reputation management in grid-based virtual organisations benjamin aziz (e-science centre, stfc...
TRANSCRIPT
Reputation Management in Grid-based Virtual Organisations
Benjamin Aziz(e-Science Centre, STFC Rutherford Appleton
Laboratory, UK)
Joint work with Alvaro Arenas (STFC RAL, UK)and
Gheorghe Silaghi (Babes-Bolyai University, Romania)
The International Conference on Security and Cryptography (SECRYPT 2008) – Special Session on Trust
in Pervasive Systems and Networks
26-29 July 2008, Porto, Portugal
Content
• Introduction on Grid Computing and Reputation
• Objectives• A Utility-based Reputation Model• Reputation Management in Grids• Analysis of the Model• Conclusion and Future Work
A Model of Grid Computing
Virtual Breeding Environment (VBE)
Resource UserResource Provider(Organisation)
• The resource providers in a VBE– adhere to common operating
principles and technical infrastructure– have common goals and an objective
of participating in potential VOs
• In a VO,– The VO Owner decides on VO policy– The VO Manager manages the
formation, operation and evolution of the VO
– Trust and Security Services provide the usual desirable trust and security properties for resource and information sharing across organisational boundaries. These include reputation as a measure of trust
VirtualOrganisation
(VO)
Trust & SecurityServices
VO Owner
VO Manager
What is Reputation?
• “The overall quality or character as seen or judged by people in general … reputation can be considered as a collective measure of trustworthiness (in the sense of reliability) based on the referrals or ratings from members in a community.”
(Jøsang, 2007)
• “The expectation about future behaviour of a person or agent.”(Abdul-Rahman&Hailes, 2000)
Direct vs. Indirect Reputation
• Reputation can be formed either directly or indirectly:
– Direct Reputation: a consumer interacts with a service, after which it reports its satisfaction with the results to a reputation service
– Indirect Reputation: a consumer enquires from another consumer about past interactions, after which it forms an opinion and reports it to the reputation service
Why Do We Need Reputation?
Error frequency =1/1000000 error/hr
Error frequency =1/100 error/hr
? ?
Bad command frequency =1/1000000 cmd/OS cmd
Bad command frequency =1/100 cmd/OS cmd
Objectives
• Design a reputation management system for Grid-based VOs
• The system can qualify both users and resource providers
• The system can provide reputation management in contexts like– Fine-grained access and usage control of Grid resources– Resource brokering for setting-up VOs
• Capable of running as both in centralised and decentralised modes
A Utility-based Reputation Model
• The model is based on the concepts of Consumers, Entities, Organisations and VOs
• Entities have issues of interest to be monitored– Example: QoS levels and acceptable usage policies for
services
• Consumers have expectations about issues of interest related to entities they interact with– Example: SLA between services and their clients
A Utility-based Reputation Model
• A utility function reflects the satisfaction (value in [1,0]) consumers perceive from consuming an entity– models the traditional client feedback needed to build
reputation and can be either provided by the consumer or taken from a library
• For example, for a variable x and its value v returned by some service:
utility(x,v) = 1 if v SLA(x)utility(x,v) = v/SLA(x) otherwise
• The environment provides a trusted third party monitoring service that supplies events about entity-consumer interaction results/performance
A Utility-based Reputation Model
• The reputation of an entity w.r.t. to an issue of interest and from the perspective of a consumer is calculated by applying the utility function to values reported by the monitoring service– Example: Disk A was found to have only 55% of its advertised data
transfer speed by client X
• Aggregating over all consumers yields the reputation of the entity w.r.t. to that issue of interest in general– Example: In general, Disk A has only 85% of its advertised data transfer
speed
• Aggregating over all issues of interest yields the overall reputation of an entity– Example: In general, Disk A achieves only 70% of its advertised
specifications
Reputation Management in Grids
• Using our utility-based reputation model we want to:– Provide reputation values for Grid resources/resource
providers based on the QoS values produced by resources• QoS is formalised through SLAs
– Provide reputation values for VO Users based on their resource usage behaviour
• Usage behaviour is formalised through policies and penalties for breaking those policies
