Presentation is loading. Please wait.

Presentation is loading. Please wait.

Thailand National Grid Project Putchong Uthayopas 1 and Vara Varavithya 2 1 Director High Performance Computing and Networking Center Kasetsart University,

Published byAvery MacLean Modified over 11 years ago

Similar presentations

Presentation on theme: "Thailand National Grid Project Putchong Uthayopas 1 and Vara Varavithya 2 1 Director High Performance Computing and Networking Center Kasetsart University,"— Presentation transcript:

1 Thailand National Grid Project Putchong Uthayopas 1 and Vara Varavithya 2 1 Director High Performance Computing and Networking Center Kasetsart University, Bangkok, Thailand pu@ku.ac.th 2 Department of Electrical Engineering Faculty of Engineering King Mongkuts Institute of Technology North Bangkok vara@kmitnb.ac.th

2 TNGP, APAN2005@BKK2 Thai Grid Current Status Currently in Operation Delivered Grid Monitoring and Management Tools to Communities Government Approve approx. 6M US$ funding the project for 3 years Supports Certification Technical Grid Technology Promotions

3 TNGP, APAN2005@BKK3 Agenda Thailand National Grid Project ThaiGrid Status Update Current Development in ThaiGrid

4 TNGP, APAN2005@BKK4 TNGP Objectives Promote the use of Grid Technologies Excellence in Grid Technology Human Resource Development Provide Grid Infrastructure Computing Infrastructure Communication Structure Help Establishing Standard and Practices House the ThaiGrid Office

5 TNGP, APAN2005@BKK5 National Grid Committee Business Structure Ministry of ICT Grid Technology Excellence Center SIPA Research Institutions Grid Users Gov. Agencies Com Sci. Eng. People Academic Institutions Researchers

6 TNGP, APAN2005@BKK6 Computing Infrastructure Tera Flops Machine Satellite Clusters 32-proc. Machine Satellite Clusters 32-proc. Machine Satellite Clusters 32-proc. Machine Satellite Clusters 32-proc. Machine 16 Satellite Sites High Speed Network

7 TNGP, APAN2005@BKK7 Participated Organizations KU, CU, KMITNB, KMUTT, KMITL, Mahidol, KKU, SUT, WU, AIT Weather Forecast Services NECTEC

8 TNGP, APAN2005@BKK8 Human Resource Housing Dozen of Grid Engineers and Scientists at the excellence center Systematically trains Grid Admins via series of tutorials and workshops Target 2,000 in three years

9 TNGP, APAN2005@BKK9 Applications Health Care Data Grid High Performance Computing Applications Drug Design CFD FEM Evolutionary Computing Financial Application Based on Participated Inst. Expertise

10 TNGP, APAN2005@BKK10 Targeted Outcomes Robust Grid Enable High Performance Computing Infrastructure A set, 3-4, of Grid Applications Show Cases Social impact to Thais well being Supports sciences and technology 2,000 HR Development Grid Technology Promotion

11 TNGP, APAN2005@BKK11 ThaiGrid Project Found Jan 2002 Build up a long term research partnership to explore The construction of Grid testbed and production environment The building of Grid tools and middleware. The deployment of grid technology to support the mission of scientific discovery The development of Grid application

12 TNGP, APAN2005@BKK12 ThaiGrid Overall Status 10 Clusters total AMATA – KU GASS – KU MAEKA – KU WARINE – KU CAMETA – SUT OPTIMA - AIT ENQUEUE – KMITNB PALM – KMITNB SPIRIT – CU INCA - KMUTT 110 Hosts (From SCMS) 158 CPUs (From SCMS)

13 TNGP, APAN2005@BKK13 ThaiGrid Status Map

14 TNGP, APAN2005@BKK14 Software ROCKS-3.2.0 (Shasta) with HPC Roll Grid Roll SCE Roll Scheduler Roll Globus Toolkits 2.4 SCMSWeb Monitoring Tool Shared Certificate Authority

15 TNGP, APAN2005@BKK15 ThaiGrid Tools TGCheckPort – Checking the firewall between sites TGregister – Grid user management and automatically updated grid- mapfile system

16 TNGP, APAN2005@BKK16 TGregister

17 TNGP, APAN2005@BKK17 Application Drug Design ThaiGrid Drug Design Portal HIV Drug Design Avian Flu Drug Design

18 TNGP, APAN2005@BKK18 Drug Design

19 TNGP, APAN2005@BKK19

20 Proxy Certificate Delegation X.509 SSL Multi-Level User Implementation on X.509 ThaiGrid User Services Two core concepts: X.509 digital certificates used as identity credentials Proxy Certificate used to delegate identity temporarily to other credentials

