bird

Information about bird

Published on October 29, 2007

Author: Javier

Source: authorstream.com

Content

LCG Progress on Policies & Coming Challenges:  LCG Progress on Policies & Coming Challenges Ian Bird IT Division, CERN LCG and EGEE Rome 9 December 2003 Slide2:  The Large Hadron Collider Project 4 detectors CMS ATLAS LHCb LHC Computing Hierarchy:  LHC Computing Hierarchy Emerging Vision: A Richly Structured, Global Dynamic System Introduction – the LCG Project:  Introduction – the LCG Project LHC Computing Grid (LCG) is a grid deployment project Prototype computing environment for LHC Focus on building a production-quality service Learn how to maintain and operate a global scale production grid Gain experience in close collaboration between regional (resource) centres Understand how to integrate fully with existing computing services Building on the results of earlier research projects; Learn how to move from test-beds to production services Address policy-like issues needing agreement between collaborating sites The LCG Deployment Board:  The LCG Deployment Board Grid Deployment Board (GDB) set up to address policy issues requiring agreement and negotiation between resource centres Members: country representatives, applications, and project Sets up working groups Short term or ongoing Bring in technical experts to focus on specific issues GDB approves recommendations from working groups Groups: Several that outlined initial project directions (operations, security, resources, support) Security – standing group – covers many policy issues Storage management Grid Operations Centre task force User Support group Policies and procedures :  Policies and procedures 6 documents approved to date Security and Availability Policy for LCG Prepared jointly with GOC task force Approval of LCG-1 Certificate Authorities Audit Requirements for LCG-1 Rules for Use of the LCG-1 Computing Resources Agreement on Incident Response for LCG-1 User Registration and VO Management 4 more being written (with GOC group) LCG Procedures for Resource Administrators LCG Guide for Network Administrators LCG Procedure for Site Self-Audit LCG Service Level Agreement Guide Security and Availability Policy:  Security and Availability Policy Prepared jointly with GOC group Objectives Agreed set of statements Attitude of the project towards security and availability Authority for defined actions Responsibilities on individuals and bodies Promote the LHC science mission Control of resources and protection from abuse Minimise disruption to science Obligations to other network (inter- and intra- nets) users Broad scope: not just hacking Maximise availability and integrity of services and data Resources, Users, Administrators, Developers (systems and applications), and VOs Does NOT override local policies Procedures, rules, guides etc contained in separate documents Policy: Ownership, maintenance and review:  Policy: Ownership, maintenance and review The Policy is Prepared and maintained by Security Group and GOC Approved by GDB Formally owned and adopted as policy by SC2 Technical docs implementing or expounding policy Procedures, guides, rules, … Owned by the Security Group and GOC timely and competent changes GDB approval for initial docs and significant revisions Must address the objectives of the policy Review the top-level policy at least every 2 years Ratification by SC2 via GDB if major changes required User Registration & VO Management:  User Registration & VO Management User registers once with LCG (and not at individual sites) Accepts User Rules Gives the agreed set of personal data Agreement on a minimal set was important achievement Requests to join one VO/Experiment Sites need robust VO Registration Authorities (RA) to check The user actually made the request User is valid member of the institute & experiment That all user data looks reasonable User data is distributed to all LCG sites Work needed on more robust scaleable procedures for 2004 Approach to Service SLAs:  Approach to Service SLAs Formal Contract with GOC? – No, because GOC is not (likely to be) a legal body GOC will not (be likely to) have any formal powers over Service Providers GOC will not (be likely to) pay for any Services So difficult for GOC to enforce a traditional SLA Instead, prefer a virtual contract between Service Provider and the LCG Grid Community Any Centre wishing to provide a Service must publish its design levels for the specified service level parameters of that Service LCG will then monitor the actual levels achieved and publish them so they may be compared with the design levels Service Providers (Centres) will then compete on quality or possibly quality/cost, either to attract work or enhance reputation Form of SLA:  Form of SLA One for each instance of a LCG Service To be published on the GOC website in standard format exactly as provided by the Service Administrator Format still to be agreed, but likely to contain as a minimum Identification of Service (type, release, etc) Statement on compliance with Security and Availability Policy (standard wording) Limitations on use (if any) Designed Availability Designed Reliability Designed Performance (Service-specific; to be defined for each type of Service) Sites in LCG-1 – 21 Nov:  Sites in LCG-1 – 21 Nov Future Challenges and Issues:  Future Challenges and Issues Challenges – 1 :  Challenges – 1 Authentication issues Must agree the future PMA bodies for CA’s EGEE likely to take over this role for Europe Collaborate with GridPMA.org, TERENA and GGF Online CA services, credential repositories KCA, SLAC Virtual Smart Card, MyProxy, … Need to define best practice and minimum standards Authorization developments VOMS (EDG) to be implemented soon in LCG Confirms membership of VO, groups, roles local AuthZ (EDG LCAS/LCMAPS, US CMS VOX) and VOMS-aware services are needed To give the experiments the functionality they require BUT, active research area – how this maps to local infrastructures Challenges – 2 :  Challenges – 2 Collaboration between resource providers: Risks involved in opening resources to wide community – essential to build and maintain trust Policies must be complete and enforced Technical solutions not yet there to implement and enforce Must maintain open access to all collaborators Successful so far Scalable solution for selective access needs tools and services that do not yet exist For LCG – issues of charging are not directly relevant But do need accounting Will be important for EGEE Challenges – 3 :  Challenges – 3 Interoperability between grids (national, international, community, …) Must understand what this means at all levels (political, technical, ..) Many very basic technical challenges to address Status today Need same middleware Need same information schema Need same usage policies Need to map users in compatible ways Need to agree security, access, etc. Summary:  Summary LCG has made significant progress in understanding issues Particularly related to security and access Much more to do Many things not needed within a single community will become important for EGEE – e.g. charging and cost of services Real SLAs – EGEE will address, LCG will be a customer Federating grids – in all guises Not really understood at any level Essential to have forum where these issues can be addressed

