OSG PKI Transition: Transition Phase Report Von Welch OSG PKI Transition Lead Indiana University Center for Applied Cybersecurity Research.

Slides:

Advertisements

Similar presentations

OSG Council Meeting, August 2nd Executive Director Report to the OSG Council Executive Director Report to the OSG Council August 2 nd 2011, Ruth.

Advertisements

Contributors & Users Science Communities Campuses Universities & Laboratories Service & Software Providers Scientists, Researchers, Educators, Students.

OSG Area Coordinators Meeting Security Team Report Mine Altunay 04/02/2014.

OSG Area Coordinators Meeting Security Team Report Mine Altunay 05/15/2013.

May 9, 2008 Reorganization of the OSG Project The existing project organization chart was put in place at the beginning of It has worked very well.

Open Science Grid and Gluex Richard Jones Gluex Collaboration Meeting, Newport News, Jan , 2010.

Jan 2010 Current OSG Efforts and Status, Grid Deployment Board, Jan 12 th 2010 OSG has weekly Operations and Production Meetings including US ATLAS and.

This was unexpected Keynote talk for Open Science Grid All Hands Meeting Indianapolis IN - 11 March 2013 Craig A. Stewart Executive Director, Pervasive.

1 Open Science Grid in Adolescence: Ruth Pordes Fermilab.

OSG Area Coordinators Meeting Operations Rob Quick 2/22/2012.

OSG Area Coordinators Meeting Cross-ProjectArea Report Ruth Pordes 2/8/2011.

Key Project Drivers - FY11 Ruth Pordes, June 15th 2010.

CILogon OSG CA Mine Altunay Jim Basney TAGPMA Meeting Pittsburgh May 27, 2015.

OSG Area Coordinators Meeting Operations Rob Quick 2/22/2012.

OSG Operations Rob Quick July 10th, 2012 OSG Staff Retreat.

OSG Area Coordinators Meeting Security Team Report Mine Altunay 12/21/2011.

KISTI Grid CA Status Report KISTI Supercomputing Center Sangwan Kim APGridPMA Meeting Mar 8, 2010 Academia Sinica, Taipei, Taiwan.

Integration and Sites Rob Gardner Area Coordinators Meeting 12/4/08.

OSG RA plans Doug Olson, LBNL May Contents RA, agent, sponsor layout & OU=People use case Sample web form Agent Role GridAdmin Role Questions.

May 8, 20071/15 VO Services Project – Status Report Gabriele Garzoglio VO Services Project – Status Report Overview and Plans May 8, 2007 Computing Division,

OSG Project Manager Report for OSG Council Meeting August 5, 2008 Chander Sehgal.

Apr 30, 20081/11 VO Services Project – Stakeholders’ Meeting Gabriele Garzoglio VO Services Project Stakeholders’ Meeting Apr 30, 2008 Gabriele Garzoglio.

OSG Area Coordinators Meeting Security Team Report Mine Altunay 04/3/2013.

OSG Area Coordinators Meeting Proposal Chander Sehgal Fermilab

OSG Council, Aug 22 nd -23 rd 2012 Ruth Pordes, Council Chair.

Open Science Grid  Consortium of many organizations (multiple disciplines)  Production grid cyberinfrastructure  80+ sites, 25,000+ CPU.

Report on the state of OSG Software Alain Roy. OSG Year 6 Planning, July 2011 Points to discuss 1.State of RPM transition 2.State of last scheduled Pacman.

OSG Project Manager Report for OSG Council Meeting OSG Project Manager Report for OSG Council Meeting October 14, 2008 Chander Sehgal.

Evolution of the Open Science Grid Authentication Model Kevin Hill Fermilab OSG Security Team.

Report by the Open Science Grid Council Subcommittee to Address At- Large VO Representation on the Consortium Council Shaowen Wang (on behalf of the committee)

Production Coordination Staff Retreat July 21, 2010 Dan Fraser – Production Coordinator.

OSG Security Review Mine Altunay December 4, 2008.

Rob Quick OSG Operations Area Coordinator Manager High Throughput Computing Indiana University Integrating OSG Operational Services Rob Quick OSG Operations.

