1 / 29

Thailand National Grid Project

Thailand National Grid Project. Putchong Uthayopas 1 and Vara Varavithya 2 1 Director High Performance Computing and Networking Center Kasetsart University, Bangkok, Thailand pu@ku.ac.th 2 Department of Electrical Engineering Faculty of Engineering

ruthewilson
Download Presentation

Thailand National Grid Project

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Thailand National Grid Project Putchong Uthayopas1 and Vara Varavithya2 1 DirectorHigh Performance Computing and Networking CenterKasetsart University, Bangkok, Thailandpu@ku.ac.th 2 Department of Electrical Engineering Faculty of Engineering King Mongkut’s Institute of Technology North Bangkok vara@kmitnb.ac.th

  2. Thai Grid Current Status • Currently in Operation • Delivered Grid Monitoring and Management Tools to Communities • Government Approve approx. 6M US$ funding the project for 3 years • Supports • Certification • Technical • Grid Technology Promotions TNGP, APAN2005@BKK

  3. Agenda • Thailand National Grid Project • ThaiGrid Status Update • Current Development in ThaiGrid TNGP, APAN2005@BKK

  4. TNGP Objectives • Promote the use of Grid Technologies • Excellence in Grid Technology • Human Resource Development • Provide Grid Infrastructure • Computing Infrastructure • Communication Structure • Help Establishing Standard and Practices • House the ThaiGrid Office TNGP, APAN2005@BKK

  5. Ministry of ICT National Grid Committee Grid Technology Excellence Center Gov. Agencies Business Research Institutions Academic Institutions Structure SIPA TNGP, APAN2005@BKK Researchers Com Sci. Eng. People Grid Users

  6. Satellite Clusters Satellite Clusters Satellite Clusters Satellite Clusters 32-proc. Machine 32-proc. Machine 32-proc. Machine 32-proc. Machine Computing Infrastructure Tera Flops Machine High Speed Network 16 Satellite Sites TNGP, APAN2005@BKK

  7. Participated Organizations • KU, CU, KMITNB, KMUTT, KMITL, Mahidol, KKU, SUT, WU, AIT • Weather Forecast Services • NECTEC TNGP, APAN2005@BKK

  8. Human Resource • Housing Dozen of Grid Engineers and Scientists at the excellence center • Systematically trains Grid Admins • via series of tutorials and workshops • Target 2,000 in three years TNGP, APAN2005@BKK

  9. Applications • Health Care Data Grid • High Performance Computing Applications • Drug Design • CFD • FEM • Evolutionary Computing • Financial Application Based on Participated Inst. Expertise TNGP, APAN2005@BKK

  10. Targeted Outcomes • Robust Grid Enable High Performance Computing Infrastructure • A set, 3-4, of Grid Applications Show Cases • Social impact to Thai’s well being • Supports sciences and technology • 2,000 HR Development • Grid Technology Promotion TNGP, APAN2005@BKK

  11. ThaiGrid Project • Found Jan 2002 • Build up a long term research partnership to explore • The construction of Grid testbed and production environment • The building of Grid tools and middleware. • The deployment of grid technology to support the mission of scientific discovery • The development of Grid application TNGP, APAN2005@BKK

  12. 10 Clusters total AMATA – KU GASS – KU MAEKA – KU WARINE – KU CAMETA – SUT OPTIMA - AIT ENQUEUE – KMITNB PALM – KMITNB SPIRIT – CU INCA - KMUTT 110 Hosts (From SCMS) 158 CPUs (From SCMS) ThaiGrid Overall Status TNGP, APAN2005@BKK

  13. ThaiGrid Status Map TNGP, APAN2005@BKK

  14. Software • ROCKS-3.2.0 (Shasta) with • HPC Roll • Grid Roll • SCE Roll • Scheduler Roll • Globus Toolkits 2.4 • SCMSWeb Monitoring Tool • Shared Certificate Authority TNGP, APAN2005@BKK

  15. ThaiGrid Tools • TGCheckPort – Checking the firewall between sites • TGregister – Grid user management and automatically updated grid-mapfile system TNGP, APAN2005@BKK