Related presentations


Other presentations created by Javier

wap
26. 11. 2007
0 views

wap

PairashThajchayapong1
02. 01. 2008
0 views

PairashThajchayapong1

Lecture13 1
09. 10. 2007
0 views

Lecture13 1

Physical Features of Arab World
24. 10. 2007
0 views

Physical Features of Arab World

arbovirus
24. 10. 2007
0 views

arbovirus

Ch14 Lecture
29. 11. 2007
0 views

Ch14 Lecture

going in 13may02
01. 12. 2007
0 views

going in 13may02

cap3
14. 11. 2007
0 views

cap3

enfoques 4 ppt
15. 11. 2007
0 views

enfoques 4 ppt

DeafTalk
16. 11. 2007
0 views

DeafTalk

db2
19. 11. 2007
0 views

db2

REACH Overview
05. 12. 2007
0 views

REACH Overview

Romantic English Literature
14. 12. 2007
0 views

Romantic English Literature

Treaty of Versailles
23. 12. 2007
0 views

Treaty of Versailles

conman15
28. 12. 2007
0 views

conman15

intro CS 1
04. 01. 2008
0 views

intro CS 1

Radiation Concepts
04. 01. 2008
0 views

Radiation Concepts

Kryptologie Folien Web
05. 01. 2008
0 views

Kryptologie Folien Web

meld ldp iros07 talk3
07. 01. 2008
0 views

meld ldp iros07 talk3

Ideal Year 2006
02. 11. 2007
0 views

Ideal Year 2006

Saggia Ecologia Presentazione
01. 10. 2007
0 views

Saggia Ecologia Presentazione

Royal Europe consumer
30. 10. 2007
0 views

Royal Europe consumer

Undergrat Presentation 2004
24. 10. 2007
0 views

Undergrat Presentation 2004

report pixel2000
01. 11. 2007
0 views

report pixel2000

Johnson 1
06. 11. 2007
0 views

Johnson 1

USA Presentation Rev 4
08. 11. 2007
0 views

USA Presentation Rev 4

Divisenko
20. 11. 2007
0 views

Divisenko

Civil Society Index Project
23. 11. 2007
0 views

Civil Society Index Project

Unit07Log
01. 11. 2007
0 views

Unit07Log

presentaz roma trieste 4
29. 10. 2007
0 views

presentaz roma trieste 4

Montana Meth Presentation
27. 12. 2007
0 views

Montana Meth Presentation

careerbuilder
20. 02. 2008
0 views

careerbuilder

Brussels 11May06
25. 10. 2007
0 views

Brussels 11May06

EDMT14
27. 02. 2008
0 views

EDMT14

pisanelli
30. 10. 2007
0 views

pisanelli

Newch6www
29. 02. 2008
0 views

Newch6www

tunnista kulutustyyppisi
05. 11. 2007
0 views

tunnista kulutustyyppisi

StratTac06 Leggett
05. 03. 2008
0 views

StratTac06 Leggett

Teela powerpoint 6
14. 03. 2008
0 views

Teela powerpoint 6

67436
27. 03. 2008
0 views

67436

dli20071
30. 03. 2008
0 views

dli20071

GEP2007
25. 10. 2007
0 views

GEP2007

hort2 floraldesign
11. 12. 2007
0 views

hort2 floraldesign

Kodal MALTA
04. 10. 2007
0 views

Kodal MALTA

bcs 03 nottingham
26. 11. 2007
0 views

bcs 03 nottingham

17 Sussex
17. 12. 2007
0 views

17 Sussex

asdc ncss for website ihc
06. 11. 2007
0 views

asdc ncss for website ihc

frieman
15. 11. 2007
0 views

frieman

Sem Grd Ontology
19. 11. 2007
0 views

Sem Grd Ontology

Underground1
06. 12. 2007
0 views

Underground1

Avape Port
16. 11. 2007
0 views

Avape Port

ceciliat2
28. 12. 2007
0 views

ceciliat2

diane guatelli
31. 10. 2007
0 views

diane guatelli

cacti
12. 12. 2007
0 views

cacti

Attila Vitai Vodafone
26. 11. 2007
0 views

Attila Vitai Vodafone

kevin dustin
13. 11. 2007
0 views

kevin dustin

02 Italy Gorgucci
31. 10. 2007
0 views

02 Italy Gorgucci

wp4status russia2
26. 10. 2007
0 views

wp4status russia2