GIT-CERCS-04-36
Patrick Widener, Karsten Schwan,
Dynamic Differential Data Protection for High Performance and Pervasive
Applications
Modern distributed applications are long-lived, are expected to
provide flexible and adaptive data services, and must meet the
functionality and scalability challenges posed by dynamically changing
user communities in heterogeneous execution environments. The
practical implication of these requirements is that static policy and
mechanism definitions are unsuitable for the design of modern software
systems. This paper addresses the protection mechanisms of such systems,
describing a novel approach to enabling the protection of key applications
components and sensitive data in distributed applications.
The approach, termed Dynamic Differential Data Protection (D3P),
deploys context-sensitive, application-specific protection functionality
at runtime to enforce restrictions in data access and manipulation.
D3P is suitable for use in zero/low-downtime environments, appropriate
for high-performance computing tasks and highly-scalable architectural
patterns (such as publish/subscribe), and is deployable across a wide
variety of OS and machine platforms.
We introduce the need for D3P, using sample applications from the HPC and
pervasive computing domains to illustrate the solutions it makes
possible, and describe how D3P has been integrated into modern
middleware. We demonstrate D3P's ability to capture individual
end-users' or components' needs for data protection. Finally, we
present experimental evaluations which quantify the performance
implications of using D3P in data-intensive applications.