Trustworthy Distributed Systems Through Integrity-Reporting

  • Jun Ho Huh
  • Andrew Martin
Part of the Computer Communications and Networks book series (CCN)


With the growing influence of e-Science, substantial quantities of research are being facilitated, recorded, and reported by means of distributed computing. As a result, the scope for malicious intervention continues to grow and so do the rewards available to those able to steal the models and data that have significant commercial value. Researchers are often reluctant to exploit the full benefits of distributed computing because they fear the compromise of their sensitive data or the uncertainty of the returned results. In this chapter, we propose two types of trustworthy distributed systems – one suitable for a computational system and the other for a distributed data system. Central to these systems is the novel idea of configuration resolver, which, in both designs, is responsible for filtering trustworthy hosts and ensuring that jobs are dispatched to those considered trustworthy. Furthermore, the blind analysis server enables statistical analyses to be performed on sensitive raw data – collected from multiple sites – without disclosing it to anyone.


Virtual Machine Trusted Platform Module Virtual Machine Monitor Policy Enforcement Point Virtual Machine Image 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.



The work described is supported by a studentship from QinetiQ. David Power, Mark Slaymaker, and Peter Lee provided help with the healthcare grid example. David Wallom, Steven Young, and Matteo Turilli provided insights on the National Grid Service.


