EU privacy issue Ilija Vukotic 6 th October 2014.

Slides:

Advertisements

Similar presentations

Metadata Progress GridPP18 20 March 2007 Mike Kenyon.

Advertisements

Forschungszentrum Karlsruhe in der Helmholtz-Gemeinschaft Jos van Wezel Doris Ressmann GridKa, Karlsruhe TSM as tape storage backend for disk pool managers.

Windows XP Service Pack 2 Deployment Dave Lee West Campus.

Viruses, Worms, Spyware, and Other Perils of an On- Line World Computer Services Tech Talk September 23, 2003.

1.Introduction 2.Monitoring-related features of XRootD 3.Issues with CMS federation monitoring Talk outline: Matevž Tadel

NASA/ESA Interoperability Efforts CEOS Subgroup - CINTEX Alexandria, Sept 12, 2002 Ananth Rao Yonsook Enloe SGT, Inc.

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI Pakiti.

BY OLIVIA WILSON AND BRITTANY MCDONALD Up Your Shields with Shields Up!

Ian Bird LHCC Referee meeting 23 rd September 2014.

FAX UPDATE 1 ST JULY Discussion points: FAX failover summary and issues Mailing issues Panda re-brokering to sites using FAX cost and access Issue.

FAX UPDATE 26 TH AUGUST Running issues FAX failover Moving to new AMQ server Informing on endpoint status Monitoring developments Monitoring validation.

CERN IT Department CH-1211 Geneva 23 Switzerland t Storageware Flavia Donno CERN WLCG Collaboration Workshop CERN, November 2008.

Xrootd Monitoring for the CMS Experiment Abstract: During spring and summer 2011 CMS deployed Xrootd front- end servers on all US T1 and T2 sites. This.

Efi.uchicago.edu ci.uchicago.edu FAX meeting intro and news Rob Gardner Computation and Enrico Fermi Institutes University of Chicago ATLAS Federated Xrootd.

WLCG Nagios and the NGS. We have a plan NGS is using a highly customised version of the (SDSC written) INCA monitoring framework. It was became too complicated.

Wahid, Sam, Alastair. Now installed on production storage Edinburgh: srm.glite.ecdf.ed.ac.uk  Local and global redir work (port open) e.g. root://srm.glite.ecdf.ed.ac.uk//atlas/dq2/mc12_8TeV/NTUP_SMWZ/e1242_a159_a165_r3549_p1067/mc1.

Maintaining and Updating Windows Server Monitoring Windows Server It is important to monitor your Server system to make sure it is running smoothly.

And Tier 3 monitoring Tier 3 Ivan Kadochnikov LIT JINR

MW Readiness Verification Status Andrea Manzi IT/SDC 21/01/ /01/15 2.

Network and Transfer Metrics WG Meeting Shawn McKee, Marian Babik perfSONAR Operations Sub-group 22 nd October 2014.

Efi.uchicago.edu ci.uchicago.edu FAX status developments performance future Rob Gardner Yang Wei Andrew Hanushevsky Ilija Vukotic.

STATUS OF DCACHE N2N AND MONITORING REPORT I. CURRENT SITUATION xrootd4j is a part of dCache implemented in such a way that each change requires new dCache.

MW Readiness WG Update Andrea Manzi Maria Dimou Lionel Cons 10/12/2014.

1 User Analysis Workgroup Discussion  Understand and document analysis models  Best in a way that allows to compare them easily.

Storage Federations and FAX (the ATLAS Federation) Wahid Bhimji University of Edinburgh.

Module 8: Managing Software Distribution. Collections Packages Programs Advertisements Collections Packages Programs Advertisements How Software.

DPM Python tools Ivan Calvet IT/SDC-ID DPM Workshop 10 th October 2014.

Report from the WLCG Operations and Tools TEG Maria Girone / CERN & Jeff Templon / NIKHEF WLCG Workshop, 19 th May 2012.

FAX UPDATE 12 TH AUGUST Discussion points: Developments FAX failover monitoring and issues SSB Mailing issues Panda re-brokering to FAX Monitoring.

Report from GSSD Storage Workshop Flavia Donno CERN WLCG GDB 4 July 2007.

Efi.uchicago.edu ci.uchicago.edu Data Federation Strategies for ATLAS using XRootD Ilija Vukotic On behalf of the ATLAS Collaboration Computation and Enrico.

Efi.uchicago.edu ci.uchicago.edu Ramping up FAX and WAN direct access Rob Gardner on behalf of the atlas-adc-federated-xrootd working group Computation.

Microsoft ® Official Course Module 6 Managing Software Distribution and Deployment by Using Packages and Programs.

MW Readiness WG Update Andrea Manzi Maria Dimou Lionel Cons Maarten Litmaath On behalf of the WG participants GDB 09/09/2015.

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI EGI CSIRT Procedure for Compromised Certificates and Central Security Emergency.

