[Beowulf] confidential data on public HPC cluster

Nifty Tom Mitchell niftyompi at niftyegg.com
Mon Mar 15 21:58:36 PDT 2010


On Mon, Mar 01, 2010 at 11:29:49AM -0500, Jonathan Dursi wrote:
> 
> Hi;
> 
> We're a fairly typical academic HPC centre, and we're starting to
> have users talk to us about using our new clusters for projects that
> have various requirements for keeping data confidential. 

"Various requirements" should spell it out for you.
The requirements result in consequences and a price.
Multiple groups may have conflicting requirements
and cannot play together.

If they want timeshare does that desire argue with 
their requirements?

In one senario you can isolate storage and kickstart (clean load) all
the compute hosts between project access.  i.e. It is possible for each group to
have its own "Head Node" with a dedicated NFS resource and allow only one
"Head Node" to be physically connected to cluster at a time.

Requirements should specify staff requirements and more
including physical access. 

The cost of a breach can dwarf the cost of dedicated individual disk 
farms and clusters.    If their requirements cost you then they
need to put skin in the game.

Your best solution might be to turn it back at them and make 
"various requirements" of them that you can live with!  This
might require a legal review as well.


-- 
	T o m  M i t c h e l l 
	Found me a new hat, now what?




More information about the Beowulf mailing list