security driven scheduling model for computational grid using nsga-ii

J Grid Computing (2013) 11:721–734DOI 10.1007/s10723-013-9251-x

Security Driven Scheduling Model for Computational GridUsing NSGA-II

Rekha Kashyap · Deo Prakash Vidyarthi

Received: 6 June 2012 / Accepted: 26 February 2013 / Published online: 24 March 2013© Springer Science+Business Media Dordrecht 2013

Abstract Number of software applications de-mands various levels of security at the time ofscheduling in Computational Grid. Grid may offerthese securities but may result in the perfor-mance degradation due to overhead in offeringthe desired security. Scheduling performance ina Grid is affected by the heterogeneities of secu-rity and computational power of resources. Cus-tomized Genetic Algorithms have been effectivelyused for solving complex optimization problems(NP Hard) and various heuristics have been sug-gested for solving Multi-objective optimizationproblems. In this paper a security driven, elitistnon-dominated sorting genetic algorithm, Opti-mal Security with Optimal Overhead Scheduling(OSO2S), based on NSGA-II, is proposed. Themodel considers dual objectives of minimizing thesecurity overhead and maximizing the total secu-rity achieved. Simulation results exhibit that theproposed algorithm delivers improved makespanand lesser security overhead in comparison toother such algorithms viz. MinMin, MaxMin, SP-MinMin, SPMaxMin and SDSG.

R. Kashyap (B)Lal Bahadur Shastri Institute of Management,New Delhi, Indiae-mail: [email protected]

D. P. VidyarthiJawaharlal Nehru University, New Delhi, India

Keywords Grid computing · Security-awarescheduling · NSGA-II · Genetic algorithm ·Grid security · Security overhead

1 Introduction

A computational Grid is a collection of geo-graphically dispersed heterogeneous computingresources, giving the image of a single large virtualcomputing system to users [1–3]. Scheduling onsuch platform is an important and complex taskmore so being Grid a heterogeneous system. Themain challenge for job scheduling in Grid is itshighly dynamic environment, in which computingresources have their own access policies, security,availability etc. At the same time, resources areof greater heterogeneity in terms of their architec-tural design that includes desktop PCs to super-computers. Thus, Grid which is privately owned,heterogeneous, non dedicated network of com-puters utilizes the idle time of thousands of com-puting devices to harness the high performancecomputing power. From the users’ point of view,the objective of the Grid computing is to simplifydistributed heterogeneous computing in the man-ner the World Wide Web has simplified informa-tion sharing over the Internet [4]. The key factorsin making the Grid computing feasible are: theevolution of standards such as TCP/IP and Eth-ernet; the ever-increasing bandwidth of networks;

722 R. Kashyap, D.P. Vidyarthi

the increasing availability of idle CPU cycles onnetworked machines, and the emergence of Webservices as a logical and open choice for softwarecomputing tasks [5, 6]. Quite often, Grid comput-ing extensively supports collaborative projects onthe internet. Most of these projects have stringentsecurity requirements. The application itself im-bibes security up to some extent, but more usuallyit is to be supported and ensured by the Gridenvironment. The dynamic and multi-institutionalnature of the Grid introduces challenging secu-rity threats that warrant the development of thenew technical approaches towards this problem.In a Security-aware environment, responsibilityis delegated to the scheduler for allocating thecomputational jobs on those resources that givesbest possible security, while understanding thecomputational and security heterogeneity of theresources.

The motivation of Grid computing is to aggre-gate the power of widely distributed resources toprovide non-trivial Quality of Service (QoS) tousers in which security is an important QoS para-meter. To offer security as QoS, security choicesmust be offered to the user/application in form ofSecurity Level (SL) and in turn user/applicationmay request a level of security in the form ofSecurity Demand (SD). The underlying mecha-nism must be equipped to enter into an agreementfor the service delivery at the requested SecurityLevel. The notion of variant security requirementsand security ranges at first seem strange, as thefeeling was either to have security or ignore itat all. This is true at a gross scale since withoutsome minimum level of security, a system willbe considered inadequate for user’s requirements.But if the user’s minimum requirements are met,there can be some choices with respect to whatis adequate. The second argument for the vari-ant security would be; why a user would requireanything less than the highest level of security.The answer lies in the associated cost which maybe in form of monetary charges or even systemperformance degradation. There are many appli-cations that specify their security demand and sothere is a need for the quantification of securityservices. Irvine and Levin, in their work, haveemphasized the importance of quantification ofthe security services [7]. Sypropoulou and Agar

[8] have worked on the quantification of the IPSecProtocol.

Task scheduling in Grid is an NP-hard opti-mization problem, so many heuristic and meta-heuristic algorithms are in use aiming forsuboptimal solutions. Meta-heuristics like Sim-ulated Annealing (SA) [9], Genetic Algorithm(GA) [10, 11], Ant Colony Optimization (ACO)[12], Particle Swarm Optimization (PSO) [13], etc.are used for Grid scheduling as they generally pro-duce higher quality results than simple heuristics.Though these techniques may take a bit longeras they have to generate and evaluate many so-lutions not just one. These nature based meta-heuristics follow the Darwin’s natural selectionprinciple i.e. only the fittest can survive. Despitetheir high time complexity, they are robust andadaptive, because they make no assumptionsabout the structure of the problem. GA, a pop-ulation based meta-heuristic proposed by JohnHolland [11], is inspired by evolutionary biologyand follows most of their mechanism such as in-heritance, mutation, crossover, and selection. GAconsiders a solution as an organism, thus bet-ter the quality of the solution higher its survivalprobability. Solution evolves by applying geneticoperators such as crossover (also called recombi-nation) and mutation. GA has the escaping prop-erty from the local optima in search for the globaloptimal solution.

