Legion: A Worldwide Virtual Computer
Home General Documentation Software Testbeds Et Cetera Map/Search
  Legion technical papers

The Legion Grid Portal

    Anand Natrajan, Anh Nguyen-Tuong, Marty Humphrey, Andrew Grimshaw
    Submitted to Grid Computing Environments 2001, Concurrency and Computation: Practice and Experience.
    zipped postscript version
    PDF version

    Abstract
    The Legion Grid Portal is an interface to a grid system. Users interact with the portal, and hence a grid through an intuitive interface from which they can view files, submit and monitor runs, and view accounting information. The architecture of the portal is designed to accommodate multiple diverse gride infrastructures, legacy systems and application-specific interfaces. The current implementation of the Legion Grid Portal is with familiar web technologies over the Legion grid infrastructure. The portal can be extended in a number of directions -- additional support for grid administrators, greater number of application-specific interfaces, interoperability between grid infrastructures, and interfaces for programming support. The portal has been in operation since February 2000 on npacinet, a worldwide grid managed by Legion on NPACI resources.

Grids: Harnessing Geographically-Separated Resources in a Multi-Organisational Context

    Anand Natrajan, Marty Humphrey, Andrew Grimshaw
    Presented at High Performance Computing Systems, June 2001.
    zipped postscript version
    PDF version

    Abstract
    Grids are becoming ubiquitous platforms for high-performance computing and distributed collaboration. A grid benefits users by permitting them to access heterogeneous resources, such as machines, data, people and devices, that are distributed geographically and organisationally. It benefits organisations by permitting them to offer unused resources on existing hardware and thus reclaim otherwise lost costs. Although worldwide grids can be constructed today, issues regarding heterogeneity, security and failures must be resolved especially if the participating resources for computing and collaboration must respect the autonomy of organisations to choose policies for using their resources.

    Legion is a grid infrastructure that presents users a view of a grid as a single virtual machine. This view reduces the complexities a uers encounters before running applications or collaborating on a grid. The functions performed by Legion on a grid are similar to the functions performed by a traditional operating system on underlying hardware. The design principles of object-basedness and integration have enabled Legion to be extended and configured in a number of ways, while ensuring that the cognitive burden on the grid community is small.

Toward Realizable Restricted Delegation in Computational Grids

    Geoff Stoker, Brian S. White, Ellen Stackpole, T.J. Highley, and Marty Humphrey
    To be presented at HPCN 2001 (European High Performance Computing and Networking), Amsterdam, June 25-27, 2001.
    postscript version
    PDF version

    Abstract
    In a Computational Grid, or Grid, a user often requires a service to perform an action on his behalf. Currently, the user has few options but to grant the service the ability to wholly impersonate him, which opens the user to seemingly unbounded potential for security breaches if the service is malicious or errorful. To address this problem, eight approaches are explored for realizable, practical, and systematic restricted delegation, in which only a small subset of the user's rights are given to an invoked service. Challenges include determining the rights to delegate and easily implementing such delegation. Approaches are discussed in the context of Legion, an object-based infrastructure for Grids. Each approach is suited for different situations and objectives. These approaches are of practical importance to Grids because they significantly limit the degree to which users are subject to compromise.

Capacity and Capability Computing in Legion

    Anand Natrajan, Marty Humphrey, Andrew S. Grimshaw
    Presented at the 2001 International Conference on Computational Science, May 28-30 2001.
    Zipped postscript version
    PDF version

    Abstract
    Computational scientists often cannot easily access the large amounts of resources their applications require. Legion is a collection of software services that facilitate the secure and easy use of local and non-local resources by providing the illusion of a single virtual machine from heterogeneous, geographically-distributed resources. This paper describes the newest additions to Legion that enable high-performance (capacity) computing as well as secure, fault-tolerant and collaborative (capability) computing.

Studying Protein Folding on the Grid: Experiences using CHARMM on NPACI Resources under Legion

    Anand Natrajan, Michael Crowley, Nancyc Wilkins-Diehr, Marty Humphrey, Anthony D. Fox, Andrew S. Grimshaw, Charles L. Brooks III
    To be presented at High Performance Distributed Computing 10, August 7-9, 2001.
    Zipped postscript version
    PDF version

    Abstract
    One of the benefits of a computational grid is the ability to run high-performance applications over distributed resources simply and securely. We demonstrated this benefit with an experiment in which we studied the protein-folding process with the CHARMM molecular simulation package over a grid managed by a grid operating system, Legion. High-performance applications can take advantage of grid resources if the grid operating system provides both low-level functionality as well as high-level services. We describe in detail the nature of services provided by Legion for high-performance applications. Our experiences indicate that human factors continue to play a crucial role in the configuration of grid resources, underlying resources can be problematic, grid services must tolerate underlying problems or inform the user, and high-level services must continue to evolve to meet user requirements. Our experiment not only helped a scientist perform an important study, but also showed the viability of an integrated approach such as Legion's for managing a grid.

