Abstract

Many scientific workflow applications are moving to clouds. A scientific workflow is a complicated scientific computing task consisting of many sub-tasks, and each sub-task execution can generate the intermediate data used for the successor sub-task execution. The correct execution of scientific workflows depends on the security of the intermediate data, which is transmitted frequently between virtual machines during the process of the workflow execution. In multi-tenant clouds, the intermediate data contains three attributes: availability, confidentiality and integrity. If the intermediate data is lost, stolen, or tampered with by malicious tenants, the intermediate data’s attribute will be damaged, causing workflow interruption, the leakage of secret information or incorrect workflow results. For these problems, we propose ACISO scheme to secure the intermediate data by improving its availability, confidentiality, and integrity. In the scheme, availability, confidentiality and integrity strategy pools are constructed by various erasure codes, encryption algorithms and hash functions, respectively. Then we present a security strategy optimal allocation model named SSOA, which aims to maximize the overall intermediate data security strength while meeting the constraints of the workflow makespan and storage overhead. Normally, a scientific workflow contains a large number of the intermediate data, so solving this model is NP hard. Therefore, we propose a heuristic solution to solve SSOA. The simulation results show that ACISO can effectively improve the availability, confidentiality, and integrity of the intermediate data of the scientific workflows.

Highlights

  • Cloud computing uses virtualization technology to provide services of infrastructure, platforms, software applications

  • We suppose that the number of available virtual machines (VMs) is 10, the workflow makespan delay cannot be more than 5%, the storage overhead can be increased by no more than 60%, and the strength of each type of security requirement for each intermediate data cannot be less than 0.2

  • The proposed ACISO scheme is more flexible than [18], since it is separated from the workflow scheduling, users can choose any type of workflow scheduling algorithm, such as such as minimizing workflow execution costs, minimizing workflow makespan, maximizing VM utilization, and maximizing reliability

Read more

Summary

INTRODUCTION

Cloud computing uses virtualization technology to provide services of infrastructure, platforms, software applications. Y. Wang et al.: Securing the Intermediate Data of Scientific Workflows in Clouds With ACISO and the task scheduling can reduce their monetary costs for executing workflows in public clouds [13]. First, we construct availability, confidentiality and integrity strategy pools based on various erasure codes, encryption algorithms and hash functions. On the basis of the strategy pools, we propose availability, confidentiality and integrity strategy optimization (ACISO) scheme to enhance these three attributes of the intermediate data. We jointly consider the attributes (i.e., availability, confidentiality, and integrity) of the intermediate data of scientific workflows, and use various erasure codes, encryption algorithms, and hash functions to build availability, confidentiality and integrity strategy pools, respectively. The simulation results demonstrate that ACISO can effectively strengthen the availability, confidentiality and integrity attributes of the intermediate data of scientific workflows.

BACKGROUND
INTERMEDIATE DATA CONFIDENTIALITY STRATEGY POOL
INTERMEDIATE DATA INTEGRITY STRATEGY POOL
SSOA MODEL
PROBLEM TRANSFORMATION
HEURISTIC SOLUTION
COMPARISON ALGORITHMS We compare ACISO with the following two schemes
RELATED WORK
Findings
CONCLUSION AND FUTURE WORK
Full Text
Published version (Free)

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call