Reputation Management in Grid-based
Virtual Organisations
Benjamin Aziz
(e-Science Centre, STFC Rutherford Appleton Laboratory, UK)
Joint work with Alvaro Arenas (STFC RAL, UK)
and
Gheorghe Silaghi (Babes-Bolyai University, Romania)
The International Conference on Security and Cryptography
(SECRYPT 2008) – Special Session on Trust in Pervasive Systems
and Networks
26-29 July 2008, Porto, Portugal
Content
•
•
•
•
•
•
Introduction on Grid Computing and Reputation
Objectives
A Utility-based Reputation Model
Reputation Management in Grids
Analysis of the Model
Conclusion and Future Work
A Model of Grid Computing
•
Virtual Breeding Environment (VBE)
The resource providers in a VBE
–
–
VO Manager
Virtual
Organisation
(VO)
•
In a VO,
–
–
–
VO Owner Trust & Security
Services
Resource Provider
(Organisation)
Resource
User
adhere to common operating principles
and technical infrastructure
have common goals and an objective of
participating in potential VOs
The VO Owner decides on VO policy
The VO Manager manages the formation,
operation and evolution of the VO
Trust and Security Services provide the
usual desirable trust and security
properties for resource and information
sharing across organisational boundaries.
These include reputation as a measure
of trust
What is Reputation?
• “The overall quality or character as seen or judged by
people in general … reputation can be considered as a
collective measure of trustworthiness (in the sense of
reliability) based on the referrals or ratings from
members in a community.”
(Jøsang, 2007)
• “The expectation about future behaviour of a person or
agent.”
(Abdul-Rahman&Hailes, 2000)
Direct vs. Indirect Reputation
• Reputation can be formed either directly or
indirectly:
– Direct Reputation: a consumer interacts with a
service, after which it reports its satisfaction with
the results to a reputation service
– Indirect Reputation: a consumer enquires from
another consumer about past interactions, after
which it forms an opinion and reports it to the
reputation service
Why Do We Need Reputation?
Error frequency =
1/1000000 error/hr
Bad command frequency =
1/1000000 cmd/OS cmd
?
?
Error frequency =
1/100 error/hr
Bad command frequency =
1/100 cmd/OS cmd
Objectives
• Design a reputation management system for Grid-based
VOs
• The system can qualify both users and resource providers
• The system can provide reputation management in contexts
like
– Fine-grained access and usage control of Grid resources
– Resource brokering for setting-up VOs
• Capable of running as both in centralised and decentralised
modes
A Utility-based Reputation Model
• The model is based on the concepts of Consumers,
Entities, Organisations and VOs
• Entities have issues of interest to be monitored
– Example: QoS levels and acceptable usage policies for
services
• Consumers have expectations about issues of
interest related to entities they interact with
– Example: SLA between services and their clients
A Utility-based Reputation Model
• A utility function reflects the satisfaction (value in [1,0])
consumers perceive from consuming an entity
– models the traditional client feedback needed to build reputation and
can be either provided by the consumer or taken from a library
• For example, for a variable x and its value v returned by some
service:
utility(x,v) = 1
if v SLA(x)
utility(x,v) = v/SLA(x)
otherwise
• The environment provides a trusted third party monitoring service
that supplies events about entity-consumer interaction
results/performance
A Utility-based Reputation Model
•
The reputation of an entity w.r.t. to an issue of interest and from the
perspective of a consumer is calculated by applying the utility function to
values reported by the monitoring service
– Example: Disk A was found to have only 55% of its advertised data transfer
speed by client X
•
Aggregating over all consumers yields the reputation of the entity w.r.t. to
that issue of interest in general
– Example: In general, Disk A has only 85% of its advertised data transfer
speed
•
Aggregating over all issues of interest yields the overall reputation of an
entity
– Example: In general, Disk A achieves only 70% of its advertised specifications
Reputation Management in Grids
• Using our utility-based reputation model we want to:
– Provide reputation values for Grid resources/resource
providers based on the QoS values produced by resources
• QoS is formalised through SLAs
– Provide reputation values for VO Users based on their
resource usage behaviour
• Usage behaviour is formalised through policies and penalties
for breaking those policies
– Perform reputation-aware resource brokering when forming