Grid-Based File Access: The Legion I/O Model

    Brian S. White, Andrew S. Grimshaw, Anh Nguyen-Tuong
    Presented at the Ninth IEEE International Symposium on High Performance Distributed Computing, Pittsburgh, Pennsylvania, August 1-4, 2000.
    Postscript version
    PDF version

    Abstract
    The unprecedented scale, heterogeneity, and varied usage patterns of grids pose significant technical challenges to any underlying file system that will support them. While grids present a host of new concerns for file access, we focus on two issues: performance and usability. We discuss the Legion I/O model and interface to address the latter area. We compare Legion and Globus I/O against a baseline to validate the efficiency of existent grid-based file access solutions.

The Legion JobQueue

    Dimitrios Katramatos
    Postscript version
    White paper.

    Abstract
    This document describes the role, design, implementation, setup, and use of a job queuing system for Legion. This system improves upon the way Legion handles jobs as it can control the number of jobs that are executing simultaneously in a Legion system. The main component of the queuing system is a job administering object, the "JobQueue", which offers a priority-based job waiting queue, job control, and job monitoring features.

The Core Legion Object Model

    Michael J. Lewis, Andrew Grimshaw
    Proceedings of the Fifth IEEE International Symposium on High Performance Distributed Computing, IEEE Computer Society Press, Los Alamitos, California, August 1996.
    Postscript version
    An earlier version appears as UVa CS Technical Report CS-95-35, August 1995:
    Compressed version (ftp from UVa Tech Reports)
    Postscript version
    PDF version

    Abstract
    This document describes the core Legion object model. The model specifies the composition and functionality of Legion's core objects--those objects that cooperate to create, locate, manage, and remove objects from the Legion system. The model reflects the underlying philosophy and objectives of the Legion project. In particular, the object model facilitates a flexible extensible implementation, provides a single persistent name space, grants site autonomy to participating organizations, and scales to millions of sites and trillions of objects. Further, it offers a framework that is well suited to providing mechanisms for high performance, security, fault tolerance, and commerce.
A New Model of Security for Distributed Systems
    William A. Wulf, Chenxi Wang, and Darrell Kienzle
    UVa CS Technical Report CS-95-34, August 1995
    Compressed version (ftp from UVa Technical Reports)
    Postscript version
    PDF version

    Abstract
    With the rapid growth of the information age, electronic activities of many kinds are becoming more common. The need for protection and security in this environment has never been greater. The conventional approach to security has been to enforce a system-wide policy, but this approach will not work for large distributed systems where entirely new security issues and concerns are emerging.We argue that a new model is needed that shifts the emphasis from "system as enforcer" to user-definable policies in which the cost scales with the degree of security required. Users ought to be able to select the level of security they need and pay only the overhead necessary to achieve it. Moreover, ultimately, they must be responsible for their own security. This research is being carried out in the context of the Legion project. We start by describing the objectives and philosophy of the overall project and then present our conceptual model and tentative implementation plan. A set of technical challenges is also addressed.
Campus-Wide Computing: Results Using Legion at the University of Virginia
    Andrew S. Grimshaw, Anh Nguyen-Tuong, William A. Wulf
    UVa CS Technical Report CS-95-19, March 27, 1995
    Compressed version (ftp from UVa Tech Reports)
    Postscript version
    PDF version

    Abstract
    The Legion project at the University of Virginia is an attempt to provide system services that provide the illusion of a single virtual machine to users, a virtual machine that provides both improved response time via parallel execution and greater throughput. Legion is targeted towards both workstation clusters and towards larger, wide-area, assemblies of workstations, supercomputers, and parallel supercomputers. Rather than construct Legion from scratch we are extending an existing object-oriented parallel processing system by aggressively incorporating lessons learned over twenty years by the heterogeneous distributed systems community. The campus-wide virtual computer is an early Legion prototype. In this paper we present challenges that had to be overcome to realize a working CWVC, as well as performance on a production biochemistry application.
A Synopsis of the Legion Project
    Andrew S. Grimshaw, William A. Wulf, James C. French, Alfred C. Weaver, Paul F. Reynolds Jr.
    UVa CS Technical Report CS-94-20, June 8, 1994
    Compressed version (ftp from UVa Tech Reports)
    Postscript version
    PDF version

