In USENIX Security Symposium, August 2004.
9. J. Chase, L. Grit, D. Irwin, J. Moore, and S. Sprenkle. Dynamic virtual clusters in a grid computing environment. In High Performance Distributed Computing, June 2003.
10. C. Cowan, S. Beattie, G. Kroah-Hartman, C. Pu, P. Wagle, and V. Gligor. Subdomain: Parsimonious server security. In USENIX Systems Administration Conference, 2000.
11. P. E. Crandall, R. A. Aydt, A. A. Chien, and D. A. Reed. Input/output characteristics of scalable parallel applications. In Proceedings of the IEEE/ACM Conference on Supercomputing, San Diego, California, 1995.
12. T. A. DeFanti, I. Foster, M. E. Papka, and R. Stevens. Overview of the I-WAY: Wide area visual supercomputing. International Journal of Supercomputer Applications, 10(2/3):121-131, 1996.
13. R. J. Figueiredo, P. A. Dinda, and J. A. B. Fortes. A case for grid computing on virtual machines. In International Conference on Distributed Computing Systems, May 2003.
14. J. Foley. An integrated biosphere model of land surface processes, terrestrial carbon balance, and vegetation dynamics. Global Biogeochemical Cycles, 10(4):603-628, 1996.
15. B. Ford, M. Hibler, J. Lepreau, P. Tullmann, G. Back, and S. Clawson. Microkernels meet recursive virtual machines. In Operating Systems Design and Implementation, 1996.
16. I. Foster and C. Kesselman. Globus: A metacomputing infrastructure toolkit. International Journal of Supercomputer Applications, 11(2):115-128, 1997.
17. I. Foster, C. Kesselman, G. Tsudik, and S. Tuecke. A security architecture for computational grids. In ACM Conference on Computer and Communications Security Conference, 1998.
18. R. Gardner and et al. The Grid2003 production grid: Principles and practice. In IEEE Symposium on High Performance Distributed Computing, 2004.
19. T. Garfinkel. Traps and pitfalls: Practical problems in in system call interposition based security tools. In Network and Distributed Systems Security Symposium, February 2003.
20. T. Garfinkel, B. Pfaff, J. Chow, M. Rosenblum, and D. Boneh. Terra: A virtual machine-based platform for trusted computing. In Symposium on Operating Systems Principles, 2003.
21. T. Garfinkel, B. Pfaff, and M. Rosenblum. Ostia: A delegating architecture for secure system call interposition. In Symposium on Network and Distributed System Security, 2004.
22. I. Goldberg, D. Wagner, R. Thomas, and E. A. Brewer. A secure environment for untrusted helper applications. In USENIX Security Symposium, San Jose, CA, 1996.
23. K. Holtman. CMS data grid system overview and requirements. CMS Note 2001/037, CERN, July 2001.
24. J. Howard, M. Kazar, S. Menees, D. Nichols, M. Satyanarayanan, R. Sidebotham, and M. West. Scale and performance in a distributed file system. ACM Trans. on Comp. Sys., 6(1):51-81, February 1988.
25. P. Hulith. The AMANDA experiment. In Proceedings of the XVII International Conference on Neutrino Physics and Astrophysics, Helsinki, Finland, June 1996.
26. M. Humphrey, F. Knabe, A. Ferrari, and A. Grimshaw. Accountability and control of process creation in metasystems. In Network and Distributed System Security Symposium, February 2000.
27. S. Ioannidis and S. M. Bellovin. Sub-operating systems: A new approach to application security. In SIGOPS European Workshop, February 2000.
28. A. K. Jones and W. A. Wulf. Towards the design of secure systems. Software - Practice and Experience, 5(4):321-336, 1975.
29. M. Jones. Interposition agents: Transparently interposing user code at the system interface. In Proceedings of the 14th ACM Symposium on Operating Systems Principles, pages 80-93, 1993.
30. V. L. Kiriansky. Secure execution environment via program shepherding. In USENIX Security Symposium, August 2002.
31. M. Laureano, C. Maziero, and E. Jamhour. Intrusion detection in virtual machine environments. In EUROMICRO Conference, September 2004.
32. L. Pearlman, V. Welch, I. Foster, C. Kesselman, and S. Tuecke. A community authorization service for group collaboration. In IEEE Workshop on Policies for Distributed Systems and Networks, 2002.
33. J. Plank, M. Beck, W. Elwasif, T. Moore, M. Swany, and R. Wolski. The Internet Backplane Protocol: Storage in the network. In Proceedings of the Network Storage Symposium, 1999.
34. N. Proves. Improving host security with system call policies. In USENIX Security Symposium, August 2004.
35. N. Proves and M. Friedl. Preventing privilege escalation. In USENIX Security Symposium, August 2003.
36. C. P. Sapuntzakis, R. Chandra, B. Pfaff, J. Chow, M. S. Lam, and M. Rosenblum. Optimizing the migration of virtual computers. In Symposium on Operating Systems Design and Implementation, 2002.
37. A. Shoshani, A. Sim, and J. Gu. Storage resource managers: Middleware components for grid storage. In Proceedings of the Nineteenth IEEE Symposium on Mass Storage Systems, 2002.
38. J. Steiner, C. Neuman, and J. I. Schiller. Kerberos: An authentication service for open network systems. In Proceedings of the USENIX Winter Technical Conference, pages 191-200, 1988.
39. D. Thain, J. Bent, A. Arpaci-Dusseau, R. Arpaci-Dusseau, and M. Livny. Pipeline and batch sharing in grid workloads. In Proceedings of the Twelfth IEEE Symposium on High Performance Distributed Computing, Seattle, WA, June 2003.
40. D. Thain, S. Klous, J. Wozniak, P. Brenner, A. Striegel, and J. Izaguirre. Separating abstractions from resources in a tactical storage system. In Proceedings of the International Conference for High Performance Computing and Communications (Supercomputing), November 2005.
41. D. Thain and M. Livny. Parrot: Transparent user-level middleware for data-intensive computing. In Proceedings of the Workshop on Adaptive Grid Middleware, New Orleans, September 2003.
42. D. Thain, T. Tannenbaum, and M. Livny. Condor and the grid. In F. Berman, G. Fox, and T. Hey, editors, Grid Computing: Making the Global Infrastructure a Reality. John Wiley, 2003.
43. A. Whitaker, M. Shaw, and S. D. Gribble. Denali: Lightweight virtual machines for distributed and networked applications. In USENIX Annual Technical Conference, June 2002.
44. V. Zandy, B. Miller, and M. Livny. Process hijacking. In Proceedings of the Eighth IEEE International Symposium on High Performance Distributed Computing, 1999.