21 Grid Security : Security VO manage Management of VO - Discover VO by Grid participants - Authentication and authorization of participants to join VO - Access control: Participants access shared resources in VO The problem of VO security - Large number of distributed resources - Dynamic and complex relationships among organizations across trust domains - Resource utilization scenarios are complex and changing dynamically

22 Large and dynamic population Different accounts at different sites Personal and confidential data Heterogeneous privileges (roles) Desire Single Sign-OnUsers Sites Heterogeneous Resources Access Patterns Local policies Membership Group data Access Patterns MembershipGroups Grid Security: VOs Role Grid

23 Grid Security : Authorization management Community Authorization Service user CA CAS Server Mutual authentication and access resource Request proxy to CAS server Reply restriced proxy to user Delegation restriced proxy from CAS CAS concept: Reduce trust relationship by - Group user to community - Resource authorized community - Community authorized user - Constrain in proxy certificate But CAS cannot support authorization in small communities in VO and support only GridFTP

24 Grid Security: Small Communities in VO Component of small communities in VO Static users for assign authoritative Temporarily users accept authoritative from static users Users operation same jobs in small communities in VO Multi-level authoritative from user to user Requirement of small communities in VO Mechanism for direct assign authoritative multi-level user management

25 Authoritative credentials High-level user Low-level user Proxy generator with privilege authoritative Authoritative privilege generator Gatekeeper Check permit for authorization Grid mapfile Run jobs Cannot run jobs GRID RESOURCE Multi-Level assign authoritative architecture Generate assign authoritative Request proxy with privilege authoritative allowdeny Authentication & authorization with proxy privilege authoritative

26 Multi-Level assign authoritative Concept Use Attribute Certificate concept for assign privilege authoritative Embed Attribute Certificate into X.509 Certificate Subject:O=Grid, O=ThaiGrid, OU=ee.kmitnb.ac.th, CN=suriya Issuer: C=TH, O=Grid, O=ThaiGrid, CN=ThaiGrid CA Expiration date: Aug 22 08:08:14 2005 GMTSerial number: 625 (0x271) CA Digital signature Attribute Certificate : Issuer : O=Grid, O=ThaiGrid, OU=ee.kmitnb.ac.th, CN=suriya Holder : O=Grid, O=ThaiGrid, OU=ee.kmitnb.ac.th, CN=gridstaff Validity date : Jan 22 08:08:14 2005 GMTSerial extension : sun.ee.kmitnb.ac.th/allow Issuer Signature : MD5RSAEncryption Public Key Concept :

27 Transfer multi-level assign authoritative Attribute Certificate: Issuer : user A Holder : user B,C,..X Privilege :host/allow/deny Validity : 20050128:18:45 Signature: user A Proxy Certificate with AC Identity : user B Public Key : user B Validity : 20050128:18:45 Signature: CA Assign authoritative from user A User B proxy-init with AC User B CA User X Resource User A User A is authoritative privilege User B can access Step access same user B Assign authoritative to user B to user X

28 Current Development Build tool support multi-level assign authoritative user management for small communities in VO Modify Proxy Certificate by embedded Attribute Certificate for access rights

29 TNGP, APAN2005@BKK29 Conclusion The Start of Thailand National Grid Project ThaiGrid Operation has been in operation and strong. Several applications, middleware development Lots more to come in human resource development to foster grid efforts

Download ppt "Thailand National Grid Project Putchong Uthayopas 1 and Vara Varavithya 2 1 Director High Performance Computing and Networking Center Kasetsart University,"

Similar presentations

Building a CFD Grid Over ThaiGrid Infrastructure Putchong Uthayopas, Ph.D Department of Computer Engineering, Faculty of Engineering, Kasetsart University,

Building a CFD Grid Over ThaiGrid Infrastructure Putchong Uthayopas, Ph.D Department of Computer Engineering, Faculty of Engineering, Kasetsart University,
Recent development of e- Science & Grid in Thailand 24 January 2006 Piyawut Srichaikul, NECTEC Putchong Uthayopas, KU.

"Recent development of e- Science & Grid in Thailand" 24 January 2006 Piyawut Srichaikul, NECTEC Putchong Uthayopas, KU.
Demonstrations at PRAGMA 13 10 demos are nominated by WG chairs Did not call for demos. We will select the best demo(s) Criteria is under discussion. Notes.