    Abstract
    The coming of giga-bit networks makes possible the realization of a single nationwide virtual computer comprised of a variety of geographically distributed high-performance machines and workstations. To realize the potential that the physical infrastructure provides, software must be developed that is easy to use, supports large degrees of parallelism in applications code, and manages the complexity of the underlying physical system for the user. This paper briefly describes our approach to constructing and exploiting such metasystems. Our approach inherits features of earlier work on parallel processing systems and heterogeneous distributed computing systems. In particular, we are building on Mentat, an object-oriented parallel processing system developed at the University of Virginia. A more detailed presentation can be found in technical report CS-94-21, "Legion: The Next Logical Step Toward a Nationwide Virtual Computer" (below).
Legion: The Next Logical Step Toward a Natiowide Virtual Computer
    Andrew S. Grimshaw, William A. Wulf, James C. French, Alfred C. Weaver, Paul F. Reynolds Jr.
    UVa CS Technical Report CS-94-21, June 8, 1994
    Compressed version (ftp from UVa Tech Reports)
    Postscript version
    PDF version

    Abstract
    The coming of giga-bit networks makes possible the realization of a single nationwide virtual computer comprised of a variety of geographically distributed high-performance machines and workstations. To realize the potential that the physical infrastructure provides, software must be developed that is easy to use, supports large degrees of parallelism in applications code, and manages the complexity of the underlying physical system for the user. This paper describes our approach to constructing and exploiting such metasystems. Our approach inherits features of earlier work on parallel processing systems and heterogeneous distributed computing systems. In particular, we are building on Mentat, an object-oriented parallel processing system developed at the University of Virginia. This report is a preliminary document. We expect changes to occur as the architecture and design of the system mature.
Support for Object Placement in Wide Area Heterogeneous Distributed Systems
    John F. Karpovich
    UVa CS Technical Report CS-96-03, January, 1996
    Compressed version (ftp from UVa Tech Reports)
    Postscript version
    PDF version

    Abstract
    One of the open challenges in distributed computing systems is determining how to place tasks onto processors when they are needed (in the Legion project being developed at UVA the basic computational units are modelled as objects, so the problem is one of object placement). The placement decision is crucial because it determines the run-time behavior of an object, including performance, cost and whether it can run at all. Many approaches have been developed to address this problem in a distributed system environment, but it is our claim that these efforts do not take the proper approach for supporting the needs of the large wide area heterogeneous virtual computer systems we envision will exist in the future. In particular, the systems developed to date are inadequate because they 1) focus on solutions for a narrow set of application types, environments, or user objectives, and 2) often inadequately support the full complexity and features of large distributed systems.

    We propose to better support the placement process in distributed systems by employing a new approach. Our approach is different from previous ones in that we propose to design a framework for supporting a wide range of different placement problems, user objectives and placement algorithms, rather than building a system that supports a single placement technique. The goal of the framework is to provide programmers with the basic mechanisms to support each facet of the placement process which will enable them to implement the placement policies and techniques that meet their needs. On the other hand, individuals will be competing for limited resources owned by different people or organizations. Therefore, the framework must also contain mechanisms to enforce the policies of resource owners and to resolve conflicts between users.

    The research effort proposed here will focus on developing the mechanisms needed to support flexible distributed object placement. To identify the main components of the placement process and the key issues that must be resolved, we will first develop a general model of the placement process. Using this model, we will next develop and implement a framework to support object placement within the Legion system. Developing such a framework will lend insight into our placement model and will also provide a proof of concept for our approach. Finally, we will demonstrate the usefulness of our framework approach by mapping a range of placement algorithms to the Legion framework and evaluating the performance of several algorithms versus that provided by the system today.

Mentat from Parallel Programming Using C++
    Andrew S. Grimshaw, Adam Ferrari, and Emily West

    This book chapter appears in:

      Parallel Programming Using C++
      pp. 383-427, 1996
      Ed. Gregory V. Wilson and Paul Lu
      The MIT Press, Cambridge, Mass.
      © 1996 Massachusetts Institute of Technology, All rights reserved.

