Presentation is loading. Please wait.

Presentation is loading. Please wait.

The EDGeS project receives Community research funding 1 Specific security needs of Desktop Grids Desktop Grids Desktop Grids EDGeS project EDGeS project.

Published byTamsyn Gilmore Modified over 8 years ago

Similar presentations

Presentation on theme: "The EDGeS project receives Community research funding 1 Specific security needs of Desktop Grids Desktop Grids Desktop Grids EDGeS project EDGeS project."— Presentation transcript:

1 The EDGeS project receives Community research funding 1 Specific security needs of Desktop Grids Desktop Grids Desktop Grids EDGeS project EDGeS project Delegation for access to trusted resources Delegation for access to trusted resources

2 Etienne URBAH urbah@lal.in2p3.fr LAL, Univ Paris-Sud, IN2P3/CNRS, Orsay, France v1.2 2 DG = Desktop Grid = Loose grid scavenging idle resources Specific security needs of Desktop Grids DG = Desktop Grid = Loose grid scavenging idle resources Unit of Work = Application + Input Data Unit of Work = Application + Input Data Grid User Submits input data for an application Requests Unit of Work Sends Unit of Work Application Manager Certifies Application Resource Owner (often volunteer) Owns Resource Sends back results Accepts or Refuses an application on his resource Grid Server with Application Repository Computing Resource (often Desktop Computer) Sends back results Currently, for BOINC, both roles of ‘Application Manager’ and ‘Grid User’ are fulfilled by ‘BOINC Project Owners’.

3 Etienne URBAH urbah@lal.in2p3.fr LAL, Univ Paris-Sud, IN2P3/CNRS, Orsay, France v1.2 3 DG = Desktop Grid = Loose grid scavenging idle resources Specific security needs of Desktop Grids DG = Desktop Grid = Loose grid scavenging idle resources Computing and Storage Resources are owned by various Owners (it is often volunteer computing), but they are NOT managed and NOT authenticated.Computing and Storage Resources are owned by various Owners (it is often volunteer computing), but they are NOT managed and NOT authenticated. Grid Servers are authenticated by a X509 certificate.Grid Servers are authenticated by a X509 certificate. Users are authenticated by the Grid Servers, but NOT by the Computing and Storage Resources.Users are authenticated by the Grid Servers, but NOT by the Computing and Storage Resources. Executables are certified by managers of the Grid Servers.Executables are certified by managers of the Grid Servers. So :– Resource Owners have to trust the Grid Servers, – BOINC sends each Work Unit to several Resource Owners, because BOINC does NOT fully trust them. Order of magnitude can be 1 000 000 CPUs.Order of magnitude can be 1 000 000 CPUs. Starving Computing Resources pull Work Units from Grid Servers.Starving Computing Resources pull Work Units from Grid Servers. Examples : BOINC, XtremWeb, xGrid, OurGrid

4 Etienne URBAH urbah@lal.in2p3.fr LAL, Univ Paris-Sud, IN2P3/CNRS, Orsay, France v1.2 4 Presentation of the EDGeS project Specific security needs of Desktop Grids Presentation of the EDGeS project New FP7 project started on 01/01/2008 Integrate Service Grids and Desktop GridsIntegrate Service Grids and Desktop Grids Enable very large number of computing resources (100K-1M processors)Enable very large number of computing resources (100K-1M processors) Attract new scientific communitiesAttract new scientific communities Provide a Grid application development environmentProvide a Grid application development environment Provide application repository and bridges for the execution in the SG-DG systemProvide application repository and bridges for the execution in the SG-DG system WLCG (CERN) EDGeS gLite (EGEE) ARC (NorduGrid) Boinc (Berkeley) XtremWeb (INRIA/IN2P3) Xgrid (Apple) Unicore (DEISA) VDT (OSG) Current Future