The presence of multiple objectives in a prob-lem, in principle, gives rise to a set of optimalsolutions (largely known as Pareto-optimal solu-tions), instead of a single optimal solution. Manystrategies based on evolutionary heuristics havebeen suggested in literature to obtain Pareto-optimal solutions [14–16]. In the absence of anyfurther information, one of these Pareto-optimalsolutions cannot be said to be better than theother. This demands a user to find as manyPareto-optimal solutions as possible. Classical op-timization methods (including the multi-criteriondecision-making methods) suggest converting theMulti Objective Optimization Problem (MOOP)to a single-objective optimization problem by em-phasizing one particular Pareto-optimal solutionat a time. When such a method is to be usedfor finding multiple solutions, it has to be appliedmany times, hopefully finding a different solution

Security Driven Scheduling Model for Computational Grid 723

in each simulation run. Multi-objective evolution-ary algorithms are the best choice because of thepopulation-based approach. The attractive fea-ture of multi-objective evolutionary algorithms istheir ability to find a wide range of non-dominatedsolutions close to the true pareto-optimal solu-tions. All non-dominated solutions discovered bya multi-objective genetic algorithm are consideredas elite solutions. Elitist mechanism does not allowan already found pareto-optimal solution to bedeleted in the entire population.

In this paper a security driven elitist non-dominated sorting genetic algorithm based onNSGA-II [17] is proposed. The model considersdual objectives of minimizing the security over-head and maximizing the total security achieved.

Next section discusses some related works inthis field. Scheduling strategy is described inSection 3. Section 4 briefs the proposed secu-rity model of this work. Section 5 describes theNSGA-II model. Analysis of the proposed modelOSO2S is given in Section 6. Experimental results,its observations for OSO2S and the comparedheuristics are presented in Section 7 epitomizingthe work in the last section.

2 Related Work

In order to achieve the promising potential ofunderlying distributed resources in the Grid,effective scheduling algorithms are fundamen-tally important. Scheduling in Grid basically hasthree phases: resource discovery, resource selec-tion and job execution [18]. Yu and Buyya haveinvestigated and applied various Grid schedul-ing approaches to different Grid scenarios [19].Effective Grid computing is possible only if theresources are scheduled well. Being a geograph-ically dispersed heterogeneous multiprocessingenvironment, task scheduling in the Grid is anNP-hard problem. Consequent to this is the emer-gence of many heuristic and evolutionary ap-proaches towards this problem [20–25]. Somewell known heuristic based Grid scheduling al-gorithms, proposed in the literature, are as fol-lows. Casanova et al. [26] proposed an adaptiveGrid scheduling algorithm for parameter sweepapplications, where tasks can share input files and

extended the Sufferage heuristics as XSufferage.DFPLTF (Dynamic Fastest Processor to LargestTask First) is a scheduling heuristic which giveshighest priority to the largest task [27]. Fujimotoand Hagihara [28] have proposed Round Robin(RR) Grid scheduling algorithm for parametersweep applications. An adaptive scheduler, bal-ancing processing loads on Grids using Genera-tional Scheduling with Task Replication(GSTR)is discussed in [29]. MinMin and MaxMin are wellknown algorithms used in real world distributedresource management systems such as SmartNet[30]. MinMin gives highest priority to the task thatcan be completed first. In MinMin, the Grid siteoffering the earliest completion time is tagged andthe task that has the minimum earliest completiontime is allocated to the respective site. MaxMinalso tags the Grid site that offers the earliestcompletion time but highest priority is given tothe task that has maximum earliest completiontime. All the above mentioned algorithms are notSecurity-aware and hence unsuitable for Securitydemanding applications.

The goal of a Security-aware scheduler is tomeet the desired security requirements and atthe same time offer a high level of performancewith respect to one or more parameters e.g.makespan, average response time, site utilization,security overhead etc. [31–33]. Further, securityheterogeneity and the Grid dynamism makes Gridscheduling more challenging as the security over-head is node dependent. Some of the Security-aware schedulers discussed in the literature areas follows. Saleh et al have proposed a new Gridscheduler with failure recovery and reschedulingmechanisms [34]; Song, Kwok and Hwang [35] en-vision a secure scheduling framework with the riskinvolved while dispatching the jobs to the remotenodes. They proposed three scheduling strategiesbased on different risk levels and modified theMinMin and Sufferage heuristics in three modes;a) Secure mode (jobs were only scheduled to thosenodes which can ensure security) b) Risky mode(jobs were scheduled to any available nodes with-out considering the risks between jobs and nodes),and c) F-risky mode (jobs were scheduled to avail-able nodes to take at most F risks). Our previ-ous works SPMinMin and SPMaxMin [36, 37] areimprovement over the work suggested by Song


(Secure MinMin). In SPMinMin and SPMaxMinsecurity requirement is the guiding parameter forscheduling decision and they guarantee the secu-rity of the job while minimizing the makespan. Allabove stated algorithms are Security-aware butmake no effort to optimize the security beyond theminimum security requirement.

SATS, suggested by Xie and Qin [38], takesinto account heterogeneities in security and com-putation. SATS also provides a means of measur-ing overhead incurred by security services. It triesto improve security and minimize makespan.

Xiaoyong et al. [39] incorporated security intointer-task dependency and proposed a securitydriven scheduling algorithm (SDS) to improvesecurity of HDS (Heterogeneous distributed sys-tems) while minimizing the makespan, risk proba-bility and speedup. Our earlier work, SDSG [40]is a GA based scheduler with dual objectivesof minimizing security overhead and maximiz-ing security. It optimizes one criterion at a timewhile making other as constraint. Chao-Chin andRen-Yi [41] proposed a GA based scheduling,addressing the heterogeneities of fault tolerantmechanism in the computational Grid. They im-proved upon the job failure rate while optimizingthe makespan. Another interesting work cited inliterature is by Kyriaki et al, wherein, they pro-posed a job scheduling algorithm for Grid using anAccelerated Genetic Algorithm. In this work, theypresented a genetic algorithm with multi-criteriaapproach, in terms of job completion time andsecurity risks [42].