ESnet PKI Developed for the DOE Science Grid and SciDAC.

OSG Area Coordinators Meeting Security Team Report Mine Altunay 8/15/2012.

OSG Production Report OSG Area Coordinator’s Meeting Aug 12, 2010 Dan Fraser.

OSG PKI Contingency and Recovery Plans Mine Altunay, Von Welch OSG Council August 23, 2012.

OSG PKI Contingency and Recovery Plans Mine Altunay, Von Welch October 16, 2012.

OSG Area Coordinators Meeting Security Team Report Mine Altunay 11/02/2011.

OSG Area Coordinators Meeting Security Team Report Mine Altunay 6/6/2012.

LCG Pilot Jobs + glexec John Gordon, STFC-RAL GDB 7 November 2007.

Michael Fenn CPSC 620, Fall 09.  Grid computing is the process of allowing loosely-coupled virtual organizations to share resources over a wide area.

State of the OSG Software Stack Alain Roy OSG Software Coordinator.

US LHC OSG Technology Roadmap May 4-5th, 2005 Welcome. Thank you to Deirdre for the arrangements.

OSG Production Report OSG Area Coordinator’s Meeting Nov 17, 2010 Dan Fraser.

Open Science Grid (OSG) Introduction for the Ohio Supercomputer Center Open Science Grid (OSG) Introduction for the Ohio Supercomputer Center February.

9 Oct Overview Resource & Project Management Current Initiatives  Generate SOWs  8 written and 6 remain;  drafts will be complete next week 

Production Coordination Area VO Meeting Feb 11, 2009 Dan Fraser – Production Coordinator.

Open Science Grid Security Activities Mine Altunay, FNAL OSG Security Officer For the OSG Security Team: Doug Olson, Deputy Security Officer, LBNL, Jim.

OSG RA, DOEGrids CA features Doug Olson, LBNL August 2006.

Production Oct 31, 2012 Dan Fraser. Current Production Focus Transition to RPMs 52(44) sites using RPM based installs 52(44) sites using RPM based installs.

Operations Activity Doug Olson, LBNL Co-chair OSG Operations OSG Council Meeting 3 May 2005, Madison, WI.

OSG Area Report Production – Operations – Campus Grids Jan 11, 2011 Dan Fraser.

LCG CERN David Foster LCG WP4 Meeting 20 th June 2002 LCG Project Status WP4 Meeting Presentation David Foster IT/LCG 20 June 2002.

OSG Area Coordinators Meeting Security Team Report Mine Altunay 4/11/2012.

OSG Deployment Preparations Status Dane Skow OSG Council Meeting May 3, 2005 Madison, WI.

OSG Report for DOE/NSF Joint Oversight Group U.S. Large Hadron Collider Program OSG Report for DOE/NSF Joint Oversight Group U.S. Large Hadron Collider.

OSG Area Coordinators Meeting Security Team Report Mine Altunay 02/13/2012.

Identity Management in Open Science Grid Identity Management in Open Science Grid Challenges, Needs, and Future Directions Mine Altunay, James Basney,

OSG Area Report Production – Operations – Campus Grids June 19, 2012 Dan Fraser Rob Quick.

LCG Pilot Jobs + glexec John Gordon, STFC-RAL GDB 7 December 2007.

WLCG Operations Coordination report Maria Alandes, Andrea Sciabà IT-SDC On behalf of the WLCG Operations Coordination team GDB 9 th April 2014.

OSG Security: Updates on OSG CA & Federated Identities Mine Altunay, PhD OSG Security Team OSG AHM March 24, 2015.

The Great Migration: From Pacman to RPMs Alain Roy OSG Software Coordinator.

OSG PKI Transition Mine Altunay OSG Security Officer

OSG Area Coordinators Meeting Security Team Report Mine Altunay 8/15/2012.

Certificate Security For Users Obtaining and Using Your Personal Certificate using the OSG PKI Kyle Gross – OSG Operations Support Lead Elizabeth Prout.

OSG PKI Transition: Status and Next Steps (and Lessons Learned) Von Welch OSG PKI Transition Lead Indiana University Center for Applied Cybersecurity Research.