– Perform reputation-aware resource brokering when forming a VO or when replacing some of its members
Push/Pull ResourceMonitoring Info
Reputation Management for Resource Providers
ReputationService
User
Resource QoSMonitoring Service
ResourceProvider
Resources
User-Resource Interaction
RegisterSLA andUtility Function
RegisterResources
PerformReputationUpdates
Reputation Management for Resources
• The reputation updates are as follows:– Apply the Utility Function (constant w.r.t. the SLA) to
the QoS monitoring information
– Update the [VO User, QoS, VO] resource reputation value
– Update the [QoS, VO] resource reputation value
– Update the [VO] resource reputation value
– Update the [VBE] resource reputation value
Reputation Management for Resource Providers
• Additionally, the Reputation System calculates the following reputation values for the resource providers:
– The reputation value of the resource provider in a VO as an aggregation of the reputation of all its resources in that VO
– The reputation value of the resource provider in a VBE as an aggregation of its reputation in all VOs
Reputation Management for VO Users
Reputation Service
User
Resource UsageMonitoring Service
ResourceProvider
Resources
User-Resource Interaction
Push/Pull VO UserMonitoring Info
Register Resources,their Usage Policies,their Penalty Functionsand the Utility Function
PerformReputationUpdates
Reputation Management for VO Users
• The reputation updates are as follows:
– Apply the Utility Function (constant w.r.t. the Usage Policy/Penalty Function) to the usage monitoring information
– Update the [VO resource, Usage, VO] user reputation value
– Update the [Usage, VO] user reputation value
– Update the [VO] user reputation value
– Update the [VBE] user reputation value
Reputation-based Resource Brokering
Reputation Service
ResourceBrokeringService
VOOwner/Manager
RequestResource (Provider)Reputation Values/Receive Results
Request Resourcesfor VO formation
Request to Join VO
VBE
Decentralised vs. Centralised Reputation Systems
VO
Decentralised Case:
Instance ofReputationSystem
Maintain per-VO/VBEreputation values
VOInstance ofReputationSystem
Maintain per-VO/VBEreputation values
Decentralised vs. Centralised Reputation Systems
VO VO
Centralised VBE-based Reputation Database
Push per-VBEReputation Valuesat the End ofVO Lifecycle
Centralised Case:
Instance ofReputationSystem
Maintain per-VOreputation values
Instance ofReputationSystem
Maintain per-VOreputation values
Analysis of the Model
• We performed simulations using the SimGrid toolkit (http://simgrid.gforge.inria.fr/)
• Various set-ups were used:– VOs with reputation-rated resource providers– VOs with both reputation-rated resource
providers and users
VOs with Reputation-rated Resource Providers
• Assumes 20% of resources produce QoS values ranging between 85%-105% of the SLA-agreed value
• Total job completion time was improved by 25% using reputation-based scheduling over non-reputation-based scheduling (FIFO)
• Total welfare (sum of all utilities acquired by the users for their jobs) was also improved by 25% over non-reputation-based scheduling
VOs with Reputation-rated Resource Providers
Completion time vs. VO Load Factor Total Welfare vs. VO Load Factor
VOs with Reputation-rated Resource Providers and Users
• Most (least) reputable resource providers get jobs from most (least) reputable users
• User satisfaction is improved since reputable users are scheduled first
• Reliable resources are used more effectively since they get trusted tasks scheduled on them
Conclusion• We defined a utility-based reputation system for
Grid-based VOs, which should provide a measure of trust in performing Grid computational tasks
• The model is general as it can rate both VO resource providers and users and it can be used in both centralised and decentralised scenarios in the contexts of usage control and resource brokering
• The model constitutes the basis for the design of a reputation service in the EU FP6 project GridTrust (www.gridtrust.eu)– First prototype to be released this September
Future Work• Consider trade-offs in the model, for example:
– Introduce the concept of cost and the effect of pricing resources on welfare
– Reliability of monitoring service, which affects the certainty of reputation values (also known as confidence level or probability)
– Dealing with multi-user jobs (VO job submission to another VO)
• Carry out further simulations in order to understand better the model’s behaviour
• Discover more scenarios in which the model is used– E.g. sabotage tolerance in peer-to-peer systems