5 Etienne URBAH urbah@lal.in2p3.fr LAL, Univ Paris-Sud, IN2P3/CNRS, Orsay, France v1.2 5 Presentation of the EDGeS project Specific security needs of Desktop Grids Presentation of the EDGeS project http://www.edges-grid.eu Now, Interoperation : Ad-hoc bridges and interfaces between EGEE, BOINC and XtremWeb.Ad-hoc bridges and interfaces between EGEE, BOINC and XtremWeb. A MoU between EDGeS and EGEE has been signed on 23 Sept 2008.A MoU between EDGeS and EGEE has been signed on 23 Sept 2008. XtremWeb users must have a X509 certificate, be registered in a VO and submit their Jobs with a VOMS proxy.XtremWeb users must have a X509 certificate, be registered in a VO and submit their Jobs with a VOMS proxy. BOINC Project Owners must have a X509 certificate, be registered in a VO and store a medium-term X509 proxy in a MyProxy server.BOINC Project Owners must have a X509 certificate, be registered in a VO and store a medium-term X509 proxy in a MyProxy server. All files must be transferred through the Input and Output sandboxes.All files must be transferred through the Input and Output sandboxes. In the future : Interoperability using OGF standards, in order to bridge more Grids.Interoperability using OGF standards, in order to bridge more Grids. Better support of grid file access (ByteIO, GridFTP).Better support of grid file access (ByteIO, GridFTP).

6 Etienne URBAH urbah@lal.in2p3.fr LAL, Univ Paris-Sud, IN2P3/CNRS, Orsay, France v1.2 6 EGEE WMS EDGeS 3G bridge EGEE Plugin 1 for each (BOINC Project Owner, EGEE VO) pair Queue Manager & Job DB BOINC Handler 1 for each (BOINC server, BOINC Project Owner, EGEE VO) triple Bridge BOINC  EGEE (WU = Work Unit) Specific security needs of Desktop Grids Bridge BOINC  EGEE (WU = Work Unit) WU i+1 WU i+2 WU i+3 Job i+1 Job i+2 BOINC Server Work Unit BOINC Project Owner Submission MyProxy trusting EDGeS 3G bridge Medium term X509 proxy Config. file DN of X509 proxy Short term X509 proxy VOMS Server VOMS extensions Job Handler Interface Grid Handler Interface BOINC jobwrapper client (simulating a large BOINC computing resource) 3G job- wrapper VOMS proxy Retriever

7 Etienne URBAH urbah@lal.in2p3.fr LAL, Univ Paris-Sud, IN2P3/CNRS, Orsay, France v1.2 7 Bridge BOINC  EGEE Specific security needs of Desktop Grids Bridge BOINC  EGEE Solution = Inside EDGeS bridge, marshalling of the BOINC Work Units into Job collections For each (BOINC server, BOINC Project Owner, EGEE VO) triple, a separate Job Handler collects the BOINC Work Units and place them in a queue.For each (BOINC server, BOINC Project Owner, EGEE VO) triple, a separate Job Handler collects the BOINC Work Units and place them in a queue. For each (BOINC Project Owner, EGEE VO) pair, a separate EGEE plugin :For each (BOINC Project Owner, EGEE VO) pair, a separate EGEE plugin : –Retrieves a short term X509 Proxy for the BOINC Project Owner from a MyProxy server, and VOMS extensions from a VOMS server, –Periodically processes new Work Units found in the queue : It converts each Work Unit into an EGEE Job, In order to reduce the usage of the EGEE WMS, it uses Collection possibili- ties of EGEE to submit many Jobs in one request described using JDL.

8 Etienne URBAH urbah@lal.in2p3.fr LAL, Univ Paris-Sud, IN2P3/CNRS, Orsay, France v1.2 8 EGEE Bridge XtremWeb  EGEE Specific security needs of Desktop Grids Bridge XtremWeb  EGEE XtremWeb User X509 proxy VOMS proxy Submits User Job with VOMS proxy Sends back Job Status and Results VOMS Server XtremWeb Server Submits mono-user Pilot Job with VOMS proxy Gives Pilot Job Status gLite WMS Computing Element Pushes Pilot job Mono-user Pilot Job Requests only 1 User Job Sends 1 User Job with same VOMS proxy User Job Gives Pilot Job Status Sends back results directly XtremWeb Bridge Requests User Jobs Sends User Jobs with VOMS proxy Manages User Job status