  1. 1.
    2009. (accessed February 08, 2010).
  2. 2.
    Thain, D, T Tannenbaum, and M Linvy. “Distributed computing in practice: the Condor experience.” Concurrency - Practice and Experience, 2005: 17(2–4):323–356.Google Scholar
  3. 3.
    Wallom, D C, and A E Trefethen. “OxGrid, a campus grid for the University of Oxford.” UK e-Science All Hands Meeting. 2006.Google Scholar
  4. 4.
    Power, D J, E A Politou, M A Slaymaker, and A C Simpson. “Towards secure grid-enabled healthcare.” Software Practice and Experience, 2002.Google Scholar
  5. 5.
    Duncan, G T, and R W Pearson. “Enhancing Access to Microdata While Protecting Confidentiality.” Statistical Science, 1991: 6(3):219–232.CrossRefGoogle Scholar
  6. 6.
    Simpson, A C, D J Power, M A Slaymaker, and E A Politou. “GIMI: Generic Infrastructure for Medical Informatics.” Proceedings of the 18th IEEE Symposium on Computer-Based Medical Systems. 2005. 564–566.Google Scholar
  7. 7.
    Freeman, R. “Medical records and public policy: the discursive (re)construction of the patient in Europe.” Workshop 9: ‘Policy, Discourse and Institutional Reform. ECPR Joint Sessions of Workshops, 2001.Google Scholar
  8. 8.
    Trusted Computing Group Backgrounder. 2006. (accessed February 09, 2010).
  9. 9.
    Grawrock, D. “The Intel Safer Computing Initiative.” 119–142. Intel Press, 2006.Google Scholar
  10. 10.
    “TPM Main Specification Version 1.2.” TCG Workgroup. 2003.
  11. 11.
    TCG. “TCG Infrastructure Working Group Architecture Part II - Integrity Management.” November 2006.
  12. 12.
    Sugerman, J, G Venkitachalam, and B Lim. “Virtualizing I/O Devices on VMware Workstation’s Hosted Virtual Machine Monitor.” Proceedings of the General Track: 2002 USENIX Annual Technical Conference. USENIX, 2001. 1–14.Google Scholar
  13. 13.
    Xen. “Xen: Enterprise Grade Open Source Virtualization A XenSource White Paper.” 2005.
  14. 14.
    Adams, K, and O Agesen. “A comparison of software and hardware techniques for x86 virtualization.” Proceedings of the 12th international conference on Architectural support for programming languages and operating systems. ACM, 2006. 2–13.Google Scholar
  15. 15.
    Strongin, G. “Trusted computing using AMD “Pacifica” and “Presidio” secure virtual machine technology.” Information Security Technical Report, 2005: 10(2):120–132.MathSciNetCrossRefGoogle Scholar
  16. 16.
    Foster, I, C Kesselman, G Tsudik, and S Tuecke. “A security architecture for computational grids.” Proceedings of the 5th ACM conference on computer and communications security. ACM, 1998. 83–92.Google Scholar
  17. 17.
    Sadeghi, A R, and C Stüble. “Taming “Trusted Platforms” by Operating System Design.” Information Security Applications. Lecture Notes in Computer Science, 2004. 2908:1787–1801.Google Scholar
  18. 18.
    Hohmuth, M, M Peter, H Hartig, and J S Shapiro. “Reducing TCB size by using untrusted components: small kernels versus virtual-machine monitors.” EW11: Proceedings of the 11th workshop on ACM SIGOPS European workshop. ACM, 2004. 22.Google Scholar
  19. 19.
    Stumpf, F, M Benz, M Hermanowski, and C Eckert. “An Approach to a Trustworthy System Architecture Using Virtualization.” Autonomic and Trusted Computing. Lecture Notes in Computer Science, 2007. 191–202.Google Scholar
  20. 20.
    Figueiredo, R J, P A Dinda, and J A Fortes. “A case for grid computing on virtual machines.” 23rd IEEE International Conference on Distributed Computing Systems (ICDCS’03). IEEE Computer Society, 2003.Google Scholar
  21. 21.
    Keahey, K, K Doering, and I Foster. “From sandbox to playground: Dynamic virtual environments in the grid.” 5th International Conference on Grid Computing (Grid 2004). IEEE Computer Society, 2004.Google Scholar
  22. 22.
    Löhr, H, HV Ramasamy, and A R Sadeghi. “Enhancing Grid Security Using Trusted Virtualization.” Autonomic and Trusted Computing. 372-384: Lecture Notes in Computer Science, 2007. 372–384.Google Scholar
  23. 23.
    Yau, P W, A Tomlinson, S Balfe, and E Gallery. “Securing Grid Workflows with Trusted Computing.” ECCS (3). Lecture Notes in Computer Science, 2008. 510–519.Google Scholar
  24. 24.
    Vejda, T, R Toegl, M Pirker, and T Winkler. “Towards Trust Services for Language-Based Virtual Machines for Grid Computing.” TRUST. Lecture Notes in Computer Science, 2008. 48–59.Google Scholar
  25. 25.
    Mao, W, F Yan, and C Chen. “Daonity: grid security with behaviour conformity from trusted computing.” STC. ACM, 2006. 43–46.Google Scholar
  26. 26.
    Sadeghi, A R, and C Stuble. “Property-based Attestation for Computing Platforms.” NSPW ‘04: Proceedings of the 2004 workshop on New security paradigms. ACM, 2004. 67–77.Google Scholar
  27. 27.
    Cooper, A, and A Martin. “Trusted Delegation for Grid Computing.” The Second Workshop on Advances in Trusted Computing. 2006.Google Scholar
  28. 28.
    Wang, D, and A Wang. “Trust Maintenance Toward Virtual Computing Environment in the Grid Service.” APWeb. Lecture Notes in Computer Science, 2008. 166–177.Google Scholar
  29. 29.
    Pradheep, S S, S Santhanam, P Elango, A Arpaci-dusseau, and M Livny. “Deploying Virtual Machines as Sandboxes for the Grid.” In Second Workshop on Real, Large Distributed Systems (WORLDS 2005). 2005. 712.Google Scholar
  30. 30.
    Garfinkel, T, B Pfaff, M Rosenblum, and D Boneh. “Terra: A Virtual Machine-Based Platform for Trusted Computing.” Proceedings of the 19th ACM Symposium on Operating Systems Principles (SOSP ‘03). ACM, 2003. 193–206.Google Scholar
  31. 31.
    Barham, P, et al. “Xen and the art of virtualization.” SOSP ‘03: Proceedings of the nineteenth ACM symposium on Operating systems principles. ACM, 2003. 164–177.Google Scholar
  32. 32.
    Nagarajan, A, V Varadharajan, and M Hitchens. “Trust management for trusted computing platforms in web services.” STC ‘07: Proceedings of the 2007 ACM workshop on Scalable trusted computing. ACM, 2007. 58–62.Google Scholar
  33. 33.
    Sailer, R, T Jaeger, X Zhang, and LV Doorn. “Attestation-based policy enforcement for remote access.” CCS ‘04: Proceedings of the 11th ACM Conference on Computer and Communications Security. ACM, 2004. 308–317.Google Scholar
  34. 34.
    Luna, J, M D Dikaiakos, T Kyprianou, A Bilas, and M Marazakis. “Data Privacy considerations in Intensive Care Grids.” Global Healthgrid: e-Science Meets Biomedical Informatics. IOS press, 2008. 178–187.Google Scholar
  35. 35.
    O’Keefe, CM. “Privacy and the Use of Health Data - Reducing Disclosure Risk.” Health Informatics, 2008: 3(1).Google Scholar
  36. 36.
    Maguire, T, and D Snelling. “Web Services Service Group 1.2 (WS-ServiceGroup).” OASIS Open, 2004.Google Scholar
  37. 37.
    Foster, I, and C Kesselman. “The Grid: Blueprint for a New Computing Infrastructure.” Chapter 2: Computational Grids. Morgan-Kaufman, 1999.Google Scholar
  38. 38.
    Ruth, P, x Jiang, D Xu, and S Goasguen. “Virtual Distributed Environments in a Shared Infrastructure.” Computer, 2005: 38(5):63–69.CrossRefGoogle Scholar
  39. 39.
    Huh, JH, J Lyle, C Namiluko, and A Martin. “Application Whitelists in Virtual Organisations.” Future Generation Computer Systems, 2009: (Under Revision).Google Scholar
  40. 40.
    Geddes, N. “The National Grid Service of the UK.” e-Science and Grid Computing, International Conference on, 2006: 94.Google Scholar
  41. 41.
  42. 42.
    “Berkeley database information index v5.” EGEE Web. November 2009.
  43. 43.
    “Amazon Elastic Compute Cloud (Amazon EC2).” Amazon Web Services. (accessed February 17, 2010).
  44. 44.
    “Enomaly - Product Overview.” Enomaly. (accessed February 17, 2010).
  45. 45.
    Nurmi, D, et al. “The Eucalyptus Open-Source Cloud-Computing System.” CCGRID ‘09: Proceedings of the 2009 9th IEEE/ACM International Symposium on Cluster Computing and the Grid. IEEE Computer Society, 2009. 124–131.Google Scholar

Copyright information

© Springer-Verlag London Limited 2011

Authors and Affiliations

  1. 1.Oxford University Computing LaboratoryOxfordUK

Personalised recommendations