Over the years, several approaches have beenused to deal with various objectives for schedulingproblems. Traditionally, the most common wayhas been to combine the multiple objectives into asingle scalar value by using weighted aggregatingfunctions according to the preferences set by thedecision-makers and then to find a compromisesolution reflecting these preferences. This can beachieved by performing the search several timesusing different preferences each time. Our earlierwork, SDSG [40] works on similar principle. Itis a GA based scheduler with dual objectives ofminimizing security overhead and maximizing se-curity value. It performs the search in two phasesusing different preference in each phase. It opti-mizes one criterion at a time while making other

as constraint. In the first phase security valueis maximized considering security overhead as aconstraint. In the second phase, security overheadis optimized (minimized) while total security valueoffered is the constraint. The candidates havingbest fitness in the final generation of the secondphase are considered as the best final solutions.

Another approach is to generate the set of com-promise solutions in a single execution of thealgorithm. This has increased the interest for in-vestigating the application of Pareto optimizationtechniques to multi-objective scheduling prob-lems. The aim in Pareto optimization is to finda set of compromise solutions that represent agood approximation to the Pareto optimal front.Over the past decade, a number of multi-objectiveevolutionary algorithms (MOEAs) have been sug-gested. The primary reason for this is their abilityto find multiple Pareto-optimal solutions in onesingle simulation run. Of them, MOGA-III [43],SPEA2 [43], NSGA-II [17], NSGA [15], NPGA[44], MOMGA [45] are some of the widely stud-ied evolutionary heuristics. The Non-dominatedSorting Genetic Algorithm (NSGA-II) proposedby Deb et al, is a well known and extensively usedalgorithm derived from its predecessor NSGA.Salazar et al. [46] have applied and comparedthe efficiency of NSGA-II with existing methodsfor reliability optimization problems. The workhere proposes a multi objective pareto optimalalgorithm, based on NSGA-II. It is named Opti-mal Security with Optimal Overhead Scheduling(OSO2S) and the dual objectives are same asin SDSG i.e. minimizing the security overheadand maximizing the total security of the Gridtasks. The above two algorithms work in entirelydifferent manner. SDSG converts a multi objec-tive optimization problem into single objectiveproblem and performs the search in two phasesusing different preferences in each phase whereasOSO2S generates the set of compromise solutionsin a single execution of the algorithm using paretooptimization.

3 Scheduling Strategy

The model proposed, in this work, considers acomputational Grid consisting of a number of non


dedicated processing nodes that in turn may bea single processor or a group of heterogeneous/homogeneous processors. A Grid job comprisedof “n” independent tasks with different computa-tional size and security requirements. The tasksare assumed to be non preemptive and indepen-dent i.e. without any precedence constraint. Atask with a desired security demand can be exe-cuted only on the resource offering the required orabove security level. Characteristics of the systemare as follows.

• A task Ti is characterized as Ti = (Szi,SDMini,) where, Szi is the computational sizein million instructions and SDMini is the min-imum security demand of the task Ti.

• Processing node N j of the Grid is character-ized as N j = (SP j, SLMax j, BT j) where, SP j

is the speed of the node in MIPS, SLMax j

is the maximum security the node can offerand BT j is the begin time of the node (timeto execute previously assigned tasks). In theproposed model, node has been assumed tohave one processor only.

• A schedule of the job is depicted as 6 tu-ples 〈Ti, P j, SLi, BT j,SOij, CTij〉 in which, Ti

is ith task, P j is jth processing node, SLi is thesecurity level assigned to the ith task (it rangesbetween SDMini, and SLMax j), BT j is the be-gin time at jth processing node, SOij is the se-curity overhead of ith task on jth node and CTij

is the completion time of the ith task on the jth

processing node. CTij is calculated using (1).

CTij = BT j + ETij + SOij (1)

Where, ETij is the Execution Time of ith task on jth

processing node and SOij is the Security Overheadof ith task on jth node. Begin time of every nodeat the start of schedule is assumed to be zero butonce the execution start, it will be cumulated.

4 Security Strategy

This section discusses the security model used toquantify the security value and security overheadcomputation, which calculates the computationalcost incurred while securing the tasks.

4.1 Security Model

One of the key factors behind the growing interestin Grid computing is the evolution of standardssuch as TCP/IP and Ethernet in networking. Forthe TCP networking model IPsec, TLS/SSL andSSH are the popularly used security protocolsoperating on its network, transport and applica-tion layer respectively [46–50]. These protocolsoffer security to a Grid application by the com-mon security services of key exchange, authentica-tion, confidentiality and integrity. Each protocolis further configured to match differing securityrequirements through cipher suite negotiations.Cipher suite is a named combination of key ex-change, authentication, encryption, and integrityalgorithms used to negotiate the security set-tings for a network connection. In the presentwork, SSL V3 protocol is considered and secu-rity levels are assigned for the cipher suites sup-ported by it. SL for each cipher-suite is basedon the weighted sum of security services involvedin the cipher-suite. Cipher-suite offering moresecurity (algorithms with longer keys) has morecomputational cost and therefore is assigned ahigher security level. The security level alsoprovides a mechanism for calculating the secu-rity overhead expenses. Subset of cipher suitessupported by SSL V3 protocol is shown inTable 1. The third row SSLCipherSpec SSL_RSA_WITH_DES_CBC_SHA indicates the useof DES with 56-bit encryption. The fourth

Table 1 The Subset ofcipher suites supported bySSL V3 protocol

Cipher suite Protocol Security level

SSLCipherSpec SSL_RSA_WITH_RC4_128_MD5 1 (Weakest)SSLCipherSpec SSL_RSA_WITH_RC4_128_SHA 2SSLCipherSpec SSL_RSA_WITH_DES_CBC_SHA 3SSLCipherSpec SSL_RSA_WITH_3DES_EDE_CBC_SHA 4SSLCipherSpec SSL_RSA_EXPORT_WITH_RC4_40_MD5 5SSLCipherSpec SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5 6 (Strongest)


row SSL CipherSpec SSL_RSA_WITH_3DES_EDE_ CBC_SHA indicates the use of 3DES with168-bit encryption. Among the six cipher suites,mentioned in the Table 1, the first one providesthe weakest security and the last one providesthe strongest security and therefore numbered assecurity level 1 (weak) to 6 (strong).