9 Etienne URBAH urbah@lal.in2p3.fr LAL, Univ Paris-Sud, IN2P3/CNRS, Orsay, France v1.2 9 Bridge XtremWeb  EGEE Specific security needs of Desktop Grids Bridge XtremWeb  EGEE Solution = XtremWeb bridge : Gliding with a mono-user Pilot Job 1.A XtremWeb User submits to the XtremWeb server his User Job with a VOMS proxy. 2.At the request of the XtremWeb bridge, the XtremWeb server sends him the User Job with the VOMS proxy. 3.The XtremWeb bridge submits to a gLite WMS a mono-user Pilot Job with this VOMS proxy (job description in a JDL). 4.The gLite WMS pushes the Pilot Job to a Computing Element, which executes it. 5.The mono-user Pilot Job requests 1 User Job from the XtremWeb server, and stops itself if it receives none. 6.The XtremWeb server verifies that the requested User Job has a VOMS proxy, and sends the User Job and the VOMS proxy to the Pilot Job. 7.The Pilot Job verifies that the received VOMS proxy is the same as its own VOMS proxy, and executes the User Job. 8.At the end of the User Job, the Pilot Job sends the Job results directly to the XtremWeb server, then stops itself.

10 Etienne URBAH urbah@lal.in2p3.fr LAL, Univ Paris-Sud, IN2P3/CNRS, Orsay, France v1.2 10 Bridge EGEE  Desktop Grids Specific security needs of Desktop Grids Bridge EGEE  Desktop Grids EGEE LCG-CE for EDGeS Gets EXE Watches Reports resources and performance Pushes job Checks EXE Submits Job Logs events Gets VOMS proxy Logs events EDGeS Application Repository EGEE BDII gLite WMS EGEE LB EGEE VOMS EGEE User Sends output Gets output EDGeS 3G bridge Adds job Watches job Desktop Grid plugin Information provider GRAM Job Manager for EDGeS Queue Manager & Job DB Generic Job WS Handler Desktop Grid

11 Etienne URBAH urbah@lal.in2p3.fr LAL, Univ Paris-Sud, IN2P3/CNRS, Orsay, France v1.2 11 Bridges EGEE  BOINC & XtremWeb Specific security needs of Desktop Grids Bridges EGEE  BOINC & XtremWeb Solution = Installation of a LCG-CE sending the EGEE Jobs to the EDGeS bridge, which marshals them into Desktop Grid Jobs Information Provider publishes information to the BDII according to GLUE 1.3Information Provider publishes information to the BDII according to GLUE 1.3 Customized GRAM Job Manager (EGEE producer)Customized GRAM Job Manager (EGEE producer) –Gets job information from wrapper –Checks if exe is validated in the EDGeS application repository (GEMLCA) –Checks if exe is supported by attached BOINC –Gets files from WMS –Adds job to 3G bridge job Database –Polls status of jobs in 3G bridge job Database –Gets results from 3G bridge and uploads them to Logging & Bookkeeping EDGeS 3G bridge EDGeS 3G bridge –Manages jobs in the 3G bridge database –On events, updates entries in the 3G bridge database –Desktop Grid plugins BOINC plugin uses DC-API to generate BOINC Work Units XtremWeb plugin generates XtremWeb Jobs

12 Etienne URBAH urbah@lal.in2p3.fr LAL, Univ Paris-Sud, IN2P3/CNRS, Orsay, France v1.2 12 Delegation for access to trusted resources Specific security needs of Desktop Grids Delegation for access to trusted resources Jobs having to access trusted Resources require delegation (through X509 proxies or SAML assertions) Is it possible to provide delegation to untrusted Computing Resources of Desktop Grids ?

13 Etienne URBAH urbah@lal.in2p3.fr LAL, Univ Paris-Sud, IN2P3/CNRS, Orsay, France v1.2 13 – Delegation Current situation : NO restriction  Full impersonation Specific security needs of Desktop Grids – Delegation Current situation : NO restriction  Full impersonation Acceptable only with trusted computing resources NOT acceptable with untrusted (DG) computing resources Grid User Submits Job EGEE Computing Element Submits Job Trusted Worker Node Trusted Data Access Trusted Storage Resource Full impersonation Grid User Submits Job EGEE Computing Element Submits Job Untrusted Worker Node Untrusted Data Access Trusted Storage Resource Full impersonation X509 proxy without restrictions X509 proxy without restrictions X509 proxy without restrictions X509 proxy without restrictions X509 proxy without restrictions X509 proxy without restrictions

14 Etienne URBAH urbah@lal.in2p3.fr LAL, Univ Paris-Sud, IN2P3/CNRS, Orsay, France v1.2 14 – Delegation Current situation : NO restriction  Full impersonation Specific security needs of Desktop Grids – Delegation Current situation : NO restriction  Full impersonation By now, WITHOUT restrictions on delegation, X509 proxies permit full impersonation. Therefore, when sending jobs, it is acceptable to send along such X509 proxies : –only to TRUSTED computing resources (for example Worker Nodes of local or EGEE clusters), because the storage resources must trust that the computing resource will only access to data described in the job, –but NOT to UNTRUSTED computing resources (for example from a public Desktop Grid), because they could then have access to all user data.

