Session VII User Solutions

1. Session VIIUser Solutions Nancy Wilkins-Diehr Science Gateways Area Director Gateway Security Summit, January 28-30, 2008

2. Topics • Current community account request process, start to finish - current and goal • User responsibility form (revised June, 2007 to include references to community accounts) • What sort of codes can be run on TeraGrid? What types of data can be stored? Proprietary, sensitive, HIPPA, etc. • Gateway logs • Gateway check out procedure (August, 2007) • Attribute-based authentication Gateway Security Summit, January 28-30, 2008

3. Current community account process • Current community account request process, start to finish - current and goal • What happens after the form is filled out? • What actions do security-wg and account setup folks take? • What notifications do PIs receive from us? • How can gateway PIs check progress? • Recent problems • What must we change to improve the process or set PI expectations appropriately? Gateway Security Summit, January 28-30, 2008

4. PSC community account workflowMay, 2007 Gateway Security Summit, January 28-30, 2008

5. User Responsibility Form • 2003 • Single user responsibility form agreed upon by all sites • Signed by users and returned to NCSA • July, 2007 • User responsibility form modified to include • 2.2 Community Account Management • NSF centers also support community accounts, where users can login to a portal or other front-end and execute jobs via a single username on the back end. Because risks may be greater and usage patterns less certain for these types of accounts, additional information is required to help prevent security incidents. This information must be submitted before jobs can be run externally via community accounts. Additionally, TeraGrid Resource Providers may choose to impose their own limitations on community accounts through operating system tools, restricted shells or other means. • Because the gateway maintains control of these allocations, the gateway PI must ensure that NSF computational resources are used in a manner consistent with the award and that reasonable attempts have been made and tools installed to ensure appropriate usage. This includes monitoring of all gateway usage by the community. • 2.2.1 Additional required information for community accounts • IP address or DNS name of the portal machine • Logging of requester's IP address, UTC timestamp and username on the portal • Current estimated long-term disk storage requirements for the community account (this can be modified in the future to accommodate gateway growth) • Paths to directories on the RP cluster where scripts and executables can be run by an un-verified user from the portal, e.g. $HOME/bin • Optionally, for each script or executable in the named directory, provide • Estimated maximum number of processors/nodes • Estimated maximum run time • Estimated short-term storage requirements per user per job • This information must be provided with all community account requests. To request a community account, login to the https://portal.teragrid.org, then click on 'My TeraGrid' and the 'Community Account' subtab. Gateway Security Summit, January 28-30, 2008

6. Gateway Logs • September, 2007 discussion – Abe, Jim, Nancy, Diana • Accurate time stamps: making the language more specific on the community account request form • Need for checkbox to notify PIs that logs will be looked at by TG security • What compliance means—need way to monitor if logs are being sent • Secure transport: • the pros and cons of FTP vs. various flavors of syslog • need to poll SGs to see if they would use syslog • ability to distribute ready-to-use syslog package • need for real-time collection of logs • Who pays for the box? • Need to determine estimate of volume of logs over time (should be able to get from existing logs) • Retention of logs • Other possible use of logs (usage metrics?)  Will not address in this iteration • Authentication and authorization to view logs • TG shared password vs other methods Gateway Security Summit, January 28-30, 2008

7. Gateway Checkout ProcedureJuly, 2007 Nancy • What would be considered success for your gateway? Some ideas include number of publications, wide access, the number of hits, the number of data downloads, the number of simulations run, the number of classes or courses using a gateway, consumption of CPU hours, the number of new users, the number of distinct institutions accessing the gateway, advancement of state of the art capabilities for scientists or an increased number of collaborations. • Do you have a user registration mechanism in place? • Are you tracking usage and attributing it to individual users? • Do you have a mechanism to count users? Types of users? • Do you have a mechanism for users to cite usage of the gateway? • Do you have a mechanism to collect successes? • Has a security team reviewed your web server implementation? [perhaps we refer to best practices documentation] • Is it easy for a scientist to figure out how to use your gateway? • Is it easy for a scientist to understand what they could accomplish by using your gateway? • Do you have a clearly advertised mechanism to obtain help? • Do you offer training on your gateway? Gateway Security Summit, January 28-30, 2008

8. Attribute-based Authentication Gateway Security Summit, January 28-30, 2008