    This chapter is available in Postscript format.

    Abstract
    Mentat is an object-oriented, control-parallel programming system designed to address three problems: the difficulty of writing parallel programs, the difficulty of achieving portability of those programs, and the difficulty of exploiting contemporary heterogeneous environments. The original design objectives of Mentat were to provide:
    • easy-to-use parallelism;
    • high performance via parallel execution;
    • system scalability from tens to hundreds of processors; and
    • portability across a wide range of platforms.
    The premise underlying Mentat is that writing programs for parallel machines does not have to be hard. Instead, it is the lack of appropriate abstractions that has made parallel architectures difficult to program, and hence inaccessible to mainstream programmers.
Object-Oriented Parallel Processing with Mentat
    Andrew S. Grimshaw
    This paper is available in the Postscript format.

    Abstract
    Mentat is an object-oriented parallel processing system designed to address three problems that face the parallel computing community, the difficulty of writing parallel programs, the difficulty achieving portability of those programs, and the difficulty exploiting contemporary heterogeneous environments. Writing parallel programs by hand is more difficult then writing sequential programs. The programmer must manage communication, synchronization, and scheduling of tens to thousands of independent processes. The burden of correctly managing the environment of time and energy. If parallel computing is to become mainstream it must be made easier for the average programmer. Otherwise, parallel computing will remain relegated to specialized applications of high value where the human investment required to parallelize the application can be justified.

    A second problem is that once a code has been implemented on a particular MIMD architecture, it is often not readily portable to other platforms; the tools, techniques, and library facilities used to parallelize the application may be specific to a particular platform. Thus, considerable effort must be re-invested to port the application to a new architecture. Given the plethora of new architectures and the rapid obsolescence of existing architectures, this represents a continueing time investment. One can view the different platforms as one dimension of two dimensional space, where the other dimension is time. One would like the implementation to be able to cover a large area in this space in order to amortize the development costs.

    Finally there is a heterogeneity. Today's high performance computation environments have a great deal of heterogeneity. Many users have a wide variety of resources available, traditional vector supercomputers, parallel supercomputers, and different high performance workstations. The machines may be connected together with a high speed local connection such as FDDI, ATM, or HIPPI, or they may be geographically distributed. Taken together these machines represent a tremendous aggregate computation resources.

    Mentat was originally designated to address the last two of these issues, implementation difficulty and portability. The primary Mentat design objectives were to provide easy-to-use parallelism, high performance via parallel execution, system scalability from tens to hundreds of processors, and applications portability across a wide range of platforms. The premise underlying Mentat is that writing parallel programs need not be more difficult then writing sequential programs. Instead, it is a lack of appropriate abstractions that has kept parallel architectures difficult to program, and hence, inaccessible to mainstream, production system.

Legion--A View From 50,000 Feet
    Andrew S. Grimsaw, Wm. A. Wulf
    Proceedings of the Fifth IEEE International Symposium on High Performance Distributed Computing, IEEE Computer Society Press, Los Alamitos, California, August 1996.
    Postscript version.

    Abstract
    The coming of gigabit networks makes possible the realization of a single nationwide virtual computer comprised of a variety of geographically distributed high performance machines and workstations. To realize the potential that the physical infrastructure provides, software must be developed that is easy to use, supports large degrees of parallelism in applications code, and manages the complexity of the underlying physical system for the user. Legion is a metasystem project at the University of Virginia designed to present users with a transparent interface to the available resources, both at the programming interface level as well as the at the user level. Legion addresses issues such as parallelism, fault tolerance, security, autonomy, heterogeity, resource management and access transparency in a multi-language environment. In this paper we present a high level overview of Legion, its vision, objectives, a brief sketch of how some of those objectives will be met, and the current status of the project.
Implementation of the Legion Runtime Library
    Adam J. Ferrari, Michael J. Lewis, Charles L. Viles, Anh Nguyen-Tuong, Andrew S. Grimshaw
    UVa CS Technical Report CS-96-16, November, 1996
    Postscript version.
    Compressed Postscript version (ftp from UVA Tech Reports).
    PDF version

