2
play

2 This work is funded under National Data Storage 2 project - PowerPoint PPT Presentation

Mar 01, 2024 •159 likes •477 views

2 National Data Storage 2 Secure sharing, publishing and exchanging data Maciej Brze niak, Norbert Meyer, Micha Jankowski, Gracjan Jankowski Supercomputing Department, PSNC 2 This work is funded under National Data Storage 2 project

  1. 2 National Data Storage 2 Secure sharing, publishing and exchanging data Maciej Brze ź niak, Norbert Meyer, Michał Jankowski, Gracjan Jankowski Supercomputing Department, PSNC 2 This work is funded under National Data Storage 2 project (2011-2013), Project number NR02-0025-10/2011. http://nds.psnc.pl Full Polish name of the project: System bezpiecznego przechowywania i współdzielenia danych oraz składowania kopii zapasowych i archiwalnych w Krajowym Magazynie Danych

  2. 2 2 Agenda • Context: NDS1 & PLATON Popular Archive Service • Why version 2 of NDS needed? • NDS2: – New functionality: • secure sharing, publishing and exchanging files • versioning, point in time recovery – New features: • enhanced security, • performance scalability, • multi-user readiness • Some observations / open issues

  3. 2 2 Projects – where we are? 2007 2008 2009 2010 2011 2012 2013 R&D: NDS Design & implementation Deployment of NDS in the infrastructure & the service operation POPULAR ARCHIVE SERVICE Tenders... Internal tests of NDS system Tests with users Production R&D: NDS2 Design & implementation

  4. 2 NDS1 – aims and focus High-level aim: To support scientific and academic community in protecting and archiving the data Detailed aims: – Adressing secondary storage applications: • Long-term data archival • Short-term backup – Assumptions: • people do have their own primary storage User Local storage Network NDS system • people use another tools CMS black box for data exchange and CM Data exchange tools

  5. 2 NDS1 Design assumptions • Focus on specific system features and functionality: – Long-term data durability and consistency : • Physical protection of the data • Replication + safe storage • Keeping consistency of the data – Confidentiality and safety of the data • To be supported (not able to solve all issues) – Easy usage : • standard access methods • possible integration with existing tools • Transparent data replication – Stable & reliable product and service! • HA, Trust....

  6. 2 NDS1 – Features & challenges • HA : – Geographically distributed system – Synchronous and asynchronous replication ( reliability vs performance) • Scalability : – performance, – storage capacity, – number of users • Challenges : =? – fault tolerance – Consistency vs high performance

  7. 2 NDS1 - Architecture NDS1 user application Access Methods Servers (SSH, HTTPs, WebDAV...) Database Node Virtual filesystem for data and meta-data (FUSE) Meta- Access data DB Node NDS system logic Replication Users Accounting DB & limits DB Replica access methods servers Storage Storage Node Node Storage Node file system HSM System HSM System Slave Meta- data DB

  8. 2 NDS system – Architecture comments • Data durability and service availability – Sync & async replication Storage Node – Multiple data access & storage sites Access – Monitoring & faults detection Node – Limits: no data consistency checking inside the system at the moment User • Meta-data durability and consistency: Synchronous operation – Multiple meta-data databases instances logs replication – Semi-synchronous replication of meta-data NDS mechanisms Master Slave Meta- Asynchronous Meta- data DB data DB transaction replication

  9. 2 NDS– Architecture comments/limits • Data confidentiality – Dedicated name spaces Meta- User1 data DB1 – Data sharing possible among designated users, Logical or physical separation limited to a given institution/profile – Limit: Meta- • No support for sercure data sharing User2 data DB2 among institutions – NDS1 uses encryption where possible; means: not everywhere! • Data access: – Scp/Sftp, httpS, WebDAV over httpS • Storage: – Encryption-enabled tapes (in fact external to system) – Encryption outside the system: • supported by client application (details later) – System-side encryption & data consistency checks to be considered to increase the security of data not encrypted by user

  10. 2 NDS– Architecture comments/limits • Client side encryption & automation – User side B/A application that supports security and automation User data NDS B/A application User’s (on-the-fly encryption NDS/PLATON-U4 data copy service and checksums) – Limits: user side encryption is CPU intensive – Some hardware-aid solutions might be necessary for users having a lot of data – Additional tools needed: – Management features for keys – Automation of security-related features

  11. 2 NDS – Architecture comments/limits (3) • Scalability: Storage – performance : Node • Many ANs, SNs Access • Many storage devices Node • Data access optimisation: – Load balancing – Monitoring User – Limits: • Metadata handling is... centralised for a given logical name space! • Consistency vs performance... HSM System – Storage capacity : • Many SNs • Many storage devices • Cost-effective approach: HSM as the storage backend

  12. 2 NDS – Architecture comments/limits (4) • Scalability: – Number of users • We can configure multiple system instances when the single system limit is reached • Architecture is virtualization-ready – Limits: • The more users, the more metadata and more complicated user management • No real experince from the production system yet • Some level of the user management de-centralisation is needed

