Presentation is loading. Please wait.

Presentation is loading. Please wait.

EGEE is a project funded by the European Union under contract IST-2003-508833 Grid computing Assaf Gottlieb Tel-Aviv University assafgot tau.ac.il www.eu-egee.org.

Published byFrederica Doyle Modified over 9 years ago

Similar presentations

Presentation on theme: "EGEE is a project funded by the European Union under contract IST-2003-508833 Grid computing Assaf Gottlieb Tel-Aviv University assafgot tau.ac.il www.eu-egee.org."— Presentation transcript:

1 EGEE is a project funded by the European Union under contract IST-2003-508833 Grid computing Assaf Gottlieb Tel-Aviv University assafgot tau.ac.il www.eu-egee.org http://iag.iucc.ac.il

2 EGEE tutorial 2 Outline What is a grid & e-Research The EGEE III grid Joining the grid

3 EGEE tutorial 3 What is e-Research? Collaborative research that is made possible by the sharing across the Internet of resources (data, instruments, computation, people’s expertise...)  Crosses organizational boundaries  Often very compute intensive  Often very data intensive  Sometimes large-scale collaboration Began with focus in the “big sciences” hence initiatives are often badged as “e-science”

4 EGEE tutorial 4 What is e-Science? ‘e-Science is about global collaboration in key areas of science, and the next generation of infrastructure that will enable it.’ John Taylor Director General of Research Councils Office of Science and Technology, UK Networks + Grids  Networks connect resources  Grids enable “virtual computing”

5 EGEE tutorial 5 The Grid Metaphor

6 EGEE tutorial 6 What is Grid computing? The term “Grid” has become popular!  Sometimes in Industry : “Grids” = clusters Motivations: better use of resources; scope for commercial services  Also used to refer to the harvesting of donated, unused compute cycles (SETI@home, Climateprediction.net)  These are e-Infrastructure but are not “grids” from the e-Research viewpoint!

7 EGEE tutorial 7 Typical grid Grid middleware runs on each shared resource to provide  Data services  Computation services  Single sign-on Virtual Organisation: People in different organisations seeking to cooperate and share resources across their organisational boundaries Virtual organisations negotiate with sites to agree access to resources INTERNET

8 EGEE tutorial 8 From a single PC to a Grid Farm of PCs Example: Novartis Examples: Seti@home Africa@home Example: EGEE Enterprise grid: Mutualization of resources in a company Volunteer computing: CPU cycles made available by PC owners Grid infrastructure: Internet + disk and storage resources + services for information management ( data collection, transfer and analysis)

9 EGEE tutorial 9 Outline What is a grid & e-Research The EGEE III grid Joining the grid

10 EGEE tutorial 10 EGEE is … EU-funded project that has established the largest multi-VO production grid in the world Project leader : CERN 245 sites 45 countries >60 VOs 51K CPUs ~600PB Storage Avg 30K jobs/day Data transfers >1.5 GB/s

11 EGEE tutorial 11 The Large Hadron Collider (LHC)

12 EGEE tutorial 12 The LHC Experiments

13 EGEE tutorial 13 The LHC Experiments ~6-8 PetaBytes / year ~10 8 events/year ~10 3 batch and interactive users

14 EGEE tutorial 14 CERN: Data intensive science in a large international facility The Large Hadron Collider (LHC)  The most powerful instrument ever built to investigate elementary particles physics Data Challenge:  10 Petabytes/year of data !!!  20 million CDs each year! Simulation, reconstruction, analysis:  LHC data handling requires computing power equivalent to ~100,000 of today's fastest PC processors! Downtown Geneva

15 EGEE tutorial 15 More Grid Applications Medical/Healthcare (imaging, diagnosis and treatment ) Bioinformatics (study of the human genome and proteome to understand genetic diseases) Nanotechnology (design of new materials from the molecular scale) Engineering (design optimization, simulation, failure analysis and remote Instrument access and control) Natural Resources and the Environment (weather forecasting, earth observation, modeling and prediction of complex systems)

16 EGEE tutorial 16 Main components Access service Access serviceHow users logon to a Grid Computing Element (CE) Computing Element (CE): A batch queue on a site’s computers where the user’s job is executed Storage Element (SE) Storage Element (SE): provides (large-scale) storage for files Resource Broker (RB) Resource Broker (RB): Service that matches the user’s requirements with the available resources on a Grid Information System Information System: Characteristics and status of resources

17 EGEE tutorial 17 Outline What is a grid & e-Research The EGEE III grid Joining the grid  Certificates  Virtual Organizations

18 EGEE tutorial 18 Basic security concepts Authentication  Verify the identity of the peer Authorization  Map an entity to some set of privileges Confidentiality  Encrypt the message so that only the recipient can understand it Integrity  Ensure that the message has not be altered in the transmission Non-repudiation  Impossibility of denying the authenticity of a digital signature Accounting  What did you do, when did you do it and where did you do it from?

