210 likes | 338 Views
Globus TK4 experiment for image data processing : security architecture, Cnes feedbacks Anne Jean-Antoine Piccolo. Introduction. A Grid architecture is such a distributed architecture. From a logical view, 4 sub–systems compose a grid:
E N D
Globus TK4 experiment for image data processing : security architecture, Cnes feedbacksAnne Jean-Antoine Piccolo
Introduction A Grid architecture is such a distributed architecture. • From a logical view, 4 sub–systems compose a grid: • administration (software and hardware allocation & administration, VO management) • job management (user requests analysis, resource allocation & status monitoring, workflow execution) • job processing (storage and processing facilities, file handlers, data transfer tools) • security (user access control, data flow security, event monitoring). Here, we focus on the security subsystem. • Specific security requirements analysis • derived from CNES high level security requirements • applicable to a CNES designed system defined on a distributed architecture allowing users from different organizations : • to work according to a collaborative schema • to share resources.
Security studies : the following methodology • CNES led security studies based on the previous target architecture according to the classical methodology : • Consequences assessment : comparison between security criteria (availability, integrity, confidentiality, imputability) and sensitive levels (no impact, minor, major, critical, vital) for user data, grid management data and security data. • Threads analysis. • Risks analysis and a first security objective definition in term of network security, data and software integrity, processing control & monitoring, I&A, authorization, data flow, data protection, and so on … • Risks covered by security objectives ? • Security architecture : a first proposal => functional requirements in term of security (ISO/IEC 15408) • List of non recovered risks
Global security needs to be reached • Needs issued from « Virtual Organization » : • Protection of their resources (user data and software), • Availability of the grid infrastructure hosting their resources (for user request processing). • Needs issued from providers of grid resources : • Grid resource under full control of local administrators, • Security of resources which are not provided for grids => need to isolate these resources regarding grid ones.
Grid use cases : user requests for accessing computing software implemented on CNES machines Previously known resources (software or data) before request processing, Resources have to be dynamically allocated step by step. user requests for accessing VO resources (software, data) and CNES resources (servers) resulting in data backward transfers (e.g. computing results) : a command flow in input and a data flow in output, user requests for accessing resources (software, data) located outside CNES. Resulting security concerns authentication of user requests and of jobs running on behalf of the user, integrity of software and data implemented on CNES resources, control of dynamically accessed resources, data in/out transfers, isolation of CNES resources regarding VOs, except of resources formally designated as accessible to users. Identification of Grid Context (1/2)
Resource classification systems supporting tools and services devoted to grid utilization systems devoted to grid management: authentication, authorization, allocation, information user workstations located outside CNES network protocols for Calling remote request Cascading authentication (SSL/TLS with delegation) Routing and localization service or node (OSPF, DNS) Transferring files (e.g. ftp, gridftp) Transferring data (e.g. http/SOAP) Accessing security data (e.g. LDAP) Information notification communications between grid management services (depend on the grid middleware) Identification of Grid Context (2/2)
Chistera over Globus GT4 : experiment configuration CNES local network IPCOP Objective : to experiment Globus through a firewall and test the security architecture feasibility (simulate an extra grid).
Summary of traffic characteristics for Globus GT4 • If Globus is behind a firewall then some ports need to be opened : 2119 (gatekeeper), 2811 (gridftp) and 2135 (GIS). • Globus will also need a range of ports opened for GASS (Global Access to Secondary Storage) to inform Globus of the port range you need to set the GLOBUS_TCP_PORT_RANGE variable in “xinetd” files and user start up scripts. • The size of the port range depends on how many services are expected – generally a range of couple of thousand should be necessary.
Summary of traffic characteristics for Globus GT4 (*) CEP: Controllable ephemeral port (*) TCP Transmission Control protocol
Intermediate product High resolution product Intermediate product A Chistera processing demonstration • Integrated into the Spot 5 user ground segment CHISTERA Processing Synoptic of High Resolution Processing
Chistera monitoring using GRAM Commands Slaves Data Reception Command monitoringCHISTERA treatment Result sending Master Image splitting Data sending and command monitoring Image gathering and assembly Data transfer : globus-url-copy Control transfer : globus-job-run Data Reception Commands monitoringCHISTERA treatment Results sending
Chistera monitoring using GRAM Commands Slaves GRAM Server GridFTP Server Master GT4 Client Data transfer : globus-url-copy Remote Processing : globus-job-run GRAM Server GridFTP Server
Open Ports: CEP CNES internal network Chistera monitoring using GRAM Commands
Chistera monitoring using web services WSRF Slaves/Containers XML file reception Container processing Image splitting Creation of job descriptions (XML) XML files sending Assembly Master XML job submission : globusrun-ws XML file reception Container processing
Chistera monitoring using web services WSRF Slaves/Containers GT4 web service container Master GridFTP Server GT4 Client Soumission de job XML: globusrun-ws GT4 web service container
Open Ports: 2811/tcp CEP CNES internal network Chistera monitoring using web services WSRF
Firewall consequences on transfer time : first results • Globus feasibility through cascading firewalls proved , • Not very compliant with performance requirements (explain why ?) => a user recommendation can be to define a complete workflow avoiding several requests from outside
CPU charge Imalise1 Imalise2 Solex Spliting phase Treatment Assembly
CNES feedbacks • Some technical results reached and a strong involvement of CS company in the R&D project , • A promising technology for future distributed ground segment if we adjust architecture design and project needs, • A good collaboration between the CS company and the Cnes security experts, • Grid technology trends needs expertise in different fields : security, middleware, architecture design, … (not always available in our organization !), • A weak involvement from the Cnes directors yet => a strong need to be supported if we want GRID succeeds and be used in our future projects .