4.2 Security Overhead Computation

Security overhead is calculated as suggested byXie et al. [51] (2), where, SLi is in the range [1,2, 3. . . ..R], 1 being the lowest and R the highestsecurity level. The experiments, conducted in thiswork, keeps R to be 10. The rationale behindthis security overhead model is based on the ob-servation that security overhead of a particularapplication tends to be proportional to the ex-ecution time of the application. In other words,security overhead depends upon the amount ofdata to be secured and thus is the product of theexecution time (which depends upon data size)and relative security required. Xie et al. [32] andXiaoyong et al. [33] have proposed more precisemodel for calculating security overhead wherethey calculate security overhead for each secu-rity services namely authentication, integrity andconfidentiality. Simpler security overhead calcu-lation has been effectuated in all the algorithmssince for the comparison purposes; the result willnot be affected. Total computation time consider-ing security overhead is given in (3).

SOij = ETij × (SLi/R) (2)

CTij = BT j + ETij × (1 + SLi/R) (3)

5 Non-dominated Sorting Genetic Algorithm(NSGA-II)

Genetic algorithms (GAs) have been widelyused to tackle many complex optimization prob-lems. A GA, being search technique, has a veryunique feature of maintaining a pool of potentialsolutions, called chromosomes, and then to “re-produce” new solutions through randomly com-bining the “good features” of existing solutions.

A striking difference between a classical searchoptimization method and GA is that in the lattera population of solutions is processed in everyiteration (or generation). This feature alone givesGA a tremendous advantage for its use in solv-ing MOOP, as most important goal of an idealmulti-objective optimization procedure is to findas many Pareto-optimal solutions as possible.

NSGA, developed by Deb et al. [15], variesfrom simple GA only in the way the selec-tion operator works. The crossover and mutationoperator remain as usual. For selection a nondominated sorting is used to classify the en-tire population. The reason behind non domi-nated sorting procedure is that a ranking methodis used to emphasize good points and a nichemethod is used to maintain stable subpopula-tion of good points. An improved version ofNSGA, called NSGA-II [17], was later proposedwhich not only uses the elite-preservation strat-egy, but also uses an explicit diversity preserv-ing mechanism through niching strategy (Binarytournament selection with a crowded tournamentoperator). Crowded tournament selection is a se-lection mechanism based on tournament selec-tion whereby, a group of individuals takes partin a tournament and the winner is judged by thefitness levels (a combination of rank and crowd-ing distance) that each individual brings to thetournament. The crowding distance serves as anestimator of the perimeter of the cuboid formedby the nearest neighbors as the vertices.

6 Proposed Work

The proposed work is a multi objective optimiza-tion problem where the required objectives are:minimizing the security overhead and maximizingthe total security achieved for the Grid tasks. Animportant decision in such multi-objective opti-mization is how to evaluate the quality of solu-tions since the conflicting and incommensurablenature of some of the criteria makes this processmore complicated. The possible alternatives are asfollows.

• Combine the objectives: This is one of theclassical methods to evaluate the fitness of the


solution in multi-objective optimization. Itrefers to converting the multi-objective prob-lem into a single-objective one by combiningthe various criteria into a single scalar value.The most common way of doing this is by set-ting weights to each criterion and adds themall together using an aggregating function.

• Alternating the objective: This is also an ap-proach that has been used for many years.It refers to optimizing one criterion at atime while imposing constraints on the others.The most challenging task in such optimiza-tion problem is to decide upon the value ofconstraints.

• Pareto-based evaluation: In this approach, avector containing all the objective values rep-resents the solution fitness and the conceptof dominance is used to establish preferencebetween solutions. A solution x is said to benon inferior or non-dominated if there is noother solution that is better that x in all thecriteria.

Evolutionary Algorithms have become popularas robust and effective methods for solving opti-mization problems. In recent years, a wide rangeof Evolutionary Algorithms for Multi-objectiveOptimization are developed in Grid computingsystems. NSGA-II is an evolutionary algorithm,which uses pareto based evaluation with the abil-ity to find multiple Pareto-optimal solution in onesingle simulation run. Our work Optimal Securitywith Optimal Overhead Scheduling (OSO2S) isbased on NSGA-II.

6.1 OSO2S

The various steps involved in OSO2S are dis-cussed below.

6.1.1 Coding of Solutions

The encoding of individuals (also known as chro-mosome, solution string etc.) of the population isa key issue in genetic algorithm. In SDSG, a fixedlength integer number encoding is used wherefeasible solution is encoded in a vector calledschedule. Chromosome is of the size equal to thenumber of jobs to be scheduled. Each element

Task ID 1 2 3 4 5 6

2,3 3,5 4,6 3,10 4,3 2,8

Fig. 1 The chromosomes encoding

of the vector is an ordered pair (NodeID, Secu-rityLevel) as shown in Fig. 1. The ith entry, in theschedule, indicates that the ith task is scheduled onthe node with identity equal to NodeID and willbe executed with the security value SecurityLevel.For example, 3rd entry (4, 6) in the schedule(Fig. 1) reflects that the 3rd task is scheduled onthe node with NodeID 4 and offered SecurityLevelvalue 6. For each schedule, Node ID is randomlygenerated within the permissible range of nodes.Security level is randomly generated between theranges as shown in (4).

SDMini ≤ SLi ≤ SLMax j (4)

Where, SLi is the security offered to the ith task,SDMini is the minimum security demanded by theith task and SLMax j is the max security which thejth node can offer.

6.1.2 Fitness Function

Fitness function is one of the important compo-nents of GA to measure the quality of solutionand is problem dependent. OSO2S is a multi-objective optimization algorithm with objectivesof minimizing the security overhead and maximiz-ing the total security. Equations (5) and (6) showthe fitness functions used for calculating securityoverhead and total security for every solution(schedule).

minimize Fit(SO(x)) =n∑

i=1

SOij, ∀ j (5)

maximize Fit(SL(x)) =n∑

i=1

SLi (6)

Where, SOij is the security overhead of the ith

task on the corresponding jth node, n is the totalnumber of tasks to be scheduled and SLi is thesecurity level of ith task.


