Presentation is loading. Please wait.

Presentation is loading. Please wait.

HTASC - Report to HEP-CCC David Kelsey RAL rl.ac.uk 6 Nov 1998.

Published byDustin Watts Modified over 8 years ago

Similar presentations

Presentation on theme: "HTASC - Report to HEP-CCC David Kelsey RAL rl.ac.uk 6 Nov 1998."— Presentation transcript:

1 HTASC - Report to HEP-CCC David Kelsey RAL d.p.kelsey@ rl.ac.uk 6 Nov 1998

2 6-Nov-98D.P.Kelsey, HTASC report2 HTASC #10 8th/9th October 1998, CERN Agenda Routine business Report from HEPNT Distributed editing Markup languages Y2k problem (brief discussion) Computer and Network Security

3 6-Nov-98D.P.Kelsey, HTASC report3 HTASC Members July 1998 - invited R-ECFA to review –Only one change notified: Germany now T.Haas –L.Sandor (Slovakia) has been replaced by P.Chochula Finland, Portugal and Sweden - still no nomination Several reps have never turned up

4 6-Nov-98D.P.Kelsey, HTASC report4 HEPNT DEC Visual FORTRAN for Windows NT –Required for CERNLIB, but very expensive –Negotiations under way with Compaq/DEC Web work - Plans for future work Plans for Open meeting –2/3/4 December, 1998 at CERN –Aimed at HEP NT System Managers AFS/NT vs. NTFS and CERN’s NT web plans

5 6-Nov-98D.P.Kelsey, HTASC report5 Distributed Editing HTASC has considered this several times –Time to come to a conclusion! Members were asked to consult institutes and experiments as to current practice –extensive use of TeX/Latex in current experiments and Theory –Atlas and CMS use FrameMaker –H1 and others uses Tuovi for version control –Some use of MS Word

6 6-Nov-98D.P.Kelsey, HTASC report6 Distributed Editing (2) Most large documents are written by a small number of authors - not really distributed Noted the work at CERN (CEDAR) and DESY on document archival/retrieval No sign yet of HEP using groupware, workflow, etc. Decided to take the following approach: –Can HTASC recommend a single application?

7 6-Nov-98D.P.Kelsey, HTASC report7 Distributed Editing Requirements 1. Doc format should be specified and open. 2. Implementations available on multiple platforms. 3. The application should be available to all. 4. Multiple language support is desirable. 5. Need version control, locking, archive. 6. Easy interface to WWW, including easy entry of links. 7. Must be WYSIWYG. 8. Spell Checker. 9. Inclusion of pictures etc. 10. Long term stability.

8 6-Nov-98D.P.Kelsey, HTASC report8 Distributed Editing Analysis of some products

9 6-Nov-98D.P.Kelsey, HTASC report9 Distributed Editing Conclusions No product meets all requirements WordPerfect seems to come out best, but then why is nobody in HEP using it? It is impossible to recommend a HEP-wide solution Individual experiments should choose HTASC does not see the need for a sub- group

10 6-Nov-98D.P.Kelsey, HTASC report10 Markup languages SGML and HTML - still with us, but... New standards (many acronyms!) –XML - Extensible Markup Lang. - can invent tags - but no good browsers yet. –CSS - Cascading Style Sheets –XSL - Advanced styling –DTD - Document Type Definition –RDF - Resource Description Framework (important for ‘web of trust’) New trend: Separate document content from its presentation

11 6-Nov-98D.P.Kelsey, HTASC report11 Markup languages Conclusions Things changing too quickly to make recommendations The WWW will become more important as the front end to databases of ‘information’ HEP should track the developments

12 6-Nov-98D.P.Kelsey, HTASC report12 Y2k problem Only brief discussion at HTASC #10 - we will revisit next time Lab infrastructure is assumed to be under control - if not, already too late! What about the experiments? Many are taking a “wait and see” approach Experiments should be encouraged to define a Y2k policy and take particular care of control systems and embedded processors.