  13. 2 NDS – Architecture comments/limits (5) • Ease of integration / usage: User User data – Standard user interfaces: • We support: SCP, HTTP/WebDAV, GridFTP User backup/archive software • Integration with existing tools easy • NDS logic details hidden from the user Access Methods Servers (SSH, HTTPs, WebDAV...) Access – Limitations: Node Virtual filesystem for data and meta-data (FUSE) • No ‘special features’ for users through standard NDS system logic interfaces (except meta-data fs) • Extra features are to be provided by additional tool / interface: • Client backup/archive applicaiton • Web/GUI Interface • E.g. No advanced tools to manage ACLs and sharing X.509 – Single sign-on: • Based on X.509 certificates stored in LDAP KeyFS • Keys and certificates distributed automatically to access methods servers (sshd, apache, gridftp) Access and converted to appropriate format on-the-fly Node by KeyFS solution

  14. 2 NDS2 - summary of issues to address • In NDS2 we need to address (functionalities): • Advanced features for long-term B/A: • Versioning – point in time recovery • Security and data safety related: • Data consistency checks • Strong and efficient encryption: • on the client side (hardware aid, automated + tools) • Sharing: • Inside NDS (some trust to users assumed) • NDS <-> external world (one side of sharing not trusted) • Publishing data using our infrastructure: • e.g. for Digital Libraries • they store archives in the in NDS already • Extra functionalities to be offered by extended (non-standard) interface • e.g. versions management • We still keep standard interfaces working

  15. 2 NDS2 - summary of issues to address • We need to address (features): • Scalability: • Deal with metadata handling scalability • but keep consistency untouched! • common logical view is needed for all users going to share data • => De-centralise logical name space management: • De-centralise users management: • hierarchical management (not covered in this presentation)

  16. 2 NDS1 – Scalability improvements • De-centralised logical name space management: • Step 1: divide the namespace into parts distributed across multiple metadata DBs (dCache-like approach?) Database Node Meta- Meta- Meta- Meta- data DB / data DB A data DB B data DB C Users Accounting DB & limits DB ++ load distribution ++ consistency -- single point of failure

  17. 2 NDS1 – Scalability improvements • De-centralised logical name space management: • Step 2: combine distribution with replication Database Node Meta- Meta- Meta- Meta- data DB A data DB B data DB C / data DB instance 1 instance 1 instance 1 Users Accounting DB & limits DB ++ load distribution SSR SSR ++ consistency ++ no single point of failure SSR – Semi Synchronous Meta- Meta- Replication of meta-data data DB B data DB instance 2 instance 2

  18. 2 NDS1 – Scalability improvements • De-centralised logical name space management: • Step 3: combine distribution with replication + provide automated failover Database Node Meta- Meta- Meta- Meta- data DB A data DB B data DB C / data DB instance 1 instance 1 instance 1 Users Accounting DB & limits DB ++ load distribution SSR SSR ++ consistency ++ no single point of failure ++ automated failover Meta- Meta- SSR – Semi Synchronous data DB B data DB instance 2 instance 2 Replication of meta-data

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

CS 449: Human-Computer Interaction Spring 2013 Edward Lank MC 4063 Take Aways Quick

CS 449: Human-Computer Interaction Spring 2013 Edward Lank MC 4063 Take Aways Quick

CS 449: Human-Computer Interaction Spring 2013 Edward Lank MC 4063 Take Aways Quick course overview What is HCI? Why study it? Understanding the course. Overview of Course Syllabus Posted on-line (under development)

632 views • 32 slides
Injury, Psychiatric Illness and the Developing Brain: AT THE INTERSECTION OF JUVENILE JUSTICE

Injury, Psychiatric Illness and the Developing Brain: AT THE INTERSECTION OF JUVENILE JUSTICE

Injury, Psychiatric Illness and the Developing Brain: AT THE INTERSECTION OF JUVENILE JUSTICE AND HUMAN PHYSIOLOGY MATTHEW GARLINGHOUSE, PHD Objectives Participants will be able to appreciate the maturational changes in the human brain

631 views • 51 slides
Challenges for Data Driven Systems Eiko Yoneki University of Cambridge Computer Laboratory Quick

Challenges for Data Driven Systems Eiko Yoneki University of Cambridge Computer Laboratory Quick

Challenges for Data Driven Systems Eiko Yoneki University of Cambridge Computer Laboratory Quick History of Data Management 4000 B C Manual recording From tablets to papyrus to paper A. Payberah2014 2 1800's - 1940's Punched

342 views • 18 slides
The ABCs of ACOs for MCH May 30, 2013 For assistance: Please contact cmccoy@amchp.org or for web

The ABCs of ACOs for MCH May 30, 2013 For assistance: Please contact cmccoy@amchp.org or for web

The ABCs of ACOs for MCH May 30, 2013 For assistance: Please contact cmccoy@amchp.org or for web support 888-447-1119 option 2 Brief Notes about Technology Audio Audio is available through your computer speakers or earphones. For

848 views • 81 slides
? H?N? H2N2 H1N1 H1N1 1889 1918 1957 1977 2009 1968 Jeffery K. Taubenberger, M.D., Ph.D.

