期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

HPC机群分布式强制访问控制技术可行性研究

Feasibility Research on Distributed Mandatory Access Control for HPC Cluster
下载PDF
导出
摘要 高性能计算(high performance computing,HPC)机群具有单一系统和分布式系统的双重特点,从而对机群的安全性提出了新的挑战。根据高性能计算机群的安全现状和需求,提出了一种适用于高性能计算机群的分布式强制访问控制模型;根据该模型设计了一个基于单节点的强制访问控制系统SE Linux,实现了高性能计算机群访问控制系统框架,并搭建了一个原型系统。最后,对高性能计算机群强制访问控制技术的可行性进行了分析和验证。分析结果表明,高性能计算机群分布式强制访问控制技术在功能上能够满足高性能计算机群的安全需求,对系统的计算和带宽的消耗也在可接受的范围内。 The high performance computing (HPC) cluster has the features of single system and distributed system, the cluster security is a new challenge. According to the research and analysis on the security and demand of cluster, this paper puts forward a suitable model for HPC cluster, and designs an implementation framework based on the node-level mandatory access control (MAC) system, SE Linux. Then, this paper builds a prototype system. In the last section, this paper studies the feasibility of the distributed mandatory access control for HPC cluster, both the function and the performance. The results show that, the MAC technology for HPC cluster can satisfy the security demand of the HPC cluster in the function, and the cost of MAC also can be acceptable.
作者 霍建同 李云春 杨秀梅
机构地区 北京航空航天大学网络信息中心
出处 《计算机科学与探索》 CSCD 2014年第5期543-549,共7页 Journal of Frontiers of Computer Science and Technology
关键词 高性能计算机群 强制访问控制(MAC) 机群安全策略 MANDATORY ACCESS control (MAC) SE Linux high performance computing cluster SE Linux cluster security strategy
分类号 TP309 [自动化与计算机技术—计算机系统结构]
  • 相关文献

参考文献14

  • 1Yurcik W, Koenig G, Meng Xin, et al. Cluster security as aunique problem with emergent properties: issues and techniques[C] //Proceedings of the 5th LCI International Conferenceon Linux Cluster, 2004: 18-20. 被引量:1
  • 2Pourzandi M, Gordon D, Yurcik W, et al. Clusters and security:distributed security for distributed systems[C] //Proceedingsof the 5th IEEE International Symposium on ClusterComputing and the Grid (CCGrid ?05). Washington, DC,USA: IEEE Computer Society, 2005: 96-104. 被引量:1
  • 3Lee A J, Winslett M. Open problems for usable and secureopen systems[C] //Proceedings of the Workshop on UsabilityResearch Challenges for Cyberinfrastructure and Tools,Montréal, Canada, Apr 2006. 被引量:1
  • 4Yurcik W, Meng Xin, Kiyanclar N. NVisionCC: a visualizationframework for high performance cluster security[C] //Proceedings of the 2004 ACM Workshop on Visualization andData Mining for Computer Security (VizSEC/DMSEC ?04).NewYork, NY, USA: ACM, 2004: 133-137. 被引量:1
  • 5Abadi M, Burrows M, Lampson B, et al. A calculus for accesscontrol in distributed systems[J] . ACM Transactions on ProgrammingLanguages and Systems, 1993, 15(4): 706-734. 被引量:1
  • 6Leangsuksun C, Tikotekar A, Pourzandi M, et al. Feasibilitystudy and early experimental results towards cluster survivability[C] //Proceedings of the 5th IEEE International Symposiumon Cluster Computing and the Grid (CCGrid ?05).Washington, DC, USA: IEEE Computer Society, 2005: 77-81. 被引量:1
  • 7Smith M, Engel M, Friese T, et al. Security issues in on-demandgrid and cluster computing[C] //Proceedings of the 6th IEEEInternational Symposium on Cluster Computing and Grid(CCGrid ?06). Washington, DC, USA: IEEE Computer Society,2006: 14-24. 被引量:1
  • 8Leung AW, Miller E L. Scalable security for large, high performancestorage systems[C] //Proceedings of the 2nd ACMWorkshop on Storage Security and Survivability (StorageSS ?06),Alexandria, USA, 2006. New York, NY, USA: ACM, 2006:29-40. 被引量:1
  • 9Ian F, Karonis N, Kessehnan C. Managing security in highperformance distributed computations[J] . Cluster Computing,1998, 1(1): 95-107. 被引量:1
  • 10Wright C, Cowan C, Smalley S, et al. Linux security modules:general security support for the Linux kernel[C] //Proceedingsof the 11th USENIX Security Symposium. Berkeley, CA,USA:USENIX Association, 2002: 17-31. 被引量:1
计算机科学与探索
2014年 第5期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部