  16. TGregister TNGP, APAN2005@BKK

  17. Application • Drug Design • ThaiGrid Drug Design Portal • HIV Drug Design • Avian Flu Drug Design TNGP, APAN2005@BKK

  18. Drug Design TNGP, APAN2005@BKK

  19. TNGP, APAN2005@BKK

  20. Proxy Certificate X.509SSL Delegation ThaiGrid User Services Multi-Level User Implementation on X.509 Two core concepts: • X.509 digital certificates used as identity credentials • Proxy Certificate used to delegate identity temporarily to other credentials

  21. Grid Security : Security VO manage • Management of VO - Discover VO by Grid participants - Authentication and authorization of participants to join VO - Access control: Participants access shared resources in VO • The problem of VO security - Large number of distributed resources - Dynamic and complex relationships among organizations across trust domains - Resource utilization scenarios are complex and changing dynamically

  22. Grid Security: VO’s Role Groups Users • Large and dynamic population • Different accounts at different sites • Personal and confidential data • Heterogeneous privileges (roles) • Desire Single Sign-On • Group data • Access Patterns • Membership • Heterogeneous Resources • Access Patterns • Local policies • Membership Sites Grid

  23. CA user Grid Security : Authorization management • Community Authorization Service CAS Server CAS concept: Request proxyto CAS server • Reduce trust relationship by- Group user to community - Resourceauthorized community - Community authorized user- Constrain in proxy certificate Reply restriced proxy to user • But CAS cannot support authorization in small communities in VO and support only GridFTP Mutual authentication and access resource Delegation restriced proxy from CAS

  24. Grid Security: Small Communities in VO • Component of small communities in VO • Static users for assign authoritative • Temporarily users accept authoritative from static users • Users operation same jobs in small communities in VO • Multi-level authoritative from user to user • Requirement of small communities in VO • Mechanism for direct assign authoritative multi-level user management

  25. Request proxy with privilege authoritative GRID RESOURCE Proxy generatorwith privilege authoritative Gatekeeper Low-leveluser Authentication & authorization with proxy privilege authoritative Grid mapfile Authoritative privilege generator Check permitfor authorization Generate assign authoritative allow deny High-leveluser Run jobs Cannot run jobs Authoritativecredentials Multi-Level assign authoritative architecture

  26. Multi-Level assign authoritative Concept Public Key Concept : Subject:O=Grid, O=ThaiGrid, OU=ee.kmitnb.ac.th, CN=suriyaIssuer: C=TH, O=Grid, O=ThaiGrid, CN=ThaiGrid CAExpiration date: Aug 22 08:08:14 2005 GMTSerial number: 625 (0x271) • Use Attribute Certificate concept for assign privilege authoritative • Embed Attribute Certificate into X.509 Certificate Attribute Certificate:Issuer : O=Grid, O=ThaiGrid, OU=ee.kmitnb.ac.th, CN=suriyaHolder : O=Grid, O=ThaiGrid, OU=ee.kmitnb.ac.th, CN=gridstaffValidity date : Jan 22 08:08:14 2005 GMTSerialextension : sun.ee.kmitnb.ac.th/allowIssuer Signature : MD5RSAEncryption CA Digital signature

  27. CA User A is authoritative privilege Attribute Certificate:Issuer : user AHolder : user B,C,..XPrivilege :host/allow/denyValidity : 20050128:18:45Signature: user A Proxy Certificate with ACIdentity : user BPublic Key : user BValidity : 20050128:18:45Signature: CA User A Step access same user B User B proxy-init with AC User B User X Resource Assign authoritative from user A User B can access Transfer multi-level assign authoritative Assign authoritative to user B to user X

  28. Current Development • Build tool support multi-level assign authoritative user management for small communities in VO • Modify Proxy Certificate by embedded Attribute Certificate for access rights

  29. Conclusion • The Start of Thailand National Grid Project • ThaiGrid Operation has been in operation and strong. • Several applications, middleware development • Lots more to come in human resource development to foster grid efforts TNGP, APAN2005@BKK

More Related