Abstract
The security of the Polish Domain-Specific Grid Infrastructure relies on applying appropriate security standards and practices by five Polish HPC centres participating in the PLGrid Plus project. We review both aspects of assuring in-depth security in the Polish Domain-Specific Grid Infrastructure: the conceptually lower level of underlying HPC centres and the topmost level of the project, comprising services and applications. We describe the security model in the PLGrid Plus project as a case-study in order to provide a best-practices example to be further developed, extended or adjusted in other Research and Development (R&D) projects, where resources available for ensuring security are visibly limited. We compare the available security measures and practices with those applied in other experienced grid and networking projects, both national (e.g. PL-Grid or National Data Storage 2) and European (e.g. EGI).
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
2013 TrustWave Global Security Report, http://www2.trustwave.com/rs/trustwave/images/2013-Global-Security-Report.pdf
EGI Computer Security Incident Response Team, https://wiki.egi.eu/wiki/EGI_CSIRT:Main_Page
European Grid Infrastructure, http://www.egi.eu
National Data Storage Project, http://nds.psnc.pl
Pakiti: A Patching Status Monitoring Tool, http://pakiti.sourceforge.net/
Partnership for Advanced Computing in Europe, http://www.prace-ri.eu
Balcerek, B., Frankowski, G., Kwiecień, A., Smutnicki, A., Teodorczyk, M.: Security Best Practices: Applying Defense-in-Depth Strategy to Protect the NGI_PL. In: Bubak, M., Szepieniec, T., Wiatr, K. (eds.) PL-Grid 2011. LNCS, vol. 7136, pp. 128–141. Springer, Heidelberg (2012), http://dx.doi.org/10.1007/978-3-642-28267-6_10
Balcerek, B., Kosicki, G., Smutnicki, A., Teodorczyk, M.: Zalecenia bezpieczeństwa dotyczące instalacji klastrów lokalnych v0.95 (2010) (in Polish)
Balcerek, B., Smutnicki, A., Frankowski, G., Czarniecki, L.: Zalecenia bezpiecznej instalacji i użytkowania infrastruktury cloud (2013) (in Polish)
Balcerek, B., Smutnicki, A., Teodorczyk, M.: Testy penetracyjne infrastruktury PL-Grid (2011) (in Polish)
Balcerek, B., Szurgot, B., Uchroński, M., Waga, W.: ACARM-ng: Next Generation Correlation Framework. In: Bubak, M., Szepieniec, T., Wiatr, K. (eds.) PL-Grid 2011. LNCS, vol. 7136, pp. 114–127. Springer, Heidelberg (2012)
Baliś, B., Harężlak, D., Radecki, M.: Procedury wdrażania oprogramowania w infrastrukturze PL-Grid v1.2 (2010) (in Polish)
Brzeźniak, M., Jankowski, G., Meyer, N.: National Data Storage 2 – Secure sparing, publishing and exchanging data (2011), http://www.terena.org/activities/tf-storage/ws10/slides/20110204-nds2.pdf
Erdogan, O., Frankowski, G., Nowak, M., Meyer, N., Yilmaz, E.: Security in HPC Centres (2012), http://www.prace-ri.eu/IMG/pdf/wp79.pdf
Frankowski, G., Rzepka, M.: SARA – System for Inventory and Static Security Control in a Grid Infrastructure. In: Bubak, M., Szepieniec, T., Wiatr, K. (eds.) PL-Grid 2011. LNCS, vol. 7136, pp. 102–113. Springer, Heidelberg (2012)
Kitowski, J., et al.: Polish computational research space for international scientific collaborations. In: Wyrzykowski, R., Dongarra, J., Karczewski, K., Waśniewski, J. (eds.) PPAM 2011, Part I. LNCS, vol. 7203, pp. 317–326. Springer, Heidelberg (2012)
Krakowian, M.: Procedura rejestracji użytkowników v1.0.1 (2010) (in Polish)
Litton, J.: Why Linux Will Never Suffer From Viruses Like Windows (2012), http://hothardware.com/Reviews/Why-Linux-Will-Never-Suffer-From-Viruses-Like-Windows
Meizner, J., Radecki, M., Pawlik, M., Szepieniec, T.: Cloud services in PL-Grid and EGI infrastructures. In: Bubak, M., Turała, M., Wiatr, K. (eds.) CGW 2012 Proceedings, pp. 71–72. ACK CYFRONET AGH, Kraków (2012), http://dice.cyfronet.pl/publications/source/papers/023-B5-mp-c44-Szepieniec.pdf
Microsoft: 10 Immutable Laws of Security, http://technet.microsoft.com/library/cc722487.aspx#EIAA
OWASP: Defense in depth, https://www.owasp.org/index.php/Defense_in_depth
Patriot Technologies, Inc.: How to successfully secure a HPC system (2011), http://blog.patriot-tech.com/blog/bid/49004/How-to-successfully-secure-a-HPC-system
PL-Grid project web site, http://projekt.plgrid.pl/en
Schneier, B.: Crypto-Gram Newsletter (2000), https://www.schneier.com/crypto-gram-0005.html
Symantec: Internet Security Threat Report 2013 (2013), http://www.symantec.com/content/en/us/enterprise/other_resources/b-istr_main_report_v18_2012_21291018.en-us.pdf
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer International Publishing Switzerland
About this chapter
Cite this chapter
Balcerek, B., Frankowski, G., Kwiecień, A., Meyer, N., Nowak, M., Smutnicki, A. (2014). Multilayered IT Security Requirements and Measures for the Complex Protection of Polish Domain-Specific Grid Infrastructure. In: Bubak, M., Kitowski, J., Wiatr, K. (eds) eScience on Distributed Computing Infrastructure. Lecture Notes in Computer Science, vol 8500. Springer, Cham. https://doi.org/10.1007/978-3-319-10894-0_5
Download citation
DOI: https://doi.org/10.1007/978-3-319-10894-0_5
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-10893-3
Online ISBN: 978-3-319-10894-0
eBook Packages: Computer ScienceComputer Science (R0)