logo
EnterTheGrid - Primeur Live!

EnterTheGrid - Primeur is the premier Grid and Supercomputing information source in the world. With Primeur Live! it brings you Live reports from Europe's main Supercomputing and Grid events
>Primeur Magazine
>PrimeurLive!
>EnterTheGrid
>Analysis
>Backissues
>Calendar
>Subscribe
>Advertise
>Contact
Issue 27 June 2003
>Start
>A new design for supercomputers?
>Focus
>GRIA takes Grid computing into the real world
>It is hard work to keep up with people expecting us to follow Moore's law
>TOP500 supercomputing
>Off-the-shelf supercomputing is a dead end
>Interdependence of architecture and software for effective terascale computing
>Building a PetaFlops class machine for large scale system design experience and biomolecular simulation
>Exploring the benefits of FPGA-processor technology for genome analysis at Acconovis
>Twenty years experience at NAL with software for HPC in aerospace science and engineering
>Software for large-scale computing: it is scalability that matters!
>Can SuperData Centres be secured?
>Complexity of data in the passenger services systems of the DB AG
>Billing of million customers at German Telekom
>The Grid
>Taming huge data volumes
>Company news
>Rapidly evolving microprocessor technology turns throughput computing into alternative for HPC
>Dell introduces 64-Bit server for high-performance computing market
>Efficient network-storage, TCP processing and processor development under the loop at Intel
>AMD Opteron processor answer to tough challenges in high performance computing
Can SuperData Centres be secured?
Heidelberg 26 June 2003 The main topics of this question were discussed by Brian Koch, RxHUB, Saint Paul, USA. He presented the problems of openness of the huge academic centres compared with governmental and industrial secured computer centres. He looked at those centres through a security lens and saw it as an acceptable or tolerable level of risk.
Advertisement
Visit our sponsors
Advertisement

First he presented the Information Security Principles, which consist of the Confidentiality, the information is available only to those with a right to know; the Integrity, the information is accurate, valid and reliable; the Availability, the information is available when it is needed; the Accountability, all actions can be attributed to an accountable individual; the Provenance, the origin and history of a data item is well defined and known; and the Assurance, reasoned confidence in the reliability of security assumptions and controls.

The SuperData Centres seen through a security lens

They need for example the technical environment, networks - high-speed internal and external. Often these lay beyond commercial network security mechanisms in both scope and speed. The have massive data central and distributed, on-line and off-line storage. They lay beyond conventional protection approaches due to the distributed nature of users, differences in operating systems and versions, differences in administrative structures. In technology they are leading edge, have research/prototype, little prior art, known-good work.

In the management environment there is a collegial "high trust" loyalty to the profession, loyalty to local institution, impatient with bureaucracy and process, and high visibility (attractive target for thrill seekers).

The physical environment is characterised by a relatively open access (compared with commercial or classified government environments).

Risk Assessment Process

Koch then described a risk assessment process based on NIST (the Risk Management Guide for Information Technology Systems, Special Publication 800-30) in detail, which consists of the following steps:

  • System Characterisation
  • Threat Identification
  • Vulnerability Identification
  • Control Analysis
  • Likelihood Determination
  • Impact Analysis
  • Risk Determination
  • Control Recommendations
  • Results Documentation

In the end he summarised the approaches to a secure data centre. Security is a process and not just technology. The SuperData Centres push security technology beyond the state of the art, and require analysis based on first principles, and a deep awareness of the security process.

The Security, to a defined degree, can be achieved for SuperData Centres. A Secure SuperData Centre knows what it cares about, and why. It has reasonable and appropriate safeguards in the administrative, technical and physical arena. It protects itself against reasonably anticipated threats or hazards. It has confidence in data integrity and confidentiality. Additionally it has confidence that it ensures adequate availability and knows why it knows all of these.
Advertisement
Visit our sponsors
Advertisement
Dolphin's SCI interconnect features the lowest latency and wire speed
Uwe Harms

EnterTheGrid - Primeur

James Stewartstraat 248

1325 JN Almere

The Netherlands

http://EnterTheGrid.com

mailto:primeur@hoise.com
© EnterTheGrid - Primeur Live!