The Trellis security infrastructure for overlay metacomputers and bridged distributed file systems

Abstract

Researchers often have non-privileged access to a variety of high-performance computer (HPC) systems in different administrative domains, possibly across a wide-area network. 1 Consequently, the security infrastructure becomes an important component of an overlay metacomputer: a user-level aggregation of HPC systems. The Trellis Security Infrastructure (TSI) is layered on top of the widely-deployed Secure Shell (SSH) and systems administrators only need to provide unprivileged accounts to the users. The contribution of TSI is in demonstrating that a single signon (SSO) system, for a variety of use-case scenarios, can be implemented without requiring a completely new security infrastructure. We describe the use of TSI for a Canada-wide overlay metacomputer, for computational workloads (i.e., CISS-3) that spanned 22 administrative domains, at its peak had over 4,000 concurrent jobs, and included a new distributed file system (i.e., Trellis NFS).

DOI: 10.1016/j.jpdc.2006.04.005

5 Figures and Tables

Cite this paper

@article{Lu2006TheTS, title={The Trellis security infrastructure for overlay metacomputers and bridged distributed file systems}, author={Paul Lu and Michael Closson and Cam Macdonell and Paul Nalos and Danny Ngo and Morgan Kan and Mark Lee}, journal={J. Parallel Distrib. Comput.}, year={2006}, volume={66}, pages={1181-1188} }