Reputation Management in Grid-based Virtual Organisations

Benjamin Aziz(e-Science Centre, STFC Rutherford Appleton

Laboratory, UK)

Joint work with Alvaro Arenas (STFC RAL, UK)and

Gheorghe Silaghi (Babes-Bolyai University, Romania)

The International Conference on Security and Cryptography (SECRYPT 2008) – Special Session on Trust

in Pervasive Systems and Networks

26-29 July 2008, Porto, Portugal

Content

• Introduction on Grid Computing and Reputation

• Objectives• A Utility-based Reputation Model• Reputation Management in Grids• Analysis of the Model• Conclusion and Future Work

A Model of Grid Computing

Virtual Breeding Environment (VBE)

Resource UserResource Provider(Organisation)

• The resource providers in a VBE– adhere to common operating

principles and technical infrastructure– have common goals and an objective

of participating in potential VOs

• In a VO,– The VO Owner decides on VO policy– The VO Manager manages the

formation, operation and evolution of the VO

– Trust and Security Services provide the usual desirable trust and security properties for resource and information sharing across organisational boundaries. These include reputation as a measure of trust

VirtualOrganisation

(VO)

Trust & SecurityServices

VO Owner

VO Manager

What is Reputation?

• “The overall quality or character as seen or judged by people in general … reputation can be considered as a collective measure of trustworthiness (in the sense of reliability) based on the referrals or ratings from members in a community.”

(Jøsang, 2007)

• “The expectation about future behaviour of a person or agent.”(Abdul-Rahman&Hailes, 2000)

Direct vs. Indirect Reputation

• Reputation can be formed either directly or indirectly:

– Direct Reputation: a consumer interacts with a service, after which it reports its satisfaction with the results to a reputation service

– Indirect Reputation: a consumer enquires from another consumer about past interactions, after which it forms an opinion and reports it to the reputation service

Why Do We Need Reputation?

Error frequency =1/1000000 error/hr

Error frequency =1/100 error/hr

? ?

Bad command frequency =1/1000000 cmd/OS cmd

Bad command frequency =1/100 cmd/OS cmd

Objectives

• Design a reputation management system for Grid-based VOs

• The system can qualify both users and resource providers

• The system can provide reputation management in contexts like– Fine-grained access and usage control of Grid resources– Resource brokering for setting-up VOs

• Capable of running as both in centralised and decentralised modes

A Utility-based Reputation Model

• The model is based on the concepts of Consumers, Entities, Organisations and VOs

• Entities have issues of interest to be monitored– Example: QoS levels and acceptable usage policies for

services

• Consumers have expectations about issues of interest related to entities they interact with– Example: SLA between services and their clients

A Utility-based Reputation Model

• A utility function reflects the satisfaction (value in [1,0]) consumers perceive from consuming an entity– models the traditional client feedback needed to build

reputation and can be either provided by the consumer or taken from a library

• For example, for a variable x and its value v returned by some service:

utility(x,v) = 1 if v SLA(x)utility(x,v) = v/SLA(x) otherwise

• The environment provides a trusted third party monitoring service that supplies events about entity-consumer interaction results/performance

A Utility-based Reputation Model

• The reputation of an entity w.r.t. to an issue of interest and from the perspective of a consumer is calculated by applying the utility function to values reported by the monitoring service– Example: Disk A was found to have only 55% of its advertised data

transfer speed by client X

• Aggregating over all consumers yields the reputation of the entity w.r.t. to that issue of interest in general– Example: In general, Disk A has only 85% of its advertised data transfer

speed

• Aggregating over all issues of interest yields the overall reputation of an entity– Example: In general, Disk A achieves only 70% of its advertised

specifications

Reputation Management in Grids

• Using our utility-based reputation model we want to:– Provide reputation values for Grid resources/resource

providers based on the QoS values produced by resources• QoS is formalised through SLAs

– Provide reputation values for VO Users based on their resource usage behaviour

• Usage behaviour is formalised through policies and penalties for breaking those policies

– Perform reputation-aware resource brokering when forming a VO or when replacing some of its members