    Abstract
    Legion is a multi-year effort to design and build scalable meta-computer software. Legion provides the software "glue" for seamless integration of distributed, heterogeneous hardware and software components. Much of this "glue" is provided in Legion's run-time library. In this document we provide a detailed description of the implementation of the Legion run-time library. The library is designed and implemented as a layered, configurable software protocol stack. This design, coupled with an event-based mechanism for inter-layer communication, enables considerable flexibility and extensibility. In this document, we first present the library interface and show how the library can be used "as is", without internal modification. We then show how to modify or add functionality to the library. Finally, we provide qualitative descriptions of how the library could be extended to encompass programming styles and methods besides the object-oriented, macro data-flow style that is Legion's initial target.
Using Dynamic Configurability to Support Object-Oriented Programming Languages and Systems in Legion
    Michael J. Lewis, Andrew S. Grimshaw
    UVa CS Technical Report CS-96-19, December 4, 1996
    Postscript version.
    Compressed Postscript version (ftp from UVA Tech Reports).
    PDF version

    Abstract
    Wide area distributed object systems will require mechanisms for creating, describing, and managing objects. The mechanisms must be scalable and must not mandate particular policies or algorithms because users will have different cost, security, performance, and functionality demands. Legion is a wide area distributed object system that supports this requirement using a first-class active class system. A Legion class is an active Legion object that manages its instances, provides their system-level support, and defines their behavior. To enable encapsulation and code reuse, and to simplify the requirements of many Legion programmers, Legion classes can be shared among Legion objects. To support instances that outlive the program that creates them, classes are persistent. To enable scalability, classes are distributed throughout the system.

    Shared, persistent, active, distributed (SPAD) class systems have many benefits for wide area distributed object systems such as Legion. But supporting traditional class roles, including instantiation and inheritance, requires new and different implementation solutions. This paper describes one way to support object-oriented languages and systems in the Legion SPAD class system. Our method is based on dynamic configurability of objects and classes. We describe dynamic configurability, motivate the need for new implementation solutions for a SPAD class system, describe the implementation of our solution, and illustrate its functionality with an example.

The Legion Vision of a Worldwide Virtual Computer
    Andrew S. Grimshaw, Wm. A. Wulf and the Legion team
    Communications of the ACM January 1997/Vol. 40, No 1

    Postscript version.

Enabling Flexiblity in the Legion Run-Time Library
    Charles L. Viles, Michael J. Lewis, Adam J. Ferrari, Anh Nguyen-Tuong, Andrew S. Grimshaw
    Proceedings of the International Conference on Parallel and Distributed Processing Techniques and Applications (PDPTA'97), pp.265-274. Las Vegas, Nevada June 30-July 2, 1997.
    Postscript version.
    PDF version

    Abstract
    This paper describes the design and implementation of the Legion run-time library (LRTL), focusing specifically on facilities that enable extensibility and configurability. These facilities include management of heterogeneous communication, an event-based mechanism for inter-component communication, and automated memory management. The paper provides several examples that illustrate the inherent flexibility of the LRTL implementation.

Parallelization of an Axially Symmetric Steady Flow Program
    Norm Beekwilder, Andrew Grimshaw
    UVa CS Technical Report CS-98-10, May 29, 1998
    Postscript version.
    Compressed Postscript version (ftp from UVA Tech Reports).
    PDF version.

    Abstract
    Description of the modifications made to an axially symmetric steady flow program to convert it from a sequential code to a parallel code. Some of the difficulties encountered and performance results are discussed.

Basic Fortran Support in Legion
    Adam Ferrari, Andrew Grimshaw
    UVa CS Technical Report CS-98-11, March 4, 1998
    Postscript version.
    Compressed Postscript version (ftp from UVA Tech Reports).
    PDF version.

    Abstract
    Fortran is the most widely used programming language for high-performance scientific computing applications, yet in the past the Legion system has not supported objects implemented in Fortran. This paper describes the design and interface of the Legion Basic Fortran Support (BFS) system. This system consists of compiler and runtime library that allow the description of Legion object interfaces in a Fortran-like Interface Description Language (IDL), and the implementation of Legion objects using Fortran. The system also supports remote method invocations on Legion objects through the use of pseudo-comments: Legion BFS directives embedded in normal Fortran comment lines. These method invocations are processed using a macro-dataflow model similar to that provided by the Mentat Programming Language, thus allowing both inter- and intra-method parallelism.

Architectural Support for Extensibility and Autonomy in Wide-Area Distributed Object Systems
    Andrew Grimshaw, Michael Lewis, Adam Ferrari, John Karpovich
    UVa CS Technical Report CS-98-12, Jun 3, 1998
    Postscript version.
    Compressed Postscript version (ftp from UVA Tech Reports).
    PDF version.

