• DocumentCode
    2791941
  • Title

    Securing Grid Data Transfer Services with Active Network Portals

  • Author

    Demir, Onur ; Head, Michael R. ; Ghose, Kanad ; Govindaraju, Madhusudhan

  • Author_Institution
    Dept. of Comput. Sci., State Univ. of New York, Binghamton, NY
  • fYear
    2007
  • fDate
    26-30 March 2007
  • Firstpage
    1
  • Lastpage
    8
  • Abstract
    Widely available and utilized grid servers are vulnerable to a variety of threats from denial of service (DoS) attacks, overloading caused by flash crowds, and compromised client machines. The focus of our paper is the design, implementation and evaluation of a set of admission control policies that permit the server to maintain sustained throughput to legitimate clients even in the face of such overloads and attacks. We propose several schemes to effectively, and importantly in an automated fashion, deal with these attacks and overloads. We discuss how these schemes can be efficiently implemented on an active network adapter based gateway that controls access to a pool of backend data servers. Performance tests conducted on a system based on a dual-ported active NIC demonstrate that efficient optimization schemes can be implemented on such a gateway to minimize the grid service response time and to improve server throughputs under heavy loads and DoS attacks. Our results, using the gridFTP server available with Globus Toolkit 4.0.1, demonstrate that even in adverse load conditions, the response times can be maintained at a level similar to normal, low-load conditions.
  • Keywords
    grid computing; network servers; optimisation; portals; security of data; transport protocols; Globus Toolkit 4.0.1; active network portal; admission control policy; client machine; denial-of-service attack; gateway; grid data transfer service; gridFTP server; optimization scheme; Bandwidth; Computer crime; Computer science; Delay; Magnetic heads; Network servers; Portals; Protocols; TCPIP; Throughput; Active NIC; GridFTP; Intelligent Gateway;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Parallel and Distributed Processing Symposium, 2007. IPDPS 2007. IEEE International
  • Conference_Location
    Long Beach, CA
  • Print_ISBN
    1-4244-0910-1
  • Electronic_ISBN
    1-4244-0910-1
  • Type

    conf

  • DOI
    10.1109/IPDPS.2007.370566
  • Filename
    4228294