Bryan Lyles - 5/20/04

The Role of Trust and Criticality in a Public Computing Platform

The commercial hosting of applications where the economic value of the application value is relatively large is an established art.  For example, an organization can lease rack space in an established hosting center and install its own computers.  However, for very small applications, applications where the economic value is unknown, or for applications which may only need to be run occasionally (or on demand), there is not nearly as clear cut a model for commercial hosting.  As part of research into alternative methods for hosting applications we built a cluster-based computing system that we called a service platform.  The service platform requirements came from three principals:  economics forces us to share computing resources, we don't get to dictate operating system interfaces, and security will never be perfect therefore risk management is required.   The service platform architecture satisfied these requirements by introducing the concepts of the risk associated with an application and the application's criticality, then using the measures of risk and criticality to control the placement of applications on the platform and the programming of the network interconnect so that more critical applications are not put at more than an acceptable level of risk by less trusted ones.