Push/Pull ResourceMonitoring Info

Reputation Management for Resource Providers

ReputationService

User

Resource QoSMonitoring Service

ResourceProvider

Resources

User-Resource Interaction

RegisterSLA andUtility Function

RegisterResources

PerformReputationUpdates

Reputation Management for Resources

• The reputation updates are as follows:– Apply the Utility Function (constant w.r.t. the SLA) to

the QoS monitoring information

– Update the [VO User, QoS, VO] resource reputation value

– Update the [QoS, VO] resource reputation value

– Update the [VO] resource reputation value

– Update the [VBE] resource reputation value

Reputation Management for Resource Providers

• Additionally, the Reputation System calculates the following reputation values for the resource providers:

– The reputation value of the resource provider in a VO as an aggregation of the reputation of all its resources in that VO

– The reputation value of the resource provider in a VBE as an aggregation of its reputation in all VOs

Reputation Management for VO Users

Reputation Service

User

Resource UsageMonitoring Service

ResourceProvider

Resources

User-Resource Interaction

Push/Pull VO UserMonitoring Info

Register Resources,their Usage Policies,their Penalty Functionsand the Utility Function

PerformReputationUpdates

Reputation Management for VO Users

• The reputation updates are as follows:

– Apply the Utility Function (constant w.r.t. the Usage Policy/Penalty Function) to the usage monitoring information

– Update the [VO resource, Usage, VO] user reputation value

– Update the [Usage, VO] user reputation value

– Update the [VO] user reputation value

– Update the [VBE] user reputation value

Reputation-based Resource Brokering

Reputation Service

ResourceBrokeringService

VOOwner/Manager

RequestResource (Provider)Reputation Values/Receive Results

Request Resourcesfor VO formation

Request to Join VO

VBE

Decentralised vs. Centralised Reputation Systems

VO

Decentralised Case:

Instance ofReputationSystem

Maintain per-VO/VBEreputation values

VOInstance ofReputationSystem

Maintain per-VO/VBEreputation values

Decentralised vs. Centralised Reputation Systems

VO VO

Centralised VBE-based Reputation Database

Push per-VBEReputation Valuesat the End ofVO Lifecycle

Centralised Case:

Instance ofReputationSystem

Maintain per-VOreputation values

Instance ofReputationSystem

Maintain per-VOreputation values

Analysis of the Model

• We performed simulations using the SimGrid toolkit (http://simgrid.gforge.inria.fr/)

• Various set-ups were used:– VOs with reputation-rated resource providers– VOs with both reputation-rated resource

providers and users

VOs with Reputation-rated Resource Providers

• Assumes 20% of resources produce QoS values ranging between 85%-105% of the SLA-agreed value

• Total job completion time was improved by 25% using reputation-based scheduling over non-reputation-based scheduling (FIFO)

• Total welfare (sum of all utilities acquired by the users for their jobs) was also improved by 25% over non-reputation-based scheduling

VOs with Reputation-rated Resource Providers

Completion time vs. VO Load Factor Total Welfare vs. VO Load Factor

VOs with Reputation-rated Resource Providers and Users

• Most (least) reputable resource providers get jobs from most (least) reputable users

• User satisfaction is improved since reputable users are scheduled first

• Reliable resources are used more effectively since they get trusted tasks scheduled on them

VOs with Reputation-rated Resource Providers and Users

Total Welfarevs. time

Conclusion• We defined a utility-based reputation system for

Grid-based VOs, which should provide a measure of trust in performing Grid computational tasks

• The model is general as it can rate both VO resource providers and users and it can be used in both centralised and decentralised scenarios in the contexts of usage control and resource brokering

• The model constitutes the basis for the design of a reputation service in the EU FP6 project GridTrust (www.gridtrust.eu)– First prototype to be released this September

Future Work• Consider trade-offs in the model, for example:

– Introduce the concept of cost and the effect of pricing resources on welfare

– Reliability of monitoring service, which affects the certainty of reputation values (also known as confidence level or probability)

– Dealing with multi-user jobs (VO job submission to another VO)

• Carry out further simulations in order to understand better the model’s behaviour

• Discover more scenarios in which the model is used– E.g. sabotage tolerance in peer-to-peer systems

Thank You

• Questions?