David Kelsey CCLRC/RAL, UK

Leigh Grundhoefer Indiana University

Presentation transcript:

OSG PKI Transition: Transition Phase Report Von Welch OSG PKI Transition Lead Indiana University Center for Applied Cybersecurity Research

OSG Council Meeting, March 14, 2013 This Presentation Covers Draft Transition Phase Report with updates  Oct, 2012-Feb, 2013  Builds on OSG AHM Presentation  Pilot Phase Report  Planning Phase Report  Development and Deployment Phases Report  2

OSG Council Meeting, March 14, 2013 In Summary I believe we are prepared for March 23 rd, DOE Grids CA cessation of issuance. There will be some issues – “unknown unknowns” – but I believe they are now manageable. Continues to be a great example of teamwork across OSG, its VOs, and ESnet. 3

OSG Council Meeting, March 14, 2013 Status PKI is in operations –  39 VOs registered  Issued 300+ user certificates (10% of OSG users)  Handled 350+ host requests (some for up to 50 certificates) (again ~10%) Web and command-line clients in production OSG Software Release 4

OSG Council Meeting, March 14, 2013 VO Registered with PKI ALICE, ANL, Belle, CSIU, DOSAR, DREAM, DZero, Engage, ESGF, FusionGrid, GLOW, GPN, HCC, IceCube, LCG, MIS, nanoHUB, LBNL, NEBioGrid, NEES, NERSC, NYSGRID, ORNL, OSG, OSGEDU, SBGrid, STAR, SURAgrid, UC3. Underlined: New to OSG for use of PKI 5

OSG Council Meeting, March 14, 2013 VOs Not Registered with PKI CompBioGrid, DayaBay, GCEDU, GCVO, GROW, i2u2, NWICG, Vlab (Will not be registering: GlueX, LIGO, Ops, RSV, enmr.eu, geant4, GridUNESP, superbvo.org) 6

OSG Council Meeting, March 14, 2013 Software Incompatibilities CERN (ATLAS): Service upgraded, issue resolved. GUMS/LCMAPS: Need RPM version (instead of PACMAN) Latest version of GUMS (1.3.18) recommended both for PKI and SHA-2 Thanks to Oscar Koeroo (Nikhef) for help in diagnosing 7

OSG Council Meeting, March 14, 2013 Operations Impact The day-to-day management of the PKI is transitioning to the Operations team with the Transition Lead, Welch, saying involved to oversee changes do not conflict with policy or best practices. Operations impact continues to be as predicted, an increase from.1 FTE under the DOE Grids PKI to.5 FTE under the OSG PKI. 8

OSG Council Meeting, March 14, 2013 Tasks still be completed The self-audit with DigiCert. The transfer of software packages to the Software team is pending the final planned release (1.2). The SLA for OIM needs to be updated to included change management and notification for the OSG PKI community. 9

OSG Council Meeting, March 14, 2013 Issues for OSG Management 1.There continues to be concern that VOs are not fully prepared and communications efforts continue. 2.A decision is needed on the level of support OSG should provide for host certificate at sites not associated with OSG directly, but involved with OSG’s campus outreach or participating in evaluating OSG as a potential VO. 10

OSG Council Meeting, March 14, 2013 Next Steps Listen to community with regards to missing features, prioritize and implement as possible. Iron out process for change – deciding and communicating. OIM change prioritization now in realm of Operations Team (rather than Transition Team). Command line clients will transition to Software Team after IU/CACR will continue contributing. 11

OSG Council Meeting, March 14, 2013 Contributors to the Transition Mine Altunay, Jim Basney, Tim Cartwright, Alain Deximo, Jeremy Fischer, Soichi Hayashi, John Hover, Viplav Khadke, Christiane A. Ludescher-Furth, Ruth Pordes, Rohan Mathure, Robert Quick, Alain Roy, Chander Sehgal, Mátyás Selmeci, Anthony Tiradani, and John Volmer Also thanks to Dhiva Muruganantham and Lauren Rotman of ESnet 12

OSG Council Meeting, March 14, 2013 Thank you. Questions. Von Welch OSG PKI Service: idmanager.opensciencegrid.org Documentation: 13