6.1.3 Initial Population

• To start with, Nparent schedules (P0) are ran-domly generated using the encoding schemealready discussed in Section 6.1.1.

• From P0 an offspring population Q0 of sizeNis created using binary tournament selec-tion, recombination, and mutation operators.

• P0 and Q0 are combined to form total initialpopulation R0 of size 2N.

6.1.4 Selection for Population Reduction

Of each solution (chromosome) in the currentpopulation (Rt) of size 2N, N parents are selectedfor the next generation population Pt+1. The stepsare as follows:

• A non dominated sorting is used to classify theentire population Rt in different non domina-tion fronts Fi, i = 1, 2. . ., etc.

• Once the non-dominated sorting is over thenew population is filled by solutions ofdifferent fronts one at a time.

• The filling starts with the best dominated frontand so on. Since the overall population size ofRt is 2N, not all fronts may be accommodatedin the N slots of the new population.

• All fronts which could not be accommodatedare simply deleted.

• If there are more solutions in last front thanthe remaining slots in the new population,niching strategy with crowded tournament se-lection operator is used to select the best solu-tions from the last front.

• Steps for crowded tournament selection are asfollows.

– Let l be the total number of solutions inlast front. Initially for each solution i =1 to l, crowding distance (di) is assignedas 0.

– For each objective function m = 1 and 2,sort the solution set for the last front in re-verse order of fitness. The two objectivesare: security overhead minimization andsecurity maximization. The sorted indicesvector Im is created for the same, whereIm,1 is the first solution of the sorted vectorand Im,l is the last solution.

– In the next step, large crowding distanceis assigned to the boundary solutionsi.e., dm,,I = dm,Il = ∞, where dm,,I1 is thecrowding distance for the first solutionfor the mth objective function. dm,Il is thecrowding distance for the last solution (lth

solution).– For all other solutions j = 2 to l − 1,

crowding distance is calculated as

dm, I j = dm, I j

+ fm, (I j + 1) − fm, (I j − 1)

fm, max − fm, min

(7)

Index I j denotes the solution of jth member in thesorted list and dm,I j denotes the crowding distanceof the jth term for the mth objective function.The second term in the (7) is the difference inthe objective function fitness values between twoneighboring solutions on either side of solution I j.The parameters fm,max and fm,min is the popula-tion minimum fitness and maximum fitness for mth

objective function.

• This way crowding distance of each solutionof the last front is calculated and stored indescending order in the list DIj.

• The remaining slots of the next generationparent population Pt+1, is filled from thetop of the list DIj, discarding the left oversolutions.

6.1.5 Of fspring Population

The offspring population Qt+1 is created fromparent population Pt+1. For obtaining offspringpopulation tournament selection with crowdingdistance, crossover and mutation are applied onparent population. Qt+1 and Pt+1 are combinedto form next generation population Rt+1 of size2N. The diversity among non-dominated solutionsis achieved by using the crowding comparisonduring tournament selection.

6.1.6 Crossover and Mutation

Genetic algorithms are based on the princi-ples that crossing two individual can result in


offspring’s normally better than both the parents.Crossover is a recombination operator that com-bines subparts of the two parent chromosomesto produce offspring that contain some parts ofgenetic material from both the parents. A single-point crossover method is used with probabilitypc = 0.7. A crossover point is randomly selectedin the parent chromosomes and the genes areexchanged from both the chromosomes beyondthe crossover point.

After selection and crossover, often mutationis performed to get out of local optimum. Themutation operation randomly selects a gene in achromosome and then mutates its value. In thepresent work, the mutation operator changes thenode and the security value of a randomly selectedtask in an arbitrary chromosome. Mutation is ap-plied with probability pm = 0.06. The crossoverand mutation probability have been decided em-pirically.

6.1.7 Termination

The entire process of population reduction,offspring population and recombination, is re-peated till it converges to a well-distributed set ofpareto-optimal solutions. In the final generationa single front with multiple pareto optimal pointsis obtained. All these solutions reflect best possi-ble security overhead for varying security values.Based on the security requirement any solutionfrom this front can be the desired solution.

7 Experimental Results and Observations

In this section, we describe the experimental set-tings, performance criterion and simulation re-sults for the proposed and studied algorithms.The comparative performance study of OSO2Shas been conducted with five other schedulingalgorithms, i.e. MinMin, MaxMin, SPMinMin,SPMaxMin and SDSG. A brief description ofthese algorithms is given below.

• MinMin—gives highest priority to the taskthat can be completed first. In this, for eachtask the Grid site that offers the earliest com-pletion time is tagged and the task that has

the minimum earliest completion time is allo-cated to the respective node. MinMin executesshorter task in parallel whereas longer taskfollows the shorter one [30].

• MaxMin—here the Grid site that offers earli-est completion time is tagged. Highest priorityis given to the task with maximum earliestcompletion time. The idea behind Max-Minis overlapping long running task with shortrunning ones. MaxMin executes many shortertasks in parallel with the longer one [30].

• SPMinMin—Security Prioritized MinMin(SPMinMin) is our earlier proposed workwhich allocates highest security demandingtasks first on the faster resources. Taskshaving same security requirement are thenscheduled according to MinMin.

• SPMaxMin—Security Prioritized MaxMin(SPMaxMin) is our earlier proposed workwhich allocates highest security demandingtasks first on the faster resources. Taskshaving same security requirement are thenscheduled according to MaxMin(SA).