15 Etienne URBAH urbah@lal.in2p3.fr LAL, Univ Paris-Sud, IN2P3/CNRS, Orsay, France v1.2 15 – Delegation Under development : X509 Proxies with Restrictions Specific security needs of Desktop Grids – Delegation Under development : X509 Proxies with Restrictions Improved security with trusted computing resources Could also be acceptable with untrusted computing resources Could also be acceptable with untrusted computing resources Grid User Submits Job EGEE Computing Element Submits Job Trusted Worker Node Trusted Data Access Trusted Storage Resource Restricted impersonation Grid User Submits Job EGEE Computing Element Submits Job Untrusted Worker Node Trusted Data Access Trusted Storage Resource Restricted impersonation X509 proxy with restrictions X509 proxy with restrictions X509 proxy with restrictions X509 proxy with restrictions X509 proxy with restrictions X509 proxy with restrictions

16 Etienne URBAH urbah@lal.in2p3.fr LAL, Univ Paris-Sud, IN2P3/CNRS, Orsay, France v1.2 16 – Delegation Under development : X509 Proxies with Restrictions Specific security needs of Desktop Grids – Delegation Under development : X509 Proxies with Restrictions When sending jobs, it could be acceptable to send X509 proxies containing restriction attributes about data access to UNTRUSTED computing resources (for example from a public Desktop Grid), because : –In order to get access to data, computing resources have to present to storage resources the full X509 proxy, INCLUDING ALL restriction attributes. –Storage resources are then able to refuse data access if restriction attributes forbid it, –Data that the jobs have to read are easily protected against corruption or deletion by using restriction attributes setting those data as read-only. –Malicious computing resources can always corrupt data on which they have write access, but they can already write false data in the Output Sandbox of jobs anyway. If these restriction attributes are really implemented, enforced and considered secure enough, this would permit computing resources of Desktop Grids to access storage resources of EGEE Storage Elements (using SRM, GridFTP, …), with a great impact on EDGeS JRA3.

17 Etienne URBAH urbah@lal.in2p3.fr LAL, Univ Paris-Sud, IN2P3/CNRS, Orsay, France v1.2 17 – Delegation Access to untrusted Storage Resources of Desktop Grids Specific security needs of Desktop Grids – Delegation Access to untrusted Storage Resources of Desktop Grids Could access of trusted Computing Resources to untrusted Storage Resources of Desktop Grids be acceptable ? EDGeS is studying the issue. We can get advices from you and Jesus LUNA. Grid User Submits Job EGEE Computing Element Submits Job Trusted Worker Node Untrusted Data Access Untrusted Storage Resource X509 proxy X509 proxy NO X509 proxy

Download ppt "The EDGeS project receives Community research funding 1 Specific security needs of Desktop Grids Desktop Grids Desktop Grids EDGeS project EDGeS project."

Similar presentations

EGEE-II INFSO-RI-031688 Enabling Grids for E-sciencE www.eu-egee.org EGEE and gLite are registered trademarks MyProxy and EGEE Ludek Matyska and Daniel.

EGEE-II INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks MyProxy and EGEE Ludek Matyska and Daniel.
FP7-INFRA-222667 Enabling Grids for E-sciencE www.eu-egee.org EGEE Induction Grid training for users, Institute of Physics Belgrade, Serbia Sep. 19, 2008.

FP7-INFRA Enabling Grids for E-sciencE EGEE Induction Grid training for users, Institute of Physics Belgrade, Serbia Sep. 19, 2008.
JSAGA2 Overview job desc. gLite plug-ins Globus plug-ins JSAGA hidemiddlewareheterogeneity (e.g. gLite, Globus, Unicore) JDLRSL.