    Abstract
    The Legion system defines a software architecture designed to support metacomputing, the use of large collections of heterogeneous computing resources distributed across local- and wide-area networks as a single, seamless virtual machine. Metasystems software must be extensible because no single system can meet all of the diverse, often conflicting, requirements of the entire present and future user community, nor can a system constructed today take best advantage of unanticipated future hardware advances. Metasystems software must also support complete site autonomy, as resource owners will not turn control of their resources (hosts, databases, devices, etc.) over to a dictatorial system. Legion is a metasystem designed to meet the challenges of managing and exploiting wide-area systems. The Legion virtual machine provides secure shared object and shared name spaces, application adjustable fault-tolerance, improved response time, and greater throughput. Legion tackles problems not solved by existing workstation-based parallel processing tools, such as fault-tolerance, wide-area parallel processing, interoperability, heterogeneity, security, efficient scheduling, and comprehensive resource management. This paper describes the Legion run-time architecture, focussing in particular on the critical issues of extensibility and site autonomy.

Metacomputing--What's in it for me?
    Greg Lindahl, Andrew Grimshaw, Adam Ferrari, Katherine Holcomb
    Postscript version.
    PDF version.

    Abstract
    We are often asked by applications programmers, "What exactly is a metasystem, and why should I care?" This paper attempts to answer this question from an applications perspective, pointing out concrete ways in which the current practices of high performance scientific computing can possibly be improved.

Using Reflection for Flexibility and Extensibility in a Metacomputing Environment
    Anh Nyguyen-Tuong, Steve Chapin, Andrew Grimshaw, Charlie Viles
    Compressed ps version (ftp from UVa Technical Reports)
    PDF version.

    Abstract
    Legion is a large-scale metacomputing project at the University of Virginia. Legion users have requirements in many dimensions, including scheduling, security, fault tolerance, programming languages and environments, and performance. Not all users have the same needs. Further, as higher levels of services generally imply higher costs, users should be allowed to make tradeoffs and select the combination of services that is best suited for their purpose. To support diverse requirements Legion presents system developers with a reflective model, the Reflective Graph and Event model (RGE), for building metacomputing applications. The RGE model uses graphs and events to specify computations and enables first-class program graphs as event handlers. We demonstrate the RGE model in several areas of interest to metacomputing using Legion as our testbed. We unify the concepts of exceptions and events; by making exceptions a special case of events. Furthermore, using RGE, we demonstrate how to build generic, composable and reusable components that can be shared across development environments such as MPI, PVM, NetSolve, Ninf, C++, and Fortran.

A Flexible Security System for Metacomputing Environments
    Adam Ferrari, Frederick Knabe, Marty Humphrey, Steven Chapin, and Andrew Grimshaw
    High Performance Computing and Networking Europe (HPCN Europe 99) April, 1999
    Postscript version.
    PDF version.

    High Performance Computing and Networking '99 Conference version (© Springer-Verlag)
    Postscript version.
    PDF version.

    Abstract
    A metacomputing environment is a collection of geographically distributed resources (people, computers, devices, databases) connected by one or more high-speed networks and potentially spanning multiple administrative domains. Security is an essential part of metasystem design--high-level resources and services defined by the metacomputer must be protected from one another and from possibly corrupted underlying resources, while those underlying resources must minimize their vulnerability to attacks from the metacomputer level. We present the Legion security architecture, a flexible, adaptable framework for solving the metacomputing security problem. We demonstrate that this framework is flexible enough to implement a wide range of security mechanisms and high-level policies.

Support for Implementing Scheduling Algorithms Using MESSIAHS
    Steve Chapin and Eugene Spafford
    Postscript version.
    PDF version.

    Abstract
    The MESSIAHS project is investigating mechanisms that support task placement in heterogeneous, distributed, autonomous systems. MESSIAHS provides a substrate on which scheduling algorithms can be implemented. These mechanisms were designed to support diverse task placement and load balancing algorithms.

    As part of this work, we have constructed an interface layer to the underlying mechanisms. This includes the MESSIAHS Interface Layer (MIL) and a library of function calls for constructing distributed schedulers. This paper gives an overview of MESSIAHS, describes two sample interface layers in detail, and gives example implementations of well-known algorithms from the literature built using these layers.

