The computer industry is increasingly beginning to rely on the utility model of computation. In contrast with the traditional computing paradigm, where organizations typically purchase and maintain all of the necessary hardware and software computer resources required to meet their own individual computing needs, the utility model of computation views computer resources more in terms of a utility or service that may be effectively shared by multiple organizations to meet the collective computing needs of all of those organizations.
One such computational utility environment is referred to as grid computing, where a collection of potentially heterogeneous and geographically remote computer systems are connected together in a distributed fashion to share their respective resources and present the appearance of a single large and powerful virtual computer system. A grid computing environment may be used to share various hardware and software resources such as processors, applications, storage, memory, printers, network connections, and other peripheral devices. In a computational grid, the hardware and/or software resources of multiple computers are abstracted, with specialized software used to pass work to various resources in such a manner as to maximize the utilization of the underlying resources.
Grid computing is often more effective in terms of system utilization efficiency than traditional computing environments given that many computers are often significantly underutilized much of the time. Organizations that use traditional computing environments are typically required to maintain sufficient computing power to meet those organization's maximum or peak demands on each of their computing systems, regardless of how frequently those peak demands occur. With grid computing, on the other hand, the computing power of multiple organizations (or even the computing power of multiple sites or systems owned by the same organization) may effectively be shared so that work can be distributed to different resources in the grid for maximum overall system utilization. In many instances, the collective computing power maintained in a grid may be less than that which would otherwise be required to satisfy the individual computing demands of each consumer for the grid.
In many instances, grid computing also provides the possibility for highly parallel processing, which is desirable for many complex computing applications. Moreover, grid computing often provides failover, load balancing and other high availability capabilities to increase the reliability and availability of a grid, as well as other high level capabilities such as security, administration, etc.
While some computational utility environments may be maintained within a single organization, in many instances computational utility environments are used by multiple organizations, or may even be publically maintained and/or supported. Grid and web services, for example, may be utilized to abstract computational resources from multiple organizations and enable clients or consumers of a grid (even those that do not host any of the computing resources in the grid) to have computations or other tasks performed on their behalf by one or more resource providers. Furthermore, cost structures may be developed to enable clients of a grid to pay for the use of resources on a per-transaction or subscription basis.
As an example, grid computing may be used to perform many of the types of computations that are traditionally performed on multi-million dollar supercomputers. Through the interconnection of hundreds or thousands of significantly less expensive and lower performance computers in a grid, and then partitioning complex computations into computational units that are processed in parallel by multiple computers, a grid may provide performance that is on par with that of many supercomputers, but at a significantly reduced cost. Many organizations are more than willing to pay for the use of a grid, either on a transaction or a subscription basis, to avoid the need to purchase and maintain sufficient in-house computing power to handle complex computations.
One drawback to grid computing and other forms of distributed and computational utility environments, however, are the security issues that are raised by virtue of the multi-organizational structure of a grid.
In many distributed and computational utility environments, for example, it is anticipated that numerous organizations will provide computing resources to the infrastructure for the environment. In some instances, these organizations may even be competitors of one another. A client wishing to have work performed in such an environment may therefore not have complete control over the confidentiality of its data.
While encrypted communications may be used to protect communications between computers, when the underlying processing of data is performed on a particular computer in a computational utility environment, that computer typically must be capable of decrypting the data prior to performing the computation. Put another way, encryption usually protects data during transmission between the client and a resource, but not once the data is received and processed by that resource.
As a result, it is possible that computations performed on behalf of a client in a computational utility environment may be performed, at least in part, by computing resources hosted by competitors or other untrusted parties. A substantial risk therefore exists that a curious or malicious untrusted party will eavesdrop on computations and/or communications associated with computations while hosting computing resources, thereby creating a risk that a client's confidential data may be compromised.
Therefore, a significant need exists in the art for protecting computations performed in a computational utility or other untrusted distributed computing environment.