Andrea Manzi CERN EGI Conference on Challenges and Solutions for Big Data Processing on cloud 24/09/2014 Storage Management Overview 1 24/09/2014.

Outcome should be a documented strategy Not everything needs to go back to square one! – Some things work! – Some work has already been (is being) done.

DB Questions and Answers open session (comments during session) WLCG Collaboration Workshop, CERN Geneva, 24 of April 2008.

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI Questionnaires to Cloud technology providers and sites Linda Cornwall, STFC,

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI Status of ARGUS support Peter Solagna – EGI.eu.

WLCG Operations Coordination report Maria Dimou Andrea Sciabà IT/SDC On behalf of the WLCG Operations Coordination team GDB 12 th November 2014.

DPM in FAX (ATLAS Federation) Wahid Bhimji University of Edinburgh As well as others in the UK, IT and Elsewhere.

HEPiX IPv6 Working Group David Kelsey (STFC-RAL) GridPP33 Ambleside 22 Aug 2014.

Efi.uchicago.edu ci.uchicago.edu FAX status report Ilija Vukotic on behalf of the atlas-adc-federated-xrootd working group Computation and Enrico Fermi.

Operations Coordination Team Maria Girone, CERN IT-ES GDB, 11 July 2012.

Cloud Security Session: Introduction 25 Sep 2014Cloud Security, Kelsey1 David Kelsey (STFC-RAL) EGI-Geant Symposium Amsterdam 25 Sep 2014.

dpm-xrootd status for xroot federations David Smith CERN DPM Workshop 07/12/2015 dpm-xrootd2.

PerfSONAR operations meeting 3 rd October Agenda Propose changes to the current operations of perfSONAR Discuss current and future deployment model.

Windows 7 Ultimate

Federating Data in the ALICE Experiment

Ricardo Rocha ( on behalf of the DPM team )

perfSONAR-PS Deployment: Status/Plans

INFN – CNAF Site Report Author: Valentina Medici

Proposal for obtaining installed capacity

Artem Petrosyan (JINR), Danila Oleynik (JINR), Julia Andreeva (CERN)

Data Federation with Xrootd Wei Yang US ATLAS Computing Facility meeting Southern Methodist University, Oct 11-12, 2011.

Conditions Data access using FroNTier Squid cache Server

WLCG security landscape in EGI and beyond Maarten Litmaath CERN v1

DPM releases and platforms status

Welcome To : Group 1 VC Presentation

How to Install Quicken Software

POS 221 Education for Service-- snaptutorial.com

EGI Security Risk Assessment

Software Vulnerability Group Status update

New Types of Accounting Beyond CPU

Dr Linda Cornwall STFC/RAL EGI OMB 27th September 2013

User Accounting Integration Spreading the Net.

System Administration (LTAT )

Building a minimum viable Security Operations Centre

Presentation transcript:

EU privacy issue Ilija Vukotic 6 th October 2014

The issue Nikhef reported the way XRootD is collecting and sending monitoring information as a vulnerability. – User’s DN is sent as a clear text – It is sent outside of EU Reported on WLCG MB 16 th Sep Came to us on 17 th Sep.

The fix On 18 th we decided to: – Remove client’s DN from the monitoring stream – Ask EU sites to change the collector to the one at CERN Collector at CERN was already running and only one site was sending info there, even we asked UK cloud to send there.

Removing DN – native xrootd, proxy xrootd.monitor all flush 30s window 5s fstat 60 lfn ops xfr 5 dest user redir files info atlas-fax-eu- collector.cern.ch:9330atlas-fax-eu- collector.cern.ch:9330 if exec xrootd xrd.report atlas-fax-eu-collector.cern.ch:9331 every 60s all -buff -poll sync fi

Removing DN – direct dCache Install new monitoring plugin: dcache26-plugin-xrootd-monitor noarch.rpm Change configuration to: summary=atlas-fax-eu-collector.cern.ch:9331:60 detailed=atlas-fax-eu-collector.cern.ch:9330:60atlas-fax-eu-collector.cern.ch:9330:60 vo=ATLAS

Removing DN - DPM DPM_XROOTD_DISK_MISC=” xrootd.monitor all flush 30s fstat 60 lfn ops xfr 5 window 5s dest user fstat info redir atlas-fax-eu- collector.cern.ch:9330atlas-fax-eu- collector.cern.ch:9330 if exec xrootd xrd.report atlas-fax-eu-collector.cern.ch:9331 every 60s all -buff -poll sync fi"

The Twiki documentation now includes separate instructions for the EU sites. Linda Cornwall - EGI Software Vulnerability Group chair – will inform sites on the fix in a separate channel. Also “an advisory IS going to be sent this week, to alert sites and give them the opportunity to block sending data that does not comply with data protection. ”

Finally One site made the change: FZK