• SDSG—SecurityDrivenSchedulingUsingGen-eticAlgorithm (SDSG) is a dual objectivegenetic algorithm, which aims at maximizingthe security value of the job with minimal totalsecurity overhead. This is our earlier workbased on genetic algorithm. SDSG alternatesthe two objectives: total security offered andsecurity overhead. It works in two phases.Each phase performs the crossover, mutationand selection operations to produce newsolutions. Each solution is associated with afitness value, used to evaluate the quality ofthat particular solution. The three operationsare repeated a number of times, calledgenerations, until the termination conditionis reached. In the first phase security offeredis maximized considering security overheadas a constraint. In the second phase, securityoverhead is optimized (minimized) while totalsecurity offered is the constraint.

The Grid simulator, used for the study, is im-plemented in java. It consists of Grid-Generatorand Task-Generator. Grid generator, based onsome defined range, generates the Grid environ-ment wherein Task generator produces the task.


Table 2 Input parameters for the simulation experiments

Parameter Value range

No of nodes 100Speed of the processing node (SP) 1, 2, 5, 10 (MIPS)Security level of the processing 1 to 10

node (SL)No. of tasks 100 to 1500Size of tasks 10 to 1000 (MB)Population size 100No of generations(maximum) 50Crossover probability(pc) 0.7Mutation probability(pm) 0.06

Properties of resources, in the simulations, arerandom and uniformly distributed among a pre-defined range of resource parameters as depictedin Table 2. For random value generation, therandom function of java API is used with currenttime as the seed value. Experimental study con-siders the complete heterogeneous environmentin terms of security offered by the nodes, speedof the nodes, size of the task, and security demandof the task. All simulations results were measuredwith a Sun Java SE 6.0 VM running on a WindowsServer 2003 PC with an Intel Xeon 2.13 GHzDual core CPU and 4.0 GB memory space. SinceMinMin and MaxMin are not security-offeringscheduling algorithms; a security overhead cost isimposed, in their implementations, to make themcomparable with OSO2S, SDSG, SPMinMin andSPMaxMin. The aim of OSO2S is to maximizethe security offered to the tasks with minimalsecurity overhead. For the comparisons to be fair,the other algorithms are made to perform for thesame security values as achieved by OSO2S. Thecomparisons are done on the following perfor-mance metrics:

• Security Overhead (2).• Makespan (completion time of the entire

job) = max {CTij,,i = 1, 2,. . .n}.• Average response time (time between the task

arrival and completion time) =n∑

i=1

(CTij−

ARVi)/n

CTij is the completion time of the ith task on theassigned jth processor; ARVi is the arrival time ofthe ith task and n is the number of tasks in a sched-

ule. Makespan reflects the entire job efficiencywhereas average response time indicates the per-formance of majority of the tasks within the sched-ule. A better makespan is an indication that theschedule does not suffer and a better averageresponse time suggests that majority of tasks doesnot suffer.

7.1 Convergence Analysis of Pareto-optimalSolutions of OSO2S

A non dominated sorting is used to classify theentire population Rt in different non dominationfronts Fi, i = 1, 2. . ., etc. The individuals in a frontare ranked based on their crowding distance andnon-dominated rank. The entire process of popu-lation reduction, offspring population and recom-bination, is repeated till it converges to a singlefront with a well-distributed set of pareto-optimalsolutions. The result in Fig. 2 shows, all the frontsgenerated after first generation. It also depicts,that initial fronts tend to have more solutions withdiverse range as compared to later fronts. Figure 3shows the final generation when the entire popu-lation converges. The convergence in this work isreached at the end of 43rd generation.

7.2 Performance Impact by Varying Numberof Tasks

Security overhead, makespan and average re-sponse time of OSO2S is compared with otherheuristics by varying scheduled number of tasksfrom 100 to 1500 on a Grid with 50 heterogeneous

Fig. 2 Non-domination fronts after first generation of GA


Fig. 3 Final Pareto-optimal front

nodes. In Fig. 4, experimental results show thatwhen the number of tasks increases, the timefor finishing the tasks also increases. It is alsoobserved that SDSG and OSO2S show similar

(a) Security Overhead

(b) Makespan

(c) Average response Time

Fig. 4 Performance comparisons on varying number oftasks

makespan and security overhead for lesser tasks.OSO2S showed slightly better results than SDSGwith increase in number of tasks (Fig. 4a andb). Since MinMin and MaxMin are not Security-aware algorithm, making them run with highersecurity values resulted in much higher securityoverhead and makespan. Although SPMinMinand SPMaxMin are Security-aware algorithmsand give priorities to higher security demandingtasks but showed poor performance as they arenot made to optimize security overhead. Aver-age response time measures the overall wait timefor the entire taskset. As MinMin gives priorityto smaller task it shows the best response time,whereas OSO2S and SDSG showed the secondbest among all the algorithms compared for aver-age response time metric (Fig. 4c).

7.3 Performance Impact by Varying Numberof Generations

Next, security overhead and makespan of OSO2Sis compared with SDSG for generations varyingfrom 100 to 2500. For this, task size is fixed to1000 and node size to 100. It is observed that

(a) Security Overhead

(b) Makespan

Fig. 5 Performance comparisons by varying number ofgenerations


when algorithms are terminated in fewer gener-ations pareto based multi-optimization algorithm(OSO2S) achieved a better makespan and se-curity overhead than constrained based multi-optimization algorithm (SDSG). With increase innumber of generations the two GA exhibit nearlysame performances as shown in Fig. 5. The re-sults supports the reasoning that pareto basedMOOP converges faster than constrained basedMOOP.

8 Conclusion

In this work, a non dominated sorting genetic al-gorithm (NSGA-II) is applied for Security-awarescheduling in Grid. A new model OSO2S is pro-posed and compared with five other algorithms.OSO2S is a Security-aware multi-objective geneticalgorithm which makes efforts to incorporate se-curity into task scheduling. In the comparison,it is observed that OSO2S performs better thanother Security-aware non GA algorithms. Com-paring it with constrained based multi-objectiveGA(SDSG), it is found that OSO2S being a paretobased GA converges quickly. Experimental re-sults confirm that OSO2S performs better thanother compared heuristics giving better makespanand security overhead for same level of security.The proposed algorithm can be a potential can-didate for the implementation in security basedGrid computing systems.