13 6-Nov-98D.P.Kelsey, HTASC report13 Computer/Network Security The CERN CERT team joined us Introduction by Alan Flavell (UK) General discussion –what is already in place? Some initial recommendations Proposal for an HTASC security sub-group

14 6-Nov-98D.P.Kelsey, HTASC report14 Security - Introduction Internet security problems are increasing –see John Gamble’s figures from CHEP98 –see articles in Scientific American (Oct 98) –many hacking tools are now widely available Several sites disconnected from the Internet –SLAC, JLAB, DESY-Z, Glasgow, Manchester... –Major inconvenience to the users! Many system managers spent their summer working on this!

15 6-Nov-98D.P.Kelsey, HTASC report15 John Gamble - CHEP98 Security Incidents at CERN

16 6-Nov-98D.P.Kelsey, HTASC report16 John Gamble - CHEP98

17 6-Nov-98D.P.Kelsey, HTASC report17 Introduction (Alan Flavell) Outside factors: Expanding Internet Fewer OSs, wider OS expertise “Script kiddies” Special factors in our situation: Batch jobs,.rhosts,.netrc -> easy propagation End-user-managed hosts (esp. Linux!) Typical academic situation

18 6-Nov-98D.P.Kelsey, HTASC report18 Introduction(2) (Alan Flavell) Some problem areas... –r-series commands (rsh etc.) risky, –.rhosts and.netrc abuses –X Windows security problems –plain text passwords vulnerable to sniffers –trusted-host compromises BUT –Users still reasonably want to do their work! –And from sometimes strange places –And run unattended batch work.

19 6-Nov-98D.P.Kelsey, HTASC report19 Introduction(3) (Alan Flavell) There’s no magic bullet! For example... Using ssh instead of rsh can increase security Using ssh instead of telnet can increase security Using ssh badly can make things worse, and could make diagnosis of hacker incidents impossible! CERN (French) legal situation re encryption...

20 6-Nov-98D.P.Kelsey, HTASC report20 Security - what exists already? HEPiX security sub-group (UNIX security) –created in 1995 –chaired by Lionel Cons (CERN) –not very active, but interest growing now HEPNT discusses NT security HTASC contact list –not complete and never used(?) CERT mailboxes (HEPiX) at some sites –cert@ institute.domain and cert-ssc@ institute.domain

21 6-Nov-98D.P.Kelsey, HTASC report21 Security - Early recommendations The risks are potentially very large! –not only damage to control systems, files, data etc. –but also damage to our reputation Security policy must have the support of senior management –Security is balanced against user requirements –HEP-CCC may need to impose policy Resources need to be made available –human and otherwise

22 6-Nov-98D.P.Kelsey, HTASC report22 Early recommendations (2) Every Lab/Univ. should have a security officer and a security policy –firewall, passwords, laptops, when to disconnect... Users/System Managers - need guidance many HEP users have no control over the configuration of their systems –HEP should lead by example and aim to influence others –We are only as strong as the weakest link!

23 6-Nov-98D.P.Kelsey, HTASC report23 New HTASC Security sub-group Draft Mandate Advise HTASC/HEPCCC on Computer and Network Security needs suggest policies to meet those needs for HEP laboratories and institutes by –defining computer/network security guidelines for HEP institutions –estimating the resources needed to implement such guidelines –suggesting means of communication between the institutions in case of security incidents.

24 6-Nov-98D.P.Kelsey, HTASC report24 Security - HTASC sub-group(2) Proposal Chairman –Tobias Haas, DESY Membership (should be small) –A. Flavell (Glasgow, UK) –J. Gamble (CERN) –W. Niepraschk (DESY) –plus one or two more? Timescale –report to HTASC in March, 1999

25 6-Nov-98D.P.Kelsey, HTASC report25 Future meetings 4/5 March, 1999 (CERN) –Security - receive report from sub-group –Y2k - check that all is OK! –Software licensing - e.g. LHC++ for non-LHC 10/11 June, 1999 (NIKHEF) –Video conferencing 7/8 October, 1999 (CERN)

26 6-Nov-98D.P.Kelsey, HTASC report26 Summary HTASC invites HEP-CCC to... –Approve creation of a new Security sub-group –Provide support and resources for work on security –Take note of recommendation re Y2K

Download ppt "HTASC - Report to HEP-CCC David Kelsey RAL rl.ac.uk 6 Nov 1998."

