网格环境中虚拟组织服务子系统的设计与实现

详细信息    本馆镜像全文|  推荐本文 |  |   获取CNKI官网全文

英文题名：The Design and Implementation of Virtual Organization Subsystem in Grid Environment 作者：武文丽 论文级别：硕士 学科专业名称：计算机软件与理论 中文关键词：网格 ; 虚拟组织 ; 虚拟组织服务子系统 ; 高性能计算 ; 资源管理 ; 用户管理 ; 凭证 英文关键词：Grid ; Virtual Organization ; Virtual Organization Subsystem ; High Performance Computing ; Resource Management ; User Management ; Passport 学位年度：2007 导师：黄永忠 学科代码：081202 学位授予单位：解放军信息工程大学 论文提交日期：2007-04-15

摘要

网格环境下,资源和用户按照一定的策略被组织在虚拟组织(VO)中进行管理,资源共享和协同建立在VO基础之上。如何构建和管理虚拟组织,实现符合特定应用需求的资源共享,是网格服务系统必须解决的关键问题之一。
     本文所讨论的虚拟组织服务子系统(以下简称子系统)是特定网格应用环境下虚拟组织构建与管理的一次具体实践。本文围绕高性能计算环境特点这一中心,通过对具有复杂内联关系的应用环境的抽象描述,将广域环境下实现特定应用目标的异构资源共享问题,转换为VO成员间的资源共享问题;而后,通过VO基本策略定义以及资源共享管理模型构建,加以解决;并以此为依据,遵循层次化、模块化思想对子系统功能进行划分,将其分为四层:门户层、服务层、逻辑功能层和数据持久层。在各层功能模块实现过程中,综合运用基于角色的访问控制模型、O/R映射工具、连通图的基本算法、Axis Handler-Chain、SSL以及RIA等解决管理复杂度简化、Java对象持久化、VO成员身份转换二义性、资源访问控制、子系统内部通信安全以及门户视图开发等问题,最终为网格用户提供统一、友好的系统管理和资源使用方式。
     最后,利用JMeter对子系统进行并发和压力测试。测试数据表明,子系统性能稳定,具有满足现有应用需求的并发能力。
In the Grid environment, resources are collaboratively shared in the form of Virtual Organization (VO), which is a dynamic collection of distributed resources and individuals, defined according to a set of resource sharing rules. How to facilitate the construction of VOs to meet the resource sharing requirement of certain application is the key issue of Grid Service System.
     The Virtual Organization Subsystem (VOS) discussed in this dissertation is an exploratory practice of VO's construction and management in High Performance Computing Environment (HPCE). Through abstracting the resource's heterogeneous features and the complex links that lie in the HPCE's current resources sharing status, the resource sharing problems in HPCE are transformed into resource sharing among VO members. On this basis, by defining the VO's basic strategies, a resource management mechanism is created, which consists of virtual organization, management domain, grid services, resource owners. In conformity with the strategies and resource management mechanism, the VOS' design adopts the modularization pattern and emphasizes the software hierarchy, according to which the VOS is divided into four layers: Portal Layer, Web Service Layer, Logic Function Layer, and Data Persistence Layer. During the implementation, RBAC, Object/Relation Tool, Axis's Handler-Chain, SSL are used to achieve reliable resources sharing and ensure the security of internal communication, Depth-First Search in the Connected Graph is adopted to avoid the confusion in the course of VO Member's identity transformation, and in addition the RIA technology is employed to supply a friendly portal for grid users.
     At the end of the dissertation, the VOS is tested by JMeter.The testing data indicates that the subsystem owns the ability to meet current concurrent accessing demand of HPCE.