Acknowledgements Part of the funding toward this workhas been supported by the DST-PURSE grant. The workis partially funded by research wing of Lal Bahadur ShastriInstitute of Management, New Delhi, India.

References

1. Foster, I., Kesselman, C.: The Grid 2: blueprint for anew computing infrastructure. Morgan Kaufmann Pub-lishers Inc., San Francisco, CA, USA (2003)

2. Foster, I., Kesselman, C., Tuecke, S.: The anotomy ofthe Grid. Intl J. Supercomputer Applications (2001)

3. Foster, I.: What is the Grid? A Three PointChecklist. http://www-fp.mcs.anl/gov/foster/Articles/WhatIsTheGrid.pdf (2002)

4. Dail, H., Berman, F., Casanova, H.: A decoupledscheduling approach for Grid application development

environments. J. Parallel Distrib. Comput. 63, 505–524(2003)

5. Naedele, M.: Standards for XML and web services se-curity. Computer 36(4), 96–98 (2003)

6. Prabhakar, S., Ribbens, C., Bora, P.: Multifaceted webservices: an approach to secure and scalable Gridscheduling. In: Proceedings of EUROWEB (2002)

7. Irvine, C.E., Levin, T.E.: Toward a taxonomy and cost-ing method for security services. In: Proceedings ofthe 15th Computer Security Application Conference,Phoenix, AZ (1999)

8. Sypropoulou, E., Agar, C., Levin, T., Irvine, C.E.:IPsec modulation for quality of security service. In:Proceedings of the International System Security En-gineering Association Conference, Orlando, Florida(2002)

9. Mello, R.F., Senger, L.J.: On simulated annealing forthe scheduling of parallel applications. In: Proceedingsof the 20th International Symposium on Computer Ar-chitecture and High Performance Computing, SBAC-PAD ’08, pp. 29–36. 29 Oct 2008–1 Nov 2008 (2008)

10. Holland, J.H.: Adaptation in Natural and Artificial Sys-tems. University of Michigan Press, Ann Arbor, MI(1975)

11. Goldberg, D.E.: Genetic Algorithms in Search, Op-timization, and Machine Learning. Addison Wesley(1989)

12. Xu, X., Hou, X., Sun, J.: Ant Algorithm based taskscheduling in Grid Computing. In: Proceedings of theIEEE Canadian conference on Electrical and Com-puter Engineering, vol. 2. Montreal, pp. 1107–1110(2003)

13. Zhang, L., Chen, Y., Sun, R., Jing, S., Yang, B.: A taskschedulingalgorithm based on PSO for Grid comput-ing. Int. J. Comput. Intell. Res. 4 (2008)

14. Deb, K.: Multi-Objective Optimization Using Evolu-tionary Algorithms. Wiley, UK (2005)

15. Srinivas, N., Deb, K.: Multiobjective optimization us-ing non dominated sorting in genetic algorithms. Evol.Comput. 2(3), 221–48 (1994)

16. Zitzler, E., Thiele, L.: Multiobjective evolutionary al-gorithms: a comparative case study and the strengthPareto approach. IEEE Trans. Evol. Comput. 3(4),257–71 (1999)

17. Deb, K., Pratap, A., Agarwal, S., Meyarivan, T.: A fastand elitist multiobjective genetic algorithm: NSGAII.Kanpur Genetic Algorithms Laboratory (KanGAL),Indian Institute of Technology, KanGAL Report No.200001 (2001)

18. Schopf, J.M.: Ten actions when Grid scheduling—theuser as a Grid scheduler. In: Nabrzyski, J., Schopf, J.,Weglarz, J. (eds.) Grid Resource Management—Stateof the Art and Future Trends, pp. 15–23. Kluwer Aca-demic Publishers (2004)

19. Yu, J., Buyya, R.: A taxonomy of workflow manage-ment systems for Grid computing. J. Grid Computing3, 171–200 (2005)

20. Doulamis, N., Doulamis, A., Varvarigos, E.,Varvarigou, T.: Fair scheduling algorithms in Grids.IEEE Trans. Parallel Distrib. Syst. 18(11), 1630–1648(2007)

http://www-fp.mcs.anl/gov/foster/Articles/WhatIsTheGrid.pdf

http://www-fp.mcs.anl/gov/foster/Articles/WhatIsTheGrid.pdf


21. Hai, Z., Yuping, W.: Security-driven task schedulingbased on evolutionary algorithm. In: Proceedings ofthe International Conference on Computational Intel-ligence and Security, Suzhou, China (2008)

22. Braun, T., Hensgen, D., Freund, R., Siegel, H.,Beck, N., Boloni, L., Maheswaran, M., Reuther, A.,Robertson, J., Theys, M., Yao, B.: A comparison ofeleven static heuristics for mapping a class of indepen-dent tasks onto heterogeneous distributed computingsystems. J. Parallel Distrib. Comput. 61(6), 810–837(2001)

23. Abawajy, J.: An efficient adaptive scheduling policy forhigh performance computing. Future Gener. Comput.Syst. 25(3), 364–370 (2009)

24. Kalantari, M., Akbari, M.K.: A parallel solution forscheduling of real time applications on Grid environ-ments. Future Gener. Comput. Syst. 25(7), 704–716(2009)

25. Kun-Ming, Y., Cheng-Kwan, C.: An adaptive schedul-ing algorithm for scheduling tasks in computationalGrid. In: Proceedings of the 7th International Confer-ence on Grid and Cooperative Computing, Shenzhen,pp. 185–189 (2008)

26. Casanova, H., Legrand, A., Zagorodnov, D., Berman,F.: Heuristics for scheduling parameter sweep ap-plications in Grid environments. In: Proceedings ofthe 9th Heterogeneous Computing Workshop (HCW),pp. 349–363 (2000)

27. Paranhos, D., Cirne, W., Brasileiro, F.: Trading cyclesfor information: using replication to schedule bag-of-tasks applications on computational Grids. In: Pro-ceedings of the International Conference on Paralleland Distributed Computing (Euro-Par). Lecture Notesin Computer Science 2790, pp. 169–180 (2003)

