New Statistical Algorithms for the Analysis of Mass - FU Berlin, FB MI ...
New Statistical Algorithms for the Analysis of Mass - FU Berlin, FB MI ...
New Statistical Algorithms for the Analysis of Mass - FU Berlin, FB MI ...
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
5.3. QAD GRID PLATFORM SERVER 117<br />
job’s parameters to <strong>the</strong> calling worker. The beauty <strong>of</strong> this is that current<br />
database technology can be used to replicate and synchronize many servers in<br />
<strong>the</strong> Grid automatically.<br />
The main task usually per<strong>for</strong>med with(-in) a Grid is computation or data<br />
analysis. Mostly this data is non-confidential but sometimes data <strong>of</strong> value<br />
are to be analyzed which need to be secured. Since usually data is replicated<br />
throughout <strong>the</strong> Grid confidential data is excluded from this process and is only<br />
provided by <strong>the</strong> server on demand. O<strong>the</strong>r data needed to be securely transmitted<br />
through <strong>the</strong> Grid are e.g. account in<strong>for</strong>mation (including passwords).<br />
To enable secure transmission <strong>of</strong> sensitive in<strong>for</strong>mation across <strong>the</strong> Grid we<br />
use a secure s<strong>of</strong>tware layer (SSL) that transparently encrypts all data. This is<br />
implemented by using public-key cryptography, namely <strong>the</strong> RSA algorithm 11 .<br />
We encrypt socket communication with <strong>the</strong> (public) receiver certificate.<br />
Communication with <strong>the</strong> database is done through an ODBC (Open Database<br />
Connectivity) driver (e.g. JDBC by Sun which is actually a bridge but fulfills<br />
<strong>the</strong> purpose). Our database is configured to only allow (SSL) encrypted<br />
connections.<br />
Data Transportation<br />
Data transportation between two machines is usually per<strong>for</strong>med by using FTP<br />
(File Transfer Protocol), its secure S-FTP version or its Grid version Grid-<br />
FTP (Allcock et al., September 2002). The benefit <strong>of</strong> using FTP is that it is<br />
relatively easy to use, has been around <strong>for</strong> a long time and is <strong>the</strong>re<strong>for</strong>e likely<br />
to be installed virtually everywhere. However, as e.g. (Huang and Grimshaw,<br />
2006) point out, <strong>the</strong> disadvantages <strong>of</strong> FTP are numerous. First, <strong>the</strong> user must<br />
have access to an FTP account (user name/password) on <strong>the</strong> target machine.<br />
Having such access means that a user could potentially do more than just file<br />
transfer, e.g. log into <strong>the</strong> target machine and access files, directories and o<strong>the</strong>r<br />
machines to which he has not been given explicit access. Fur<strong>the</strong>r, if sensitive<br />
data needs to be transfered (see section 5.3.1) <strong>the</strong> secure FTP version (SFTP)<br />
has a very big overhead. As Figure 5.3.4 shows <strong>the</strong> time needed to transport<br />
a 1GB file almost triples.<br />
Figure 5.3.4: Benchmark values <strong>for</strong> transportation data using different encryption<br />
algorithms in comparison to plain FTP. Shown is <strong>the</strong> time (in seconds) needed to<br />
transfer a 1GB file over a 1Gbit network.<br />
11 Invented by R. Rivest, A. Shamir and L. Adleman at <strong>MI</strong>T in 1977, see (Rivest et al.,<br />
1978). (RSA are <strong>the</strong> initials <strong>of</strong> <strong>the</strong>ir surnames.)