1 / 20

SWiM-Globus : S ecure Wi reless M obile (SWiM) Grid Computing Using Globus Toolkit 3.0

SWiM-Globus : S ecure Wi reless M obile (SWiM) Grid Computing Using Globus Toolkit 3.0. Xueying Chen and George Massoud ( alvy@cs.ucla.edu and gmassoud@cs.ucla.edu) CS218 Fall 2003 Project Tutor: JieJun Kong (jkong@cs.ucla.edu) Professor Mario Gerla (gerla@cs.ucla.edu). Outline.

dard
Download Presentation

SWiM-Globus : S ecure Wi reless M obile (SWiM) Grid Computing Using Globus Toolkit 3.0

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. SWiM-Globus:Secure Wireless Mobile (SWiM) Grid ComputingUsing Globus Toolkit 3.0 Xueying Chen and George Massoud(alvy@cs.ucla.edu and gmassoud@cs.ucla.edu)CS218 Fall 2003 Project Tutor: JieJun Kong (jkong@cs.ucla.edu) Professor Mario Gerla (gerla@cs.ucla.edu)

  2. Outline • Background and Problem • Grid computing & Mobile wireless computing • SWiM • Marriage of grid computing & wireless computing • Design • Implementation • Globus Toolkit • Registration and Connect Components • Conclusions

  3. Grid Computing:Large-scale resource sharing • Example • Web Service vs. Grid Service (e.g., Globus’ Open Grid Services Architecture, OGSA) • Web service • Interface to persistent state of a single domain • Subject to centralized control • Pure application layer business • Grid service • Interfaces to transient states of distributed activities • Subject to de-centralized coordination • But not subject to centralized control • A middleware between applications and the network

  4. Problem Statement applications IP • IP protocol stack: an “hourglass” • Simple network IP layer  scalable Internet  “end-to-end argument”: new functions not easy to add inside network, but on end terminals • Cross-domain/subnet mobility • Mobile-IP [Perkins], complexity totally in IP layer • End-to-end mobility [Snoren], changes TCP protocol • Our design choice: grid middleware, no change to standard IP protocol stack • Node can roam across SWiM grids while keep application/computing alive media

  5. Marrying Mobile Wireless Computing with Grid Computing • Both applicable to large scale networks • In particular, around the Internet • Resource sharing in different local domains not subject to centralized control • But should be coordinable in service provisioning • Such coordination rely on standard, open, general-purpose protocols/interfaces • IPv4 (de facto network layer) • Globus (de facto grid computing standard)

  6. Modeling Wireless LANs as SWiM Grids • An autonomous WLAN becomes a grid by running Globus • This grid becomes a SWiM-Grid by running SWiM-Globus • SWiM-Grid can expand to global scale when more and more WLANs join • Any IPv4-conforming wireless node can roam across any SWiM-Grids

  7. Design: Zero IP stack change • Basic SWiM-Grid • Standard IPv4 stack, no extra supports(i.e., IPv4+TCP/UDP only, no Mobile IP/IPv6 or DHCP/RADIUS/Kerberos etc.) • Satiated SWiM-Grid • Has extra supports • SWiM must be consistent with both scenarios • IPNL (IP Next Layer, P.Francis SIGCOMM 2001) • Use Network Address Translation (NAT) • Tolerate any foreign address • Scalable, efficient, expand local IP space

  8. Registration coordinates with NAT-box Use your current SWiM-Grid to register Establish connection High Level Design Flow

  9. Becomes a Grid: Globus • Open source downloadable from www.globus.org • Currently version 3.0.2, installed in our home computers, Netlab3.cs.ucla.edu, and a laptop functioning as escort • Secure resource allocation, management, directory service, communication, fault detection, and portability • Done!

  10. Application Internet Protocol Architecture “Coordinating multiple resources”: ubiquitous infrastructure services, app-specific distributed services Collective “Sharing single resources”: negotiating access, controlling use Resource “Talking to things”: secured communication (Internet protocols) Connectivity Transport Internet “Controlling things locally”: Interface access to, & control of, resources Fabric Link Globus’ Grid Architecture Application

  11. Application Internet Protocol Architecture SWiM-grid Registration Service to coordinate NAT-boxes Collective Resource Single NAT-boxes realized A NAT-box with secure communication capability Connectivity Transport Internet Interface to realize a rawNAT in operating system kernel and network interfaces Fabric Link Becomes SWiM-Grid: SWiM-Globus Application

  12. SWiM Implementation Using Globus Components: • Registration Page: provide client web-based GUI to request token • Registration Service: implemented using Globus OGSA Service. • Authentication • Issue Token to client. • Coordination for NAT-Box Factory Service. • Client Connect GUI: Java application. Connect user to NAT-box • NAT-Box Service: • Verify Client IP/Token • Network Address Translation • Coordination between client and secured LAN

  13. Globus Factory Service • Globus Grid uses factory approach (e.g. OGSA web service) • Encapsulated • Individuals do not interfere with each other • Transient • Has States and history • Secure and robust Registration Service Instance Client A Registration Service Instance Client B Registration Service Factory Registration Service Instance Client C Create New Instance Client D

  14. Request Anonymous Token (using web GUI) Authentication Failed Invalid IP/Token Authentication Success Notify Client IP Anonymous Token Modify NAT-Box IP Table Present Token (using Client Connect GUI) Client Invalid Credentials:Error Message to Client Valid Credentials:Issue Token to Client SWiM-Globus Grid Service Work Flow Registration Service Client NAT Box SWiM-Grid

  15. Low-end Interface:SWiM-Globus Fabric Layer Input from the client: Generate Script to modify the IP table: /sbin/iptable -A OUTPUT -d Client-chosenIP -j ACCEPT /sbin/iptable -A FORWARD -d Client-chosenIP -j ACCEPT /sbin/iptable -A FORWARD -s Client-chosenIP -j ACCEPT /sbin/iptable -t nat -A POSTROUNTING -o eth0 -j MASQUERADE

  16. Implementation: Inner 3 layers • Registration Service as NAT-box coordinator • Implemented on OGSA (Open Grid Service Architecture) • Globus’ Grid augmentation for Web services • Mobile nodes connect to Web frontend  Globus OGSA service  Coordinate NAT-boxes upon successful registration

  17. Data Flow: Inner 3 Layers Input to Registration Service From the Client Output From Registration to the Client Notification From Registration Service to the NAT Server Service

  18. High-end Interface:SWiM-Globus Application Layer Register Client implemented using Tomcat to allow user request token from any standard Web browser

  19. Demo?

  20. Future Work • Create an open source archive for SWiM-Globus-1.0 (reference to Globus-Toolkit 3.0.2) • Persistent connection handoff • No change on IP and TCP • Transparent to end terminals (i.e., no change to both ends’ states) • Use coordinable NAT-boxes in-between the two ends to handle transitions

More Related