28. Fujimoto, N., Hagihara, K.: Near-optimal dynamic taskscheduling of independent coarse-grained tasks onto acomputational Grid. In: Proceedings of the 32nd An-nual International Conference on Parallel Processing(ICPP-03), pp. 391–398 (2003)

29. de Lucchese, O.F., Yero, E.J.H., Sambatti, F.S.,Henriques, M.A.A.: An adaptive scheduler for Grids.J. Grid Computing 4, 1–17 (2006)

30. Freund, R., Gherrity, R.M., Ambrosius, S., Campbell,M., Halderman, M., Hensgen, D., Keith, E., Kidd, T.,Kussow, M., Lima, J.D., Mirabile, F.L., Moore, L.,Rust, B., Siegel, H.J.: Scheduling resources in multi-user, heterogeneous, computing environments withSmartNet. In: Proceedings of the 7th IEEE Heteroge-neous Computing Workshop (HCW’98), pp. 184–199

31. Welch, V., Siebenlist, F., Foster, I., Bresnahan, J.,Czajkowski, K., Gawor, J., Kesselman, C., Meder, S.,Pearlman L., Tuecke, S.: Security for Grid services.In: Proceedings of the International Symposium onHigh Performance Distributed Computing (HPDC-12)(2003)

32. Xie, T., Qin, X.: Enhancing security of real time appli-cations on Grids through dynamic scheduling. In: Pro-ceedings of the 11th Workshop Job Scheduling Strate-gies for Parallel Processing JSSPP, pp. 146–158 (2005)

33. Xie, T., Qin, X.: Security-aware resource allocation forreal time parallel jobs on homogeneous and hetero-

geneous clusters. IEEE Trans. Parallel Distrib. Syst.19(5), 682–697 (2008)

34. Saleh, A.I., Sarhan, A.M., Hamed, A.M.: A New Gridscheduler with failure recovery and rescheduling mech-anisms: discussion and analysis. J. Grid Computing 10,211–235 (2012)

35. Song, S., Kwok, Y.K., Hwang, K.: Trusted job schedul-ing in open computational Grids: security-drivenheuristics and a fast genetic algorithms. Proceedings ofthe International Symposium on Parallel and Distrib-uted Processing (2005)

36. Kashyap, R., Vidyarthi, D.P.: Security prioritizedcomputational Grid scheduling model: an analysis.IJGHPC 1(3), 73–84 (2009)

37. Kashyap, R., Vidyarthi, D.P.: A security prioritizedscheduling model for computational Grid. In: In-ternational Conference at HPC Asia, pp. 416–424(2009)

38. Xie, T., Qin, X.: Performance evaluation of a newscheduling algorithm for distributed systems with secu-rity heterogeneity. J. Parallel Distrib. Comput. 67(10),1067–1081 (2007)

39. Xiaoyong, T., Kenli, L., Zeng, Z., Bharadwaj, V.: Anovel security-driven scheduling algorithm for prece-dence constrained tasks in heterogeneous distrib-uted systems. IEEE Trans. Comput. 60(7), 1017–1029(2011)

40. Kashyap, R., Vidyarthi, D.P.: Security-driven schedul-ing model for computational Grid using genetic al-gorithm. In: World Congress on Engineering andComputer Science (WCECS 2011) at San Francisco,USA, 19–21 October (2011)

41. Chao-Chin, W., Ren-Yi, S.: An integrated securityaware scheduling strategy for large-scale computa-tional Grids. Future Gener. Comput. Syst. 26(2), 198–206 (2010)

42. Kyriaki, G., Helen, D., Karatza, J.: Multi-criteriajob scheduling in Grid using an accelerated ge-netic algorithm. J. Grid Computing 10, 311–323(2012)

43. Fonseca, C.M., Fleming, P.J.: Genetic algorithms formultiobjective optimization: formulation, discussionand generalization. In: Proceedings of the Fifth IntConf Genetic Algorithms, pp. 416–423. San Mateo, CA(1993)

44. Zitzler, E., Laumanns, M., Thiele, L.: SPEA2: im-proving the strength Pareto evolutionary algorithm.Evolutionary Methods for Design, Optimization andControl with Applications to Industrial Problems,pp. 95–100. Greece (2001)

45. Horn, J., Nafpliotis, N., Goldberg, D.E.: A nichedPareto genetic algorithm for multiobjective opti-mization. In: Proc. 1st IEEE Conf. EvolutionaryComputation, vol. 1. Piscataway, NJ, pp. 82–87(1994)

46. Salazar, D., Rocco, C.M., Galvan, B.J.: Optimizationof constrained multiple-objective reliability problemsusing evolutionary algorithms. Reliab. Eng. Syst. Saf.91, 1057–1070 (2006)

47. Luo, Q., Lin, Y.: Analysis and comparison of several al-gorithms in SSL/TLS handshake protocol. In: Proceed-


ings of the International Conference on InformationTechnology and Computer Science (2009)

48. Stallings, W.: Cryptography and Network Security:Principles and Practices. 4/E. Prentice Hall (2008)

49. Salter, M., Rescorla, E., Housley, R.: RFC 5430: Suit BProfile for Transport Layer Security. TLS Version 1.2.Available online at: http://tools.ietf.org/html/rfc5430(accessed on March 2011) (2009)

50. Dierks, T., Rescorla, E.: RFC 4346: The Trans-port layer Security (TLS) Protocol. Version 1.1.Available online at: http://tools.ietf.org/pdf/rfc4346.pdf(2006)

51. Xie, T., Sung, A., Qin, X.: Dynamic task schedulingwith security awareness in real time systems. In: Pro-ceedings of the 19th IEEE International Parallel andDistributed Processing Symposium (IPDPS’05)

http://tools.ietf.org/html/rfc5430

http://tools.ietf.org/pdf/rfc4346.pdf

security driven scheduling model for computational grid using nsga-ii

Documents