JSAGA2 Overview job desc. gLite plug-ins Globus plug-ins JSAGA hidemiddlewareheterogeneity (e.g. gLite, Globus, Unicore) JDLRSL.
Plateforme de Calcul pour les Sciences du Vivant SRB & gLite V. Breton.

Plateforme de Calcul pour les Sciences du Vivant SRB & gLite V. Breton.
P-GRADE and WS-PGRADE portals supporting desktop grids and clouds Peter Kacsuk MTA SZTAKI

P-GRADE and WS-PGRADE portals supporting desktop grids and clouds Peter Kacsuk MTA SZTAKI
Www.eu-eela.eu E-science grid facility for Europe and Latin America A Data Access Policy based on VOMS attributes in the Secure Storage Service Diego Scardaci.

E-science grid facility for Europe and Latin America A Data Access Policy based on VOMS attributes in the Secure Storage Service Diego Scardaci.
The EPIKH Project (Exchange Programme to advance e-Infrastructure Know-How) gLite Grid Services Abderrahman El Kharrim

The EPIKH Project (Exchange Programme to advance e-Infrastructure Know-How) gLite Grid Services Abderrahman El Kharrim
Makrand Siddhabhatti Tata Institute of Fundamental Research Mumbai 17 Aug 2009 1.

Makrand Siddhabhatti Tata Institute of Fundamental Research Mumbai 17 Aug
Riccardo Bruno INFN.CT Sevilla, 10-14 Sep 2007 The GENIUS Grid portal.

Riccardo Bruno INFN.CT Sevilla, Sep 2007 The GENIUS Grid portal.
The EDGeS project receives Community research funding 1 EDGeS Bridge technology to interconnect EGEE and BOINC grids Peter Kacsuk MTA.

The EDGeS project receives Community research funding 1 EDGeS Bridge technology to interconnect EGEE and BOINC grids Peter Kacsuk MTA.
OSG Middleware Roadmap Rob Gardner University of Chicago OSG / EGEE Operations Workshop CERN June 19-20, 2006.

OSG Middleware Roadmap Rob Gardner University of Chicago OSG / EGEE Operations Workshop CERN June 19-20, 2006.
EGEE-II INFSO-RI-031688 Enabling Grids for E-sciencE www.eu-egee.org EGEE and gLite are registered trademarks Simply monitor a grid site with Nagios J.

EGEE-II INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks Simply monitor a grid site with Nagios J.
INFSO-RI-508833 Enabling Grids for E-sciencE www.eu-egee.org Logging and Bookkeeping and Job Provenance Services Ludek Matyska (CESNET) on behalf of the.

INFSO-RI Enabling Grids for E-sciencE Logging and Bookkeeping and Job Provenance Services Ludek Matyska (CESNET) on behalf of the.
The EDGI project receives Community research funding 1 EDGI Brings Desktop Grids To Distributed Computing Interoperability Etienne URBAH

The EDGI project receives Community research funding 1 EDGI Brings Desktop Grids To Distributed Computing Interoperability Etienne URBAH
1 Overview of the Application Hosting Environment Stefan Zasada University College London.

1 Overview of the Application Hosting Environment Stefan Zasada University College London.
G RID M IDDLEWARE AND S ECURITY Suchandra Thapa Computation Institute University of Chicago.

G RID M IDDLEWARE AND S ECURITY Suchandra Thapa Computation Institute University of Chicago.
INFSO-RI-508833 Enabling Grids for E-sciencE Workload Management System Mike Mineter

INFSO-RI Enabling Grids for E-sciencE Workload Management System Mike Mineter
Javascript Cog Kit By Zhenhua Guo. Grid Applications Currently, most grid related applications are written as separate software. –server side: Globus,

Javascript Cog Kit By Zhenhua Guo. Grid Applications Currently, most grid related applications are written as separate software. –server side: Globus,
The EDGeS project receives Community research funding 1 SG-DG Bridges Zoltán Farkas, MTA SZTAKI.

The EDGeS project receives Community research funding 1 SG-DG Bridges Zoltán Farkas, MTA SZTAKI.
The EDGeS project receives Community research funding 1 Bridging EGEE to BOINC and XtremWeb GIN : From interoperation to interoperability.

The EDGeS project receives Community research funding 1 Bridging EGEE to BOINC and XtremWeb GIN : From interoperation to interoperability.

Similar presentations

Ads by Google