引文

[1]都志辉,陈渝,刘鹏.网格计算[M].北京:清华大学出版社,2002:16.
    [2]R.Alfieri,et.R.Cesschini,V.Ciaschini,F.Spataro,and L.dell'Agnello.From Gridmapfile to VOMS:managing Authorization in Grid environment[J].Future Generation Computer Systems,2005,15:550.
    [3]Ian Foster,Carl Kesselman,Jeffery M Nick,et al.The Physiology of the Grid:An Open Grid Services Architecture for Distributed Systems Integration[EB/OL].:http://www.globus.org/research/papers/ogsa.pdf,2002-09-11.
    [4]赵曦滨,郭陟,雍建平,顾明.网格计算中面向虚拟组织的多级授权机制研究[J].计算机科学,2005,32:129-132.
    [5]V.Welch,I.Foster,K.Kesselman,S.Tuecke.The Community Authorization Service:Status and Future[R].La Jolla,California,USA:Computing in High Energy Physics,2003-3-24/2003-3-28:1-2.
    [6]Cannon,S.Chan,D.Olson,C.Tull.Using CAS to Manage Role-Based VO Sub-Groups[R].La Jolla,California,USA:Computing in High Energy Physics,2003-3-24/2003-3-28:1-5.
    [7]VOMS Architecture 1.1[EB/OL].:http://grid-auth.infn.it/docs/VOMS-v1_1.pdf,2004-09-11.
    [8]D.W.Chadwick and O.Otenko.The PERMIS X.509 role based privilege management infrastructure[J].Future Generation Computer Systems.2003,19(2):277-289.
    [9]The Globus Project.Globus[EB/OL].:http://www.globus.org,2006-03-12.
    [10]The Data TAG Project.Data TAG[EB/OL].:http://www.datatag.org/,2005-4-16.
    [11]The DataGrid Project.DataGrid[EB/OL].:http://www.edg.org/,2005-6-12.
    [12]徐志伟,李伟.织女星网格的体系结构研究[J].计算机研究与发展,2002(8):923-929.
    [13]中国教育科研网格公共支撑平台工作组.中国教育科研网格公共支撑平台设计规范[M].北京:清华大学出版社,2004:3-5.
    [14]CGSP1.0介绍[J].中国教育科研网格进展,2005,3(2):4-6.
    [15]Security Assertion Markup Language(SAML)2.0 Technical Overview[EB/OL].:http://www.oasis-open.org/committees/documents.php?wg_abbrev=security,2005-2-20.
    [16]Single Sign-on.[EB/OL].:http://www.ibm.com/developerworks/cn/security/se-sso/index.html,2002-4-1.
    [17]刘利民,查礼.网格用户管理体系结构的研究与设计[J].计算机研究与发展,2004,41(12):2237-2242.
    [18]Chapin SI,Katramatos D,Karpovich J,Grimshaw A.Resource management in legion[J]Future Generation Computer Systems,1999,15(5):583-594.
    [19]徐志伟,冯百明,李伟.网格计算技术[M].北京:电子工业出版社,2004:178.
    [20]Grid Security Infrastructure(GSI)Working Group.GSI[EB/OL].: http://www.gridforum.org/security/gsi/,2004-10-04.
    [21][美]Andrew Nash等著,张玉清等译.公钥基础设施(PKI):实现和管理电子安全[M].清华大学出版社,2002:68.
    [22]陈渝.先进计算基础设施若干关键技术的研究[D].北京:清华大学,博士后报告,2001.
    [23]R.S.Sandhu,E.J.Coyne,H.L.Feinstein,et al.Role-based access control models[J].IEEE Computer,1996,29(2):38-47.
    [24]王慧芳,郭金庚,黄永忠,陈海勇.基于角色的虚拟组织访问权限控制模型[J].计算机科学,2004,31(6):21-24.
    [25]陈昕,杨寿保,赵晓春,王育峰,单久龙.Portlet Research in Grid Environment[EB/OL].:http://www.gridchina.org/research/papers/Portlet Research in Grid Environment.pdf,2004-9.
    [26]〈程序员〉杂志社.程序员2004合订本(上)[M].北京:电子工业出版社,2004:46.
    [27]Tomcat Project.Tomcat[EB/OL].:http://jakarta.apache.org,2006-10-11.
    [28]Axis Project.Axis User guide[EB/OL].:http://ws.apache.org.axis,2005-06-12.
    [29]IBM.WebService 编程[EB/OL].:http://www.ibm.com/developerworks/cn/webservices/,2005-10-9.
    [30]陈华军.J2EE构建企业级应用解决方案[M].北京:人民邮电出版社出版社,2002:43-44.
    [31]HIBERNATE Project.Hibernate[EB/OL].:http://www.hibernate.org/,2006-11-28.
    [32]Oracle.TopLink[EB/OL].:http://www.oracle.com/technology/.products/ias/toplink/index.html,2006-9-04.
    [33]Apache Project.Torque.[EB/OL].:http://db.apache.org/torque/,2006-10-14.
    [34]使用Torque访问数据库[EB/OL].:http://www.chinaitpower.com/2005September/2005-09-05/191574.html,2005-9-5.
    [35]Erik Hatcher,Steve Loughran著,刘永丹译.使用Ant进行Java开发[M].北京:电子工业出版社,2005:17-19.
    [36]OASIS.SAML Specification[EB/OL].:http://xml.coverpags.org/draft-sstc-ftf3-saml-spec-00.pdf,2005-6-22/2006-6-4.
    [37]OASIS Standard.Assertion and Protocols for the OASIS Security Assertion Markup Language(SAML)V2.0[S].2005-3-15.
    [38]JohnDeacon.Model-View-Controller(MVC)Architeture.[EB/OL].:www.jdl.co.uk/briefings/MVC.pdf,2005-4.
    [39]RIA[EB/OL].:http://www.onjava.com/pub/a/onjava/2004/12/01/flexjava.html,2004-12-1.
    [40]Flex 1.5 Documentation[EB/OL].:http://www.adobe.com/support/documentation/en/flex/documentation.html,2004-12-01.
    [41]Micromedia.Flex 1.5 White Paper[EB/OL].:http://www.adobe.com/products/flex/whitepapers/,2004-10-17.
    [42]James W.cooper著,王宇,林琪,杜志秀译.Java设计模式[M].北京:中国电力出版社, 2002:15-31.
    [43]严蔚敏,吴伟民.数据机构:C语言版[M].北京:清华大学出版社,1996:169.
    [44]Apache Project.Log4j[EB/OL].:http://logging.apache.org/log4j/docs/,2006-12-11.
    [45]JDepend Project.JDepend[EB/OL].:http://www.clarkware/software/jdepend.html,2006-05-15.
    [46]Eclipse project.Code Analysis Plugin[EB/OL].:http://eclipse-plugins.info/eclipse/plugin_details.jsp?id=919,2004-12-30.
    [47]Apache Project.JMeter[EB/OL].:http://www.bonoy.com/jmeter,2005-06-15.