19 EGEE tutorial 19 Public Key Infrastructure Provides authentication, integrity, confidentiality, non-repudiation Asymmetric encryption Digital signatures  A hash derived from the message and encrypted with the signer’s private key  Signature checked decrypting with the signer’s public key Allows key exchange in an insecure medium using a trust model  Keys trusted only if signed by a trusted third party (Certification Authority)  A CA certifies that a key belongs to a given principal Certificate  Public key + information about the principal + CA signature  X.509 format most used PKI used by SSL, PGP, GSI, WS security, S/MIME, etc. Encrypted text Private Key Public Key Clear text message

20 EGEE tutorial 20 X.509: content of the Certificate An X.509 Certificate contains:  owner’s public key;  identity of the owner;  info on the CA;  time of validity;  digital signature of the CA Public key Subject:C=CH, O=CERN, OU=GRID, CN=Name Surname 8968 Issuer: C=CH, O=CERN, OU=GRID, CN=CERN CA Expiration date: Dec 26 08:08:14 2006 GMT CA Digital signature

21 EGEE tutorial 21 User Responsibilities Keep your private key secure. Do not loan your certificate to anyone. Report to your local/regional contact if your certificate has been compromised. Do not launch a delegation service for longer than your current task needs. If your certificate or delegated service is used by someone other than you, it cannot be proven that it was not you. IT IS YOUR PASSPORT AND CREDIT CARD

22 EGEE tutorial 22 Globus Grid Security Infrastructure (GSI) de facto standard for Grid middleware Based on PKI Implements some important features  Single sign-on: no need to give one’s password every time  Delegation: a service can act on behalf of a person  Mutual authentication: both sides must authenticate to the other Introduces proxy certificates  Short-lived certificates including their private key and signed with the user’s certificate

23 EGEE tutorial 23 Virtual Organizations and authorization Users MUST belong to a Virtual Organization  Sets of users belonging to a collaboration  Each VO user has the same access privileges to Grid resources  List of supported VOs: https://lcg-registrar.cern.ch/virtual_organization.html VOs maintain a list of their members  Sites decide which VOs to accept  A list of supported VOs can be found here: https://lcg-registrar.cern.ch/virtual_organization.html

24 EGEE tutorial 24 Request a certificate and join a VO Instructions - http://iag.iucc.ac.il/workshop/JoinGrid.htm

25 EGEE tutorial 25 Summary EGEE hold the largest production grid in the world to-date. Academic users can join a VO without cost. In order to use the grid a user must have  A valid certificate, given by the CA  Join a VO.  Have access to a grid user interface machine Each action on the grid requires a valid Proxy, generated from your certificate.

Download ppt "EGEE is a project funded by the European Union under contract IST-2003-508833 Grid computing Assaf Gottlieb Tel-Aviv University assafgot tau.ac.il www.eu-egee.org."

Similar presentations

Introduction of Grid Security

Introduction of Grid Security
1 ABCs of PKI TAG Presentation 18 th May 2004 Paul Butler.

1 ABCs of PKI TAG Presentation 18 th May 2004 Paul Butler.
Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
Www.euchinagrid.org Liang ZHAO, PKU EUChinaGrid 3 rd Tutorial Nov.25, 2006 Authentication and Authorization in gLite Liang ZHAO Peking University.

Liang ZHAO, PKU EUChinaGrid 3 rd Tutorial Nov.25, 2006 Authentication and Authorization in gLite Liang ZHAO Peking University.
High Performance Computing Course Notes 2007-2008 Grid Computing.

High Performance Computing Course Notes Grid Computing.
Grid Security Infrastructure Tutorial Von Welch Distributed Systems Laboratory U. Of Chicago and Argonne National Laboratory.

Grid Security Infrastructure Tutorial Von Welch Distributed Systems Laboratory U. Of Chicago and Argonne National Laboratory.
Lecture 23 Internet Authentication Applications

Lecture 23 Internet Authentication Applications
1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:

1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:
Grid Security. Typical Grid Scenario Users Resources.

Grid Security. Typical Grid Scenario Users Resources.
Www.eu-eela.eu E-science grid facility for Europe and Latin America A Data Access Policy based on VOMS attributes in the Secure Storage Service Diego Scardaci.

E-science grid facility for Europe and Latin America A Data Access Policy based on VOMS attributes in the Secure Storage Service Diego Scardaci.
DESIGNING A PUBLIC KEY INFRASTRUCTURE

DESIGNING A PUBLIC KEY INFRASTRUCTURE
An Authorization System for Grid Applications Thesis Presentation 5 th Dec 2006 Author: Wang Xiao Supervisor: Professor Heikki Hämmäinen Instructor: MSc.

An Authorization System for Grid Applications Thesis Presentation 5 th Dec 2006 Author: Wang Xiao Supervisor: Professor Heikki Hämmäinen Instructor: MSc.
16.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.

16.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.

Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
INFSO-RI-508833 Enabling Grids for E-sciencE www.eu-egee.org Security, Authorisation and Authentication Mike Mineter Training, Outreach and Education National.

INFSO-RI Enabling Grids for E-sciencE Security, Authorisation and Authentication Mike Mineter Training, Outreach and Education National.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.
Lecture III : Communication Security, Services & Mechanisms Internet Security: Principles & Practices John K. Zao, PhD SMIEEE National Chiao-Tung University.

Lecture III : Communication Security, Services & Mechanisms Internet Security: Principles & Practices John K. Zao, PhD SMIEEE National Chiao-Tung University.
Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.

Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.
Www.uni-c.dk1 WWW.UNI-C.DK Computational Steering on the GRID Using a 3D model to Interact with a Large Scale Distributed Simulation in Real-Time Michael.

Computational Steering on the GRID Using a 3D model to Interact with a Large Scale Distributed Simulation in Real-Time Michael.
\ 2008-11-13Grid Security and Authentication1. David Groep Physics Data Processing group Nikhef.

\ Grid Security and Authentication1. David Groep Physics Data Processing group Nikhef.

Similar presentations

Ads by Google