open science grid its security technical group
Download
Skip this Video
Download Presentation
Open Science Grid & its Security Technical Group

Loading in 2 Seconds...

play fullscreen
1 / 14

Open Science Grid & its Security Technical Group - PowerPoint PPT Presentation


  • 130 Views
  • Uploaded on

Open Science Grid & its Security Technical Group. ESCC 22 Jul 2004 Bob Cowles [email protected] Open Science Grid.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about ' Open Science Grid & its Security Technical Group' - karl


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
open science grid
Open Science Grid
  • Open Science Grid is a consortium (not a project) in the US for ensuring our Grid efforts, including and in particular the LHC ones, come together towards a coherent and sustained Grid infrastructure that will
    • Include the US contribution to LCG
    • be Open from the start to other experiments and other sciences
    • Work and interoperates with the Grid infrastructure provided through EGEE
    • Evolve Grid3 to Open Science Grid for Production
  • Inclusive Partnerships with Computer Science, Information Technology, Other Sciences, Grid Projects etc…

ESCC - OSG & SecWG

towards a coherent sustained production grid infrastructure
Towards a coherent sustained production Grid infrastructure
  • A 5-10 year roadmap to match life-cycle of Particle Physics Experiments committed to Grids for Data Analysis.
  • Start from the needs of our experiments today
  • End-to-end approach delivering to requirements and schedule of participating application communities.
  • A framework for a coherent system approach through joint projects across the members.
  • Cooperation across DOE & NSF, Universities and Laboratories, Projects, Middleware and Technology Groups, Experiments and Application Communities, Education and Workforce Development

ESCC - OSG & SecWG

egee osg partnership
EGEE- OSG Partnership

L. Bauerdick, L.Robertson

ESCC - OSG & SecWG

babar run ii samgrid us testbeds grid3 an evolution
BaBar, Run II SAMGrid, US Testbeds, Grid3, …an evolution
  • Babar data distribution with GridFTP & SRB
  • CDF and D0 >1.5 Petabytes in mass storage at Fermilab. SAMGrid data grid developed for distributed data simulation data analysis over >25sites.
  • LIGO DataGrid for a coherent and uniform LIGO data analysis environment
  • Joint US-LHC, LIGO, SDSS and Computer Science Laboratory Grid3.
    • In use for US ATLAS DC2. US CMS gained 50% in overall throughput for 17Million event simulations. SDSS southern “coadd of objects” in progress. ANL GADU biology users. Computer science application demonstrators.

D0 files transferred

ESCC - OSG & SecWG

consortium architecture
Consortium Architecture

Campus, Labs

Technical

Groups

0…n (small)

Service

Providers

Consortium Board

(1)

Sites

Researchers

VO Org

Joint committees

(0…N small)

activity

1

Research

Grid Projects

activity

1

activity

1

activity

0…N (large)

Enterprise

Participants provide:

resources, management,

project steering groups

OSG Process Framework

ESCC - OSG & SecWG

open science grid 0
Open Science Grid-0
  • First Iteration of Production Infrastructure.
  • Goal to Launch in Feb ‘05.
  • Aligned with PPDG Laboratory Grid milestone
  • Will evolve from Grid3.
  • Blueprint giving guiding Principles and Technology Roadmap feeding into OSG-0 plans.
  • Most significant evolution from Grid3 is addition of Storage Services - Persistent at DOE Laboratories - Durable & Transient in many places- to common infrastructure.

ESCC - OSG & SecWG

security technical group
Security Technical Group
  • Started from an Evolution of PPDG SiteAA group
  • Reports to the OSG Collaboration Board - a broad mail list [email protected]
  • Sponsoring Incident Response Activity
  • Extended membership with participants from Universities, TeraGrid and Earth System Grid:

Bob Cowles (SLAC), Dane Skow (Fermilab),

Mike Helm (ESNET), Doug Pearson (Indiana,

iVDGL/iGOC), Von Welch (NCSA),

Remy Evard (ANL), Tom Throwe (BNL),

Doug Olson (LBNL), Veronika Nefedova (ESG)

ESCC - OSG & SecWG

security technical group mission
Security Technical Group-Mission
  • The Security Technical group is responsible for coordinating the OSG activities that relate to security policy, practices and services. These include:
    • Negotiation of common security principles and expectations for security across the Consortium.
    • Development and oversight of common requirements and architecture for security management across the Consortium.◦
    • Identification of necessary projects and work needed for a coherent, complete Security infrastructure on the common grid.
    • Interoperability of Security infrastructure across different administrative domains, initially OSG and EGEE through the LCG Joint Security Group.
    • Publish information about security
  • Scope explicitly includes cooperation with the EGEE/LCG peer groups.

ESCC - OSG & SecWG

issues on the table to date
Issues on the Table to Date
  • “Top ten” list ++
  • How to organize ourselves
    • acting as both Joint Security Group + JRA3 + MWSG
    • how to have an impact
    • first priorities
  • How to collaborate effectively with
    • Joint Security Group
    • JRA3

ESCC - OSG & SecWG

general tasks
General tasks
  • Security deliverables
    • Authorization
    • One time password cross-site implementation
  • Coordination
    • across PPDG Projects, Experiments, Sites
    • with other grid projects, e.g. EGEE, ?
  • Operational Policies
    • Guides and Procedures for Sites including incident response and contact lists

ESCC - OSG & SecWG

coordination
Coordination
  • Developer’s Guide
  • Installation & Configuration Guide

ESCC - OSG & SecWG

operational policies
Operational Policies
  • Cross-site federated authentication
  • Incident warning
    • Credential compromise
    • Machine / service compromise
    • Cross-grid reporting and warning
  • Incident Response
    • Action or information clearinghouse?
    • Higher-level reporting responsibilities?

ESCC - OSG & SecWG

deliverables
Deliverables
  • Authorization
    • SAzP (Simple AuthZ Protocol) definition and document guide for application development
  • Cross-site OTP
    • Generalize to federated authentication?
      • OTP
      • Kerberos
      • X.509 certificates
    • Policies & procedures for sites to follow
    • Actual implementation

ESCC - OSG & SecWG

ad