Demonstrations at PRAGMA demos are nominated by WG chairs Did not call for demos. We will select the best demo(s) Criteria is under discussion. Notes.
Introduction of Grid Security

Introduction of Grid Security
Wei Lu 1, Kate Keahey 2, Tim Freeman 2, Frank Siebenlist 2 1 Indiana University, 2 Argonne National Lab

Wei Lu 1, Kate Keahey 2, Tim Freeman 2, Frank Siebenlist 2 1 Indiana University, 2 Argonne National Lab
Open Grid Forum 19 January 31, 2007 Chapel Hill, NC Stephen Langella Ohio State University Grid Authentication and Authorization with.

Open Grid Forum 19 January 31, 2007 Chapel Hill, NC Stephen Langella Ohio State University Grid Authentication and Authorization with.
18 th WGISS Meeting, September 6-10, 2004, Beijing, People Republic of China Activities on Grid Technology at GISTDA Pakorn Apaphant GISTDA.

18 th WGISS Meeting, September 6-10, 2004, Beijing, People Republic of China Activities on Grid Technology at GISTDA Pakorn Apaphant GISTDA.
Inetrconnection of CNGrid and European Grid Infrastructure Depei Qian Beihang University Feb. 20, 2006.

Inetrconnection of CNGrid and European Grid Infrastructure Depei Qian Beihang University Feb. 20, 2006.
5-Dec-02D.P.Kelsey, GridPP Security1 GridPP Security UK Security Workshop 5-6 Dec 2002, NeSC David Kelsey CLRC/RAL, UK

5-Dec-02D.P.Kelsey, GridPP Security1 GridPP Security UK Security Workshop 5-6 Dec 2002, NeSC David Kelsey CLRC/RAL, UK
GT 4 Security Goals & Plans Sam Meder

GT 4 Security Goals & Plans Sam Meder
The National Grid Service and OGSA-DAI Mike Mineter

The National Grid Service and OGSA-DAI Mike Mineter
Current status of grids: the need for standards Mike Mineter TOE-NeSC, Edinburgh.

Current status of grids: the need for standards Mike Mineter TOE-NeSC, Edinburgh.
OMII-UK Steven Newhouse, Director. © 2 OMII-UK aims to provide software and support to enable a sustained future for the UK e-Science community and its.

OMII-UK Steven Newhouse, Director. © 2 OMII-UK aims to provide software and support to enable a sustained future for the UK e-Science community and its.
EGI-InSPIRE RI-261323 EGI-InSPIRE EGI-InSPIRE RI-261323 AAI in EGI Status and Evolution Peter Solagna Senior Operations Manager

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI AAI in EGI Status and Evolution Peter Solagna Senior Operations Manager
Www.euchinagrid.org Liang ZHAO, PKU EUChinaGrid 3 rd Tutorial Nov.25, 2006 Authentication and Authorization in gLite Liang ZHAO Peking University.

Liang ZHAO, PKU EUChinaGrid 3 rd Tutorial Nov.25, 2006 Authentication and Authorization in gLite Liang ZHAO Peking University.
State of DNS Security Extensions Edward Lewis February 26, 2001 APRICOT 2001 Panel.

State of DNS Security Extensions Edward Lewis February 26, 2001 APRICOT 2001 Panel.
FP7-INFRA-222667 Enabling Grids for E-sciencE www.eu-egee.org EGEE Induction Grid training for users, Institute of Physics Belgrade, Serbia Sep. 19, 2008.

FP7-INFRA Enabling Grids for E-sciencE EGEE Induction Grid training for users, Institute of Physics Belgrade, Serbia Sep. 19, 2008.
High Performance Computing Course Notes 2007-2008 Grid Computing.

High Performance Computing Course Notes Grid Computing.
Military Technical Academy Bucharest, 2006 GRID SECURITY INFRASTRUCTURE (GSI) - Globus Toolkit - ADINA RIPOSAN Department of Applied Informatics.

Military Technical Academy Bucharest, 2006 GRID SECURITY INFRASTRUCTURE (GSI) - Globus Toolkit - ADINA RIPOSAN Department of Applied Informatics.
The Community Authorisation Service – CAS Dr Steven Newhouse Technical Director London e-Science Centre Department of Computing, Imperial College London.

The Community Authorisation Service – CAS Dr Steven Newhouse Technical Director London e-Science Centre Department of Computing, Imperial College London.

Similar presentations

Ads by Google