With the development of cloud computing technology, more and more scientific workflows are delivered to cloud platforms to complete. However, there are many threats in clouds due to the multi-tenant coexistence. In order to protect scientific workflows in clouds, the authors propose an intrusion tolerant scientific workflow system. In this system, the task executors containing multiple virtual machines are used for workflow sub-task execution to enhance reliability. Then lagged decision mechanism is presented to ensure uninterrupted workflow execution while checking the intermediate data, and assessing the confidence of these data. Inspired by moving target defence, they propose a dynamic task scheduling strategy based on resource circulation to periodically generate and recycle task executors, keeping the clean state of the workflow execution environment. Furthermore, temporary workflow intermediate data backup mechanism is presented, the stored intermediate data can be used for the re-execution of workflow sub-tasks with low confidence. Experiments are conducted in both the actual test environment based on OpenStack and the simulated test environment based on WorkflowSim toolkit. Experimental results demonstrate that the proposed system can effectively enhance intrusion tolerance of scientific workflows.

中文翻译：

---

使用容错系统保护云中的科学工作流

随着云计算技术的发展，越来越多的科学工作流被交付到云平台来完成。但是，由于多租户共存，云中存在许多威胁。为了保护云中的科学工作流程，作者提出了一种可容忍入侵的科学工作流程系统。在此系统中，包含多个虚拟机的任务执行程序用于工作流子任务执行，以增强可靠性。然后提出了滞后的决策机制，以确保在检查中间数据并评估这些数据的可信度的同时，确保工作流程的执行不中断。受移动目标防御的启发，他们提出了一种基于资源循环的动态任务调度策略，以定期生成和回收任务执行者，保持工作流程执行环境的干净状态。此外，提出了临时的工作流中间数据备份机制，所存储的中间数据可以以较低的置信度用于工作流子任务的重新执行。在基于OpenStack的实际测试环境和基于WorkflowSim工具箱的模拟测试环境中均进行了实验。实验结果表明，该系统可以有效提高科学工作流程的入侵容忍度。在基于OpenStack的实际测试环境和基于WorkflowSim工具箱的模拟测试环境中均进行了实验。实验结果表明，该系统可以有效提高科学工作流程的入侵容忍度。在基于OpenStack的实际测试环境和基于WorkflowSim工具箱的模拟测试环境中均进行了实验。实验结果表明，该系统可以有效提高科学工作流程的入侵容忍度。