Abstract
Cloud computing systems include different types of participants with varied requirements for resources and multiple tasks; these varying requirements must be considered in the design of fairness-aware resource allocation schemes for better resources sharing. However, some participants may be malicious with a goal to damage the resource allocation fairness and increase their own utility. Hence, the resource scheduling policy must guarantee allocation fairness among the participants; further, it must ensure that fairness is not affected by the malicious usage of resources, that could cause resource exhaustion and lead to denial of service. In order to address this challenge, we propose a credit-based mechanism for resource allocation that will avoid the malicious usage of resources and, simultaneously, guarantee allocation fairness. In our scheme, a credit factor is introduced for each participant in order to evaluate the history of resource utilization and determine future resource allocation. Our model encourages a participant to release the occupied resources in timely manner after the completion of a task and imposes a punishment for malicious occupation of resources. We prove the fairness of our model and provide linear and variable gradient approaches to determine the credit factor for different scenarios. We simulate our model and perform experiments on a real cloud computing platform. The results prove the rationality, effectiveness and correctness of our approaches.
创新点
云计算资源分配过程中, 节点能够通过非法占用资源等恶意行为, 实现自身的资源份额最大化, 破坏资源分配公平性, 甚至造成DDoS攻击, 导致平台资源枯竭。针对该问题, 本文提出一种基于信誉的机制, 在考虑资源分配公平性的同时, 能够防止资源不被节点恶意侵占, 保证了资源分配的安全性。在节点信誉度评估方面, 针对相似任务和混合任务, 分别提出了线性和可变梯度信誉评估模型, 确保了在不同任务情况下信誉值变化的合理性。仿真实验和真实平台实验验证了本文方法的合理性、有效性和正确性。
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Bertsekas D P, Gallager R G, Humblet P. Data Networks. New Jersey: Prentice-Hall International, 1992
Tan L, Pugh A C, Yin M. Rate-based congestion control in ATM switching networks using a recursive digital filter. Control Eng Practice, 2003, 11: 1171–1181
Massoulié L, Roberts J. Bandwidth sharing: objectives and algorithms. In: Proceedings of 18th Annual Joint Conference of the IEEE Computer and Communications Societies, New York, 1999. 1395–1403
Zukerman M, Tan L, Wang H, et al. Efficiency-fairness tradeoff in telecommunications networks. IEEE Commun Lett, 2005, 9: 643–645
Baruah S K, Cohen N K, Plaxton C G, et al. Proportionate progress: a notion of fairness in resource allocation. Algorithmica, 1996, 15: 600–625
Zhu D, Mossé D, Melhem R. Multiple-resource periodic scheduling problem: how much fairness is necessary? In: Real-Time Systems Symposium, Cancun, 2003. 142–151
Blanquer J M, Özden B. Fair queuing for aggregated multiple links. In: Proceedings of the Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications, New York: ACM, 2001. 189–197
Liu Y, Knightly E. Opportunistic fair scheduling over multiple wireless channels. In: Proceedings of the 22nd Annual Joint Conference of the IEEE Computer and Communications, San Francisco, 2003. 1106–1115
Ghodsi A, Zaharia M, Hindman B, et al. Dominant resource fairness: fair allocation of multiple resource types. In: Proceedings of the 8th USENIX Symposium on Networked System Design and Implementation, Boston, 2011. 323–336
Hu H, Li Z, Hu H. An anti-cheating bidding approach for resource allocation in cloud computing environments. J Comput Inf Syst, 2012, 8: 1641–1654
Zhou F, Goel M, Desnoyers P, et al. Scheduler vulnerabilities and coordinated attacks in cloud computing. J Comput Secur, 2013, 21: 533–559
Booth G, Soknacki A, Somayaji A. Cloud security: attacks and current defenses. In: Proceedings of the 8th Annual Symposium on Information Assurance, New York, 2013. 56
Lazri K, Laniepce S, Ben-Othman J. Reconsidering intrusion monitoring requirements in shared cloud platforms. In: Proceedings of the 8th International Conference on Availability, Reliability and Security, Salzburg, 2013. 630–637
Satsiou A, Tassiulas L. Reputation-based resource allocation in P2P systems of rational users. IEEE Trans Parall Distrib Syst, 2010, 21: 466–479
Satsiou A, Tassiulas L. Reputation-based internet sharing in wireless neighborhood community networks. In: Proceedings of International Conference on Communications, Cape Town, 2010. 1–5
Shen H, Liu G. An efficient and trustworthy resource sharing platform for collaborative cloud computing. IEEE Trans Parall Distrib Syst, 2014, 25: 862–875
Gupta R, Singha N, Singh Y N. Reputation based probabilistic resource allocation for avoiding free riding and formation of common interest groups in unstructured P2P networks. Peer-to-Peer Netw Appl, in press. doi: 10.1007/s12083-015-0389-0
Tian J, Yuan P, Lu Y. Security for resource allocation based on trust and reputation in computational economy model for grid. In: Proceedings of the 4th International Conference on Frontier of Computer Science and Technology, Shanghai, 2009. 339–345
Mashayekhy L, Grosu D. A reputation-based mechanism for dynamic virtual organization formation in grids. In: Proceedings of the 41st International Conference on Parallel Processing, Pittsburgh, 2012. 108–117
Bendahmane A, Essaaidi M, Moussaoui A E, et al. Tolerating malicious resources to ensure safe computations in grid systems. In: Proceedings of International Conference on Multimedia Computing and Systems, Ouarzazate, 2011. 1–6
Bawa R K, Sharma G. Reliable resource selection in grid environment. Int J Grid Comput Appl, 2012, 1: 1–10
Kaur D, SenGupta J. P2P trust and reputation model for securing grid resource management. In: Proceedings of International Conference on Advances in Engineering, Science and Management, Nagapattinam, 2012. 524–529
Bouchenak S, Chockler G, Chockler H, et al. Verifying cloud services: present and future. ACM SIGOPS Operat Syst Rev, 2013, 47: 6–19
Campegiani P. A genetic algorithm to solve the virtual machines resources allocation problem in multi-tier distributed systems. In: Proceedings of the 2nd International Workshop on Virtualization Performance: Analysis, Characterization, and Tools, Boston, 2009
Gu J, Hu J, Zhao T, et al. A new resource scheduling strategy based on genetic algorithm in cloud computing environment. J Comput, 2012, 7: 42–52
Teng Y L, Huang T, Liu Y Y, et al. Cooperative game approach for scheduling in two-virtual-antenna cellular networks with relay stations fairness consideration. China Commun, 2013, 10: 56–70
Joe-Wong C, Sen S, Lan T, et al. Multiresource allocation: fairness-efficiency tradeoffs in a unifying framework. IEEE/ACM Trans Netw, 2013, 21: 1785–1798
Gupta R, Singh Y N. Trust estimation in peer-to-peer network using BLUE. ArXiv:1304.1649, 2013
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Lu, D., Ma, J., Sun, C. et al. Credit-based scheme for security-aware and fairness-aware resource allocation in cloud computing. Sci. China Inf. Sci. 60, 52103 (2017). https://doi.org/10.1007/s11432-015-5492-6
Received:
Accepted:
Published:
DOI: https://doi.org/10.1007/s11432-015-5492-6