Similar presentations

9-Apr-99D.P.Kelsey, HTASC report1 HTASC - Report to HEP-CCC David Kelsey, RAL rl.ac.uk 9 April 1999 (

9-Apr-99D.P.Kelsey, HTASC report1 HTASC - Report to HEP-CCC David Kelsey, RAL rl.ac.uk 9 April 1999 (
DOCUMENT TYPES. Digital Documents Converting documents to an electronic format will preserve those documents, but how would such a process be organized?

DOCUMENT TYPES. Digital Documents Converting documents to an electronic format will preserve those documents, but how would such a process be organized?
Standards and Increasing Maintainability on Web- based Systems James Eaton SE4112/16/2006.

Standards and Increasing Maintainability on Web- based Systems James Eaton SE4112/16/2006.
Web Technologies By Andreas Vetter and Yong Soo Deutschle.

Web Technologies By Andreas Vetter and Yong Soo Deutschle.
Authoring Languages and Web Authoring Software 4.01 Examine web page development and design.

Authoring Languages and Web Authoring Software 4.01 Examine web page development and design.
Password?. Project CLASP: Common Login and Access rights across Services Plan

Password?. Project CLASP: Common Login and Access rights across Services Plan
Password?. Project CLASP: Common Login and Access rights across Services Plan

Password?. Project CLASP: Common Login and Access rights across Services Plan
Project 1 Introduction to HTML.

Project 1 Introduction to HTML.
1 PROJECT Web-based Database Applications Lecture 1: Basic Internet Concepts & Databases - the History.

1 PROJECT Web-based Database Applications Lecture 1: Basic Internet Concepts & Databases - the History.
W3C - The World Wide Web Consortium Sam Rola Mitchell Smith Claire Stewart May 30 th 2007 Sam Rola Mitchell Smith Claire Stewart May 30 th 2007.

W3C - The World Wide Web Consortium Sam Rola Mitchell Smith Claire Stewart May 30 th 2007 Sam Rola Mitchell Smith Claire Stewart May 30 th 2007.
8 Systems Analysis and Design in a Changing World, Fifth Edition.

8 Systems Analysis and Design in a Changing World, Fifth Edition.
Developing a Basic Web Page with HTML

Developing a Basic Web Page with HTML
1st Project Introduction to HTML.

1st Project Introduction to HTML.
4.01B Authoring Languages and Web Authoring Software 4.01 Examine webpage development and design.

4.01B Authoring Languages and Web Authoring Software 4.01 Examine webpage development and design.
HTML 1 Introduction to HTML. 2 Objectives Describe the Internet and its associated key terms Describe the World Wide Web and its associated key terms.

HTML 1 Introduction to HTML. 2 Objectives Describe the Internet and its associated key terms Describe the World Wide Web and its associated key terms.
Chapter ONE Introduction to HTML.

Chapter ONE Introduction to HTML.
MIT Libraries’ FileMaker Use Policy as an example local DLC policy.

MIT Libraries’ FileMaker Use Policy as an example local DLC policy.
John Hartley Mark Bransby Utilizing Adobe's Publishing Solutions for Distributed Web Publishing.

John Hartley Mark Bransby Utilizing Adobe's Publishing Solutions for Distributed Web Publishing.
Building Public Facing Websites with SharePoint 2010 Prepared for ILTA’s SharePoint for Legal Symposium June 16 th, 2010 George Durzi Principal Consultant.

Building Public Facing Websites with SharePoint 2010 Prepared for ILTA’s SharePoint for Legal Symposium June 16 th, 2010 George Durzi Principal Consultant.
XML: More than just a cool acronym? Michael Mason DecisionSoft Limited.

XML: More than just a cool acronym? Michael Mason DecisionSoft Limited.

Similar presentations

Ads by Google