Presentation is loading. Please wait.

Presentation is loading. Please wait.

JSPG: User-level Accounting Data Policy David Kelsey, CCLRC/RAL, UK LCG GDB Meeting, Rome, 5 April 2006.

Published byDarlene McCormick Modified over 9 years ago

Similar presentations

Presentation on theme: "JSPG: User-level Accounting Data Policy David Kelsey, CCLRC/RAL, UK LCG GDB Meeting, Rome, 5 April 2006."— Presentation transcript:

1 JSPG: User-level Accounting Data Policy David Kelsey, CCLRC/RAL, UK d.p.kelsey@rl.ac.uk LCG GDB Meeting, Rome, 5 April 2006

2 5 Apr 2006Accounting Policy2 Overview Reminders –Accounting requirements –Last GDB meeting –User AUP Draft Accounting Data Policy Request to WLCG sites

3 5 Apr 2006Accounting Policy3 Accounting Requirements Reminder… LCG requires (OB) All Grid sites providing resources to WLCG to provide accounting information for all jobs run by members of the LHC VO’s The LHC VO managers require Access to accounting at individual user level –i.e. X.509 DN included Again from all sites providing resources Timely accounting (monitoring) useful? We need a technical solution and agreed policy that allows all this to happen legally

4 5 Apr 2006Accounting Policy4 Mar 06 GDB I gave a presentation on this topic –Policy components but no details It was agreed that JSPG should produce a policy document for discussion at this GDB meeting –Aim for full user-level accounting Since last meeting… Technical issues –R-GMA (used by APEL) does not yet have Authorization Anyone with a IGTF Grid certificate can read the data Discussions with the R-GMA team –Protect the user-level info (encrypted DN) Draft Policy for discussion today –Sites/countries to say if approach is legal –Written document to follow

5 5 Apr 2006Accounting Policy5 User consent Reminder…. Grid AUP says…(accepted during registration with VO) Logged information, including information provided by you for registration purposes, shall be used for administrative, operational, accounting, monitoring and security purposes only. This information may be disclosed to other organizations anywhere in the world for these purposes. Although efforts are made to maintain confidentiality, no guarantees are given So the User has given consent

6 5 Apr 2006Accounting Policy6 Draft Accounting Policy All LCG sites are required to provide to the GOC accounting DB an accounting record per job in the agreed format (GGF schema) This record not only specifies the VO but includes the User DN (encrypted) These records must be transferred to the central GOC accounting DB on a regular basis –How frequent? (every day?) Q: Do we allow/forbid VOs to do their own accounting or bookkeeping? –Same legal problems of monitoring individual user activity

7 5 Apr 2006Accounting Policy7 Accounting Policy (2) What is stored and where? –Grid service/batch system log files stored locally These include unencrypted user DNs Audit requirements policy requires these to be kept –Regular processing -> accounting record per job (locally) in the agreed format In APEL, stored on the site R-GMA MON box –User DN field must be encrypted use one standard accounting public key Encrypt “DN + random string” to avoid analysis of the encrypted DN –Records regularly -> RAL GOC accounting R-GMA MON box –Subsequently -> GOC accounting database

8 5 Apr 2006Accounting Policy8 Accounting Policy (3) USER DN will be decrypted during this transfer (to GOC DB) Individual accounting records are aggregated into summary records in GOC accounting database –one record/VO/month/site –one record/VO/month/user –Or should aggregation be per week?

9 5 Apr 2006Accounting Policy9 Accounting Policy (4) Access rights - Who can read? R-GMA today has Authentication but not Authorization –Anyone with a valid certificate from an IGTF approved CA can read the RAL GOC R-GMA data –User DN must remain encrypted in R-GMA The decryption key is only known by authorised GOC staff The GOC accounting Database (including decrypted user DNs) is only readable by the authorised GOC staff and (via a web interface) by authorised VO managers General read access (web front end) to the accounting data must not include user-level info Any user has the right to access his/her own accounting records –mechanism to be defined –By request to GOC or by authenticated web access?

10 5 Apr 2006Accounting Policy10 Accounting Policy (5) Access for what purposes? To aggregated accounting data (no user data) –For all bona-fide accounting purposes To aggregated user-level data –Only for operational and monitoring purposes –Must preserve the confidentiality No web publication No discussion on public mail lists Information must remain within authorised management of GOC and VOs

11 5 Apr 2006Accounting Policy11 Accounting Policy (6) Retention period? The detailed records –one per job including encrypted user DN –Both in R-GMA and GOC accounting DB –Will only be retained for as long as needed –Propose deletion after 12 months annual resource planning cycle Aggregated summary data –With no user DN – no deletion defined –Summary per user – propose deletion after 12 months

12 5 Apr 2006Accounting Policy12 Accounting Policy (7) Publication of accounting data? Access via web front end(s) No access to individual job records Aggregated summary data (per VO/site/month) –World readable (or need a certificate?) Aggregated summary data (per VO/user/month) –Not world readable –Authorised GOC and VO managers may read Must not publish anywhere else Must not store analyses anywhere else

13 5 Apr 2006Accounting Policy13 Accounting Policy (8) How is the data protected from illegal or accidental disclosure? R-GMA data needs no special protection –Needs a valid IGTF Grid certificate – Authenticated access –Most fields not private –User DN is encrypted to prevent disclosure GOC Accounting DB (MySQL) –Authorised access only –Protected via normal MySQL and OS/File system access control –But no guarantees, of course

14 5 Apr 2006Accounting Policy14 Request to WLCG sites Countries/Sites Please discuss/consult locally Does this policy satisfy local legal constraints? If not, what extra is needed to allow user-level accounting to happen? Feedback to me JSPG will prepare the actual document based on feedback from sites and discussion with GOC accounting team But we need agreed details

Download ppt "JSPG: User-level Accounting Data Policy David Kelsey, CCLRC/RAL, UK LCG GDB Meeting, Rome, 5 April 2006."