a VO or when replacing some of its members
Reputation Management for Resource Providers
Resource
Provider
Resource QoS
Monitoring Service
Push/Pull Resource
Monitoring Info
Resources
User
User-Resource Interaction
Register
SLA and
Utility Function
Register
Resources
Perform
Reputation Reputation
Updates
Service
Reputation Management for Resources
• The reputation updates are as follows:
– Apply the Utility Function (constant w.r.t. the SLA) to the QoS
monitoring information
– Update the [VO User, QoS, VO] resource reputation value
– Update the [QoS, VO] resource reputation value
– Update the [VO] resource reputation value
– Update the [VBE] resource reputation value
Reputation Management for Resource Providers
• Additionally, the Reputation System calculates the
following reputation values for the resource providers:
– The reputation value of the resource provider in a VO as an
aggregation of the reputation of all its resources in that VO
– The reputation value of the resource provider in a VBE as an
aggregation of its reputation in all VOs
Reputation Management for VO Users
Resource
Provider
Resource Usage
Monitoring Service
Push/Pull VO User
Monitoring Info
Resources
User-Resource Interaction
Register Resources,
their Usage Policies,
their Penalty Functions
and the Utility Function
Perform
Reputation
Updates
Reputation Service
User
Reputation Management for VO Users
• The reputation updates are as follows:
– Apply the Utility Function (constant w.r.t. the Usage
Policy/Penalty Function) to the usage monitoring information
– Update the [VO resource, Usage, VO] user reputation value
– Update the [Usage, VO] user reputation value
– Update the [VO] user reputation value
– Update the [VBE] user reputation value
Reputation-based Resource Brokering
VBE
Request Resources
for VO formation
Resource
Brokering
Service
Request to Join VO
Request
Resource (Provider)
Reputation Values/
Receive Results
Reputation Service
VO
Owner/
Manager
Decentralised vs. Centralised Reputation
Systems
Decentralised Case:
VO
Instance of
Reputation
System
Maintain per-VO/VBE
reputation values
VO
Instance of
Reputation
System
Maintain per-VO/VBE
reputation values
Decentralised vs. Centralised Reputation
Systems
Centralised Case:
VO
VO
Instance of
Reputation
System
Maintain per-VO
reputation values
Push per-VBE
Reputation Values
at the End of
VO Lifecycle
Instance of
Reputation
System
Maintain per-VO
reputation values
Centralised VBE-based Reputation Database
Analysis of the Model
• We performed simulations using the SimGrid
toolkit (http://simgrid.gforge.inria.fr/)
• Various set-ups were used:
– VOs with reputation-rated resource providers
– VOs with both reputation-rated resource providers
and users
VOs with Reputation-rated Resource
Providers
• Assumes 20% of resources produce QoS values
ranging between 85%-105% of the SLA-agreed value
• Total job completion time was improved by 25% using
reputation-based scheduling over non-reputationbased scheduling (FIFO)
• Total welfare (sum of all utilities acquired by the users
for their jobs) was also improved by 25% over nonreputation-based scheduling
VOs with Reputation-rated Resource
Providers
Completion time vs. VO Load Factor
Total Welfare vs. VO Load Factor
VOs with Reputation-rated Resource
Providers and Users
• Most (least) reputable resource providers get jobs
from most (least) reputable users
• User satisfaction is improved since reputable users
are scheduled first
• Reliable resources are used more effectively since
they get trusted tasks scheduled on them
VOs with Reputation-rated Resource
Providers and Users
Total Welfare
vs. time
Conclusion
• We defined a utility-based reputation system for Gridbased VOs, which should provide a measure of trust in
performing Grid computational tasks
• The model is general as it can rate both VO resource
providers and users and it can be used in both centralised
and decentralised scenarios in the contexts of usage
control and resource brokering
• The model constitutes the basis for the design of a
reputation service in the EU FP6 project GridTrust
(www.gridtrust.eu)
– First prototype to be released this September
Future Work
• Consider trade-offs in the model, for example:
– Introduce the concept of cost and the effect of pricing
resources on welfare
– Reliability of monitoring service, which affects the certainty of
reputation values (also known as confidence level or
probability)
– Dealing with multi-user jobs (VO job submission to another VO)
• Carry out further simulations in order to understand
better the model’s behaviour
• Discover more scenarios in which the model is used
– E.g. sabotage tolerance in peer-to-peer systems
Thank You
• Questions?