Reputation Management in Grid-based Virtual Organisations Benjamin Aziz (e-Science Centre, STFC Rutherford Appleton Laboratory, UK) Joint work with Alvaro Arenas (STFC RAL, UK) and Gheorghe Silaghi (Babes-Bolyai University, Romania) The International Conference on Security and Cryptography (SECRYPT 2008) – Special Session on Trust in Pervasive Systems and Networks July 2008, Porto, Portugal
Content Introduction on Grid Computing and Reputation Objectives A Utility-based Reputation Model Reputation Management in Grids Analysis of the Model Conclusion and Future Work
A Model of Grid Computing The resource providers in a VBE –adhere to common operating principles and technical infrastructure –have common goals and an objective of participating in potential VOs In a VO, –The VO Owner decides on VO policy –The VO Manager manages the formation, operation and evolution of the VO –Trust and Security Services provide the usual desirable trust and security properties for resource and information sharing across organisational boundaries. These include reputation as a measure of trust VO Manager
What is Reputation? “The overall quality or character as seen or judged by people in general … reputation can be considered as a collective measure of trustworthiness (in the sense of reliability) based on the referrals or ratings from members in a community.” (Jøsang, 2007) “The expectation about future behaviour of a person or agent.” (Abdul-Rahman&Hailes, 2000)
Direct vs. Indirect Reputation Reputation can be formed either directly or indirectly: –Direct Reputation: a consumer interacts with a service, after which it reports its satisfaction with the results to a reputation service –Indirect Reputation: a consumer enquires from another consumer about past interactions, after which it forms an opinion and reports it to the reputation service
Why Do We Need Reputation? Error frequency = 1/ error/hr Error frequency = 1/100 error/hr ? ? Bad command frequency = 1/ cmd/OS cmd Bad command frequency = 1/100 cmd/OS cmd
Objectives Design a reputation management system for Grid-based VOs The system can qualify both users and resource providers The system can provide reputation management in contexts like –Fine-grained access and usage control of Grid resources –Resource brokering for setting-up VOs Capable of running as both in centralised and decentralised modes
A Utility-based Reputation Model The model is based on the concepts of Consumers, Entities, Organisations and VOs Entities have issues of interest to be monitored –Example: QoS levels and acceptable usage policies for services Consumers have expectations about issues of interest related to entities they interact with –Example: SLA between services and their clients
A Utility-based Reputation Model A utility function reflects the satisfaction (value in [1,0]) consumers perceive from consuming an entity –models the traditional client feedback needed to build reputation and can be either provided by the consumer or taken from a library For example, for a variable x and its value v returned by some service: utility(x,v) = 1if v SLA(x) utility(x,v) = v/SLA(x)otherwise The environment provides a trusted third party monitoring service that supplies events about entity-consumer interaction results/performance
A Utility-based Reputation Model The reputation of an entity w.r.t. to an issue of interest and from the perspective of a consumer is calculated by applying the utility function to values reported by the monitoring service –Example: Disk A was found to have only 55% of its advertised data transfer speed by client X Aggregating over all consumers yields the reputation of the entity w.r.t. to that issue of interest in general –Example: In general, Disk A has only 85% of its advertised data transfer speed Aggregating over all issues of interest yields the overall reputation of an entity –Example: In general, Disk A achieves only 70% of its advertised specifications
Reputation Management in Grids Using our utility-based reputation model we want to: –Provide reputation values for Grid resources/resource providers based on the QoS values produced by resources QoS is formalised through SLAs –Provide reputation values for VO Users based on their resource usage behaviour Usage behaviour is formalised through policies and penalties for breaking those policies –Perform reputation-aware resource brokering when forming a VO or when replacing some of its members
Push/Pull Resource Monitoring Info Reputation Management for Resource Providers Reputation Service User Resource QoS Monitoring Service Resource Provider Resources User-Resource Interaction Register SLA and Utility Function Register Resources Perform Reputation Updates
Reputation Management for Resources The reputation updates are as follows: –Apply the Utility Function (constant w.r.t. the SLA) to the QoS monitoring information –Update the [VO User, QoS, VO] resource reputation value –Update the [QoS, VO] resource reputation value –Update the [VO] resource reputation value –Update the [VBE] resource reputation value
Reputation Management for Resource Providers Additionally, the Reputation System calculates the following reputation values for the resource providers: –The reputation value of the resource provider in a VO as an aggregation of the reputation of all its resources in that VO –The reputation value of the resource provider in a VBE as an aggregation of its reputation in all VOs
Reputation Management for VO Users Reputation Service User Resource Usage Monitoring Service Resource Provider Resources User-Resource Interaction Push/Pull VO User Monitoring Info Register Resources, their Usage Policies, their Penalty Functions and the Utility Function Perform Reputation Updates
Reputation Management for VO Users The reputation updates are as follows: –Apply the Utility Function (constant w.r.t. the Usage Policy/Penalty Function) to the usage monitoring information –Update the [VO resource, Usage, VO] user reputation value –Update the [Usage, VO] user reputation value –Update the [VO] user reputation value –Update the [VBE] user reputation value
Reputation-based Resource Brokering Reputation Service Resource Brokering Service VO Owner/ Manager Request Resource (Provider) Reputation Values/ Receive Results Request Resources for VO formation Request to Join VO VBE
Decentralised vs. Centralised Reputation Systems VO Decentralised Case: Instance of Reputation System Maintain per-VO/VBE reputation values VO Instance of Reputation System Maintain per-VO/VBE reputation values
Decentralised vs. Centralised Reputation Systems VO Centralised VBE-based Reputation Database Push per-VBE Reputation Values at the End of VO Lifecycle Centralised Case: Instance of Reputation System Maintain per-VO reputation values Instance of Reputation System Maintain per-VO reputation values
Analysis of the Model We performed simulations using the SimGrid toolkit ( Various set-ups were used: –VOs with reputation-rated resource providers –VOs with both reputation-rated resource providers and users
VOs with Reputation-rated Resource Providers Assumes 20% of resources produce QoS values ranging between 85%-105% of the SLA-agreed value Total job completion time was improved by 25% using reputation-based scheduling over non- reputation-based scheduling (FIFO) Total welfare (sum of all utilities acquired by the users for their jobs) was also improved by 25% over non-reputation-based scheduling
VOs with Reputation-rated Resource Providers Completion time vs. VO Load FactorTotal Welfare vs. VO Load Factor
VOs with Reputation-rated Resource Providers and Users Most (least) reputable resource providers get jobs from most (least) reputable users User satisfaction is improved since reputable users are scheduled first Reliable resources are used more effectively since they get trusted tasks scheduled on them
VOs with Reputation-rated Resource Providers and Users Total Welfare vs. time
Conclusion We defined a utility-based reputation system for Grid- based VOs, which should provide a measure of trust in performing Grid computational tasks The model is general as it can rate both VO resource providers and users and it can be used in both centralised and decentralised scenarios in the contexts of usage control and resource brokering The model constitutes the basis for the design of a reputation service in the EU FP6 project GridTrust ( –First prototype to be released this September
Future Work Consider trade-offs in the model, for example: –Introduce the concept of cost and the effect of pricing resources on welfare –Reliability of monitoring service, which affects the certainty of reputation values (also known as confidence level or probability) –Dealing with multi-user jobs (VO job submission to another VO) Carry out further simulations in order to understand better the model’s behaviour Discover more scenarios in which the model is used –E.g. sabotage tolerance in peer-to-peer systems
Thank You Questions?