Legion: An Operating System for Wide-Area Computing
    Andrew Grimshaw, Adam Ferrari, Fritz Knabe, Marty Humphrey
    IEEE Computer, 32:5, May 1999: 29-37.
    Compressed ps version (ftp from UVa Technical Reports)

    Abstract
    Applications enabled by the increasing availability of high-performance networks require the ability to share resources that are spread over complex, large-scale, heterogeneous, distributed environments spanning multiple administrative domains. We call this the wide-area computing problem. We argue that the right way to solve this problem is to build an operating system for the network that can abstract over a complex series of resources and provide high-level means for sharing and managing them. We describe the design of one such wide-area operating system: Legion. Through discussion of application examples, we demonstrate the attractive features of Legion's approach to constructing a wide-area operating system using distributed object components.

Accountability and Control of Process Creation in Metasystems
    Marty Humphrey, Fritz Knabe, Adam Ferrari, Andrew Grimshaw
    Proceedings of the 2000 Network and Distributed System Security Symposium (NDSS2000), San Diego, California, February 2000.
    Postscript version.
    PDF version.

    Abstract
    A metacomputing environment, or metasystem, is a collection of geographically separated resources (people, computers, devices, databases) connected by one or more high-speed networks. The distinguishing feature of a metasystem is middleware that facilitates viewing the collection of resources as a single virtual machine. The traditional requirements of security mechanisms and policies in a single physical host are exacerbated in a metasystem, as the physical resources of the metasystem exist in multiple administrative domains, each with different local security requirements. This paper illustrates how the Legion metasystem both accommodates and augments local security policies specifically with regard to process creation. For example, Legion configurations for local sites with different access control mechanisms such as standard UNIX mechanisms and Kerberos are compared. Through analysis of these configurations, the inherent security trade-offs in each design are derived. These results have practical importance to sites considering any future inclusion of local resources in a global virtual computer.

The Legion Resource Management System
(also Resource Management in Legion)
    Steve Chapin, Dimitrios Katramatos, John Karpovich, Andrew Grimshaw
    Postscript version.
    PDF version.

    This article appeared in

      Proceedings of the 5th Workshop on Job Scheduling Strategies for Parallel Processing (JSSPP '99) in conjunction with the International Parallel and Distributed Processing Symposium (IPDPS '99) San Juan, Puerto Rico, April, 1999
    as "The Legion Resource Management System"
    Postscript version.
    PDF version.

    Abstract
    The recent development of gigabit networking technology, combined with the proliferation of low-cost, high-performance microprocessors, has given rise to metacomputing environments. These environments can combine many thousands of hosts, from hundreds of administrative domains, connected by transnational and world-wide networks. Managing the resources in such a system is a complex task, but is necessary to efficiently and economically execute user programs.

    In this paper, we describe the resource management portions of the Legion metacomputing system, including the basic model and its implementation. These mechanisms are flexible both in their support for system-level resource management but also in their adaptability for user-level scheduling policies. We show this by implementing a simple scheduling policy and demonstrating how it can be adapted to more complex algorithms.

A New Model of Security for Metasystems
    Steve Chapin, Chenxi Wang, William Wulf, Fritz Knabe, Andrew Grimshaw
    Postscript version.
    PDF version.

    Abstract
    With the rapid growth of high-speed networking and microprocessing power, metasystems have become increasingly popular. The need for protection and security in such environments has never been greater. However, the conventional approach to security, that of enforcing a single system-wide policy, will not work for the large-scale distributed systems we envision. Our new model shifts the emphasis from "system as enforcer" to user-definable policies, making users responsible for the security of their objects.

    This security model has been implemented as part of the Legion project. Legion is an object-oriented metacomputing system, with strong support for autonomy. This includes support for per-object, user-defined policies in many areas, including resource management and security. This paper briefly describes the Legion system, presents our security model, and discusses the realization of that model in Legion.


 

[Home] [General] [Documentation] [Software]
[Testbeds] [Et Cetera] [Map/Search]

This work partially supported by DOE grant DE-FG02-96ER25290, Logicon (for the DoD HPCMOD/PET program) DAHC 94-96-C-0008, DOE D459000-16-3C, DARPA (GA) SC H607305A, NSF-NGS EIA-9974968, NSF-NPACI ASC-96-10920, and a grant from NASA-IPG.

legion@Virginia.edu
http://legion.virginia.edu/