Similar presentations

Grid Security Policy GridPP18, Glasgow David Kelsey 21sr March 2007.

Grid Security Policy GridPP18, Glasgow David Kelsey 21sr March 2007.
5-Dec-02D.P.Kelsey, GridPP Security1 GridPP Security UK Security Workshop 5-6 Dec 2002, NeSC David Kelsey CLRC/RAL, UK

5-Dec-02D.P.Kelsey, GridPP Security1 GridPP Security UK Security Workshop 5-6 Dec 2002, NeSC David Kelsey CLRC/RAL, UK
Overview of local security issues in Campus Grid environments Bruce Beckles University of Cambridge Computing Service.

Overview of local security issues in Campus Grid environments Bruce Beckles University of Cambridge Computing Service.
Grid Security Users, VOs, Sites OSG Collaboration Meeting University of Washington Bob Cowles August 23, 2006 Work supported.

Grid Security Users, VOs, Sites OSG Collaboration Meeting University of Washington Bob Cowles August 23, 2006 Work supported.
Authorization WG Update David Kelsey EU Grid PMA, Copenhagen 27 May 2008.

Authorization WG Update David Kelsey EU Grid PMA, Copenhagen 27 May 2008.
INFSO-RI-508833 Enabling Grids for E-sciencE Update on LCG/EGEE Security Policy and Procedures David Kelsey, CCLRC/RAL, UK

INFSO-RI Enabling Grids for E-sciencE Update on LCG/EGEE Security Policy and Procedures David Kelsey, CCLRC/RAL, UK
DESIGNING A PUBLIC KEY INFRASTRUCTURE

DESIGNING A PUBLIC KEY INFRASTRUCTURE
30-Jan-03D.P.Kelsey, GridPP Security1 Security GridPP6 30 Jan 2003 Coseners House David Kelsey CLRC/RAL, UK

30-Jan-03D.P.Kelsey, GridPP Security1 Security GridPP6 30 Jan 2003 Coseners House David Kelsey CLRC/RAL, UK
\ 2008-11-13Grid Security and Authentication1. David Groep Physics Data Processing group Nikhef.

\ Grid Security and Authentication1. David Groep Physics Data Processing group Nikhef.
Www.egi.eu EGI-InSPIRE RI-261323 EGI-InSPIRE www.egi.eu EGI-InSPIRE RI-261323 EGI Security Policy Group Summary EGI TF David Kelsey 6/28/2015 1.

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI EGI Security Policy Group Summary EGI TF David Kelsey 6/28/
WLCG Security TEG, risks and Identity Management David Kelsey GridPP28, Manchester 18 Apr 2012.

WLCG Security TEG, risks and Identity Management David Kelsey GridPP28, Manchester 18 Apr 2012.
Accounting Update Dave Kant Grid Deployment Board Nov 2007.

Accounting Update Dave Kant Grid Deployment Board Nov 2007.
CILogon OSG CA Mine Altunay Jim Basney TAGPMA Meeting Pittsburgh May 27, 2015.

CILogon OSG CA Mine Altunay Jim Basney TAGPMA Meeting Pittsburgh May 27, 2015.
Introduction on R-GMA Shi Jingyan Computing Center IHEP.

Introduction on R-GMA Shi Jingyan Computing Center IHEP.
Summary of Accounting Discussion at the GDB in Bologna Dave Kant CCLRC, e-Science Centre.

Summary of Accounting Discussion at the GDB in Bologna Dave Kant CCLRC, e-Science Centre.
Deployment Issues David Kelsey GridPP13, Durham 5 Jul 2005

Deployment Issues David Kelsey GridPP13, Durham 5 Jul 2005
EGEE-III INFSO-RI-222667 Enabling Grids for E-sciencE EGEE and gLite are registered trademarks David Kelsey RAL/STFC,

EGEE-III INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks David Kelsey RAL/STFC,
1 OSG Accounting Service Requirements Matteo Melani SLAC for the OSG Accounting Activity.

1 OSG Accounting Service Requirements Matteo Melani SLAC for the OSG Accounting Activity.
10-Jun-03D.P.Kelsey, LCG-GDB-Security1 LCG/GDB Security (Report from the LCG Security Group) CERN, 10 June 2003 David Kelsey CCLRC/RAL, UK

10-Jun-03D.P.Kelsey, LCG-GDB-Security1 LCG/GDB Security (Report from the LCG Security Group) CERN, 10 June 2003 David Kelsey CCLRC/RAL, UK
Security Policy Update LCG GDB Prague, 4 Apr 2007 David Kelsey CCLRC/RAL

Security Policy Update LCG GDB Prague, 4 Apr 2007 David Kelsey CCLRC/RAL

Similar presentations

Ads by Google