? H?N? H2N2 H1N1 H1N1 1889 1918 1957 1977 2009 1968 Jeffery K. Taubenberger, M.D., Ph.D.

The Next Influenza Pandemic: Remembering the Past &amp; Planning for the Future H1N1 H3N2 ? H?N? H2N2 H1N1 H1N1 1889 1918 1957 1977 2009 1968 Jeffery K. Taubenberger, M.D., Ph.D. May 9, 2007. 297 (18):2025-2027 May 9, 2007. 297

1.11k views • 75 slides
Modelling viral RNA with SAXS Grzegorz Chojnowski EMBL Hamburg Solution Scattering from

Modelling viral RNA with SAXS Grzegorz Chojnowski EMBL Hamburg Solution Scattering from

Modelling viral RNA with SAXS Grzegorz Chojnowski EMBL Hamburg Solution Scattering from Biological Macromolecules May 5 June 2, 2020 The central dogma of molecular biology ? DNA RNA PROTEIN In eukaryotes only a fraction of RNA is

784 views • 31 slides
K-Anonymity &amp; Algorithms CompSci 590.03 Instructor: Ashwin Machanavajjhala Lecture 3 :

K-Anonymity &amp; Algorithms CompSci 590.03 Instructor: Ashwin Machanavajjhala Lecture 3 :

K-Anonymity &amp; Algorithms CompSci 590.03 Instructor: Ashwin Machanavajjhala Lecture 3 : 590.03 Fall 12 1 Announcements Project ideas are posted on the site. You are welcome to send me (or talk to me about) your own ideas. Lecture 3

1.05k views • 48 slides
Mathematical Virology Viruses under the mathematical microscope: An opportunity to demonstrate the

Mathematical Virology Viruses under the mathematical microscope: An opportunity to demonstrate the

Mathematical Virology Viruses under the mathematical microscope: An opportunity to demonstrate the impact of in the classroom mathematics in biology in the classroom environment Reidun Twarock Departments of Mathematics and Biology York

533 views • 40 slides
RNA Secondary RNA Secondary Structures: Structures: A Case Study on A Case Study on Viruses

RNA Secondary RNA Secondary Structures: Structures: A Case Study on A Case Study on Viruses

RNA Secondary RNA Secondary Structures: Structures: A Case Study on A Case Study on Viruses Viruses Bioinformatics Senior Project Bioinformatics Senior Project John Acampado John Acampado Under the guidance of Dr. Jason Wang Under the

655 views • 51 slides
Centers for Disease Control and Preven1on Na1onal Center

Centers for Disease Control and Preven1on Na1onal Center

Centers for Disease Control and Preven1on Na1onal Center for HIV/AIDS, Viral Hepa11s, STD and TB Preven1on Division of HIV/AIDS Preven1on

780 views • 35 slides
Immunity to Viruses Patricia Fitzgerald-Bocarsly September 25, 2008 The Immune System Deals with

Immunity to Viruses Patricia Fitzgerald-Bocarsly September 25, 2008 The Immune System Deals with

Immunity to Viruses Patricia Fitzgerald-Bocarsly September 25, 2008 The Immune System Deals with a Huge Range of Pathogens Roitt, 2003 Immune Responses to Viruses Viruses are dependent on the host cell genetic material to replicate

598 views • 31 slides
HIDDEN SYMMETRY AND PRINCIPLES OF STRUCTURAL ORGANIZATION IN SMALL ICOSAHEDRAL ANOMALOUS AND

HIDDEN SYMMETRY AND PRINCIPLES OF STRUCTURAL ORGANIZATION IN SMALL ICOSAHEDRAL ANOMALOUS AND

HIDDEN SYMMETRY AND PRINCIPLES OF STRUCTURAL ORGANIZATION IN SMALL ICOSAHEDRAL ANOMALOUS AND DOUBLE-SHELLED CAPSIDS S. B. Rochal 1 , A.E. Myasnikova 1 , O.V. Konevtsova 1 and V.L. Lorman 2 1 Physics Faculty, Southern Federal University,

393 views • 23 slides
Members Webinar WELCOME AND INTRODUCTIONS Raquel Peck @RaqPeck CEO, World Hepatitis

Members Webinar WELCOME AND INTRODUCTIONS Raquel Peck @RaqPeck CEO, World Hepatitis

World Hepatitis Alliance Members Webinar WELCOME AND INTRODUCTIONS Raquel Peck @RaqPeck CEO, World Hepatitis Alliance Tara Farrell Karine Belondrade Communications Manager, COO, World Hepatitis Alliance World Hepatitis Alliance

509 views • 26 slides
DC English IV World/British Literature Teacher: Mr. Smith, room 1217 contact information e:

DC English IV World/British Literature Teacher: Mr. Smith, room 1217 contact information e:

DC English IV World/British Literature Teacher: Mr. Smith, room 1217 contact information e: davidsmith@tomballisd.net w: davidglensmith.com/Tomball t: @prufrocksblues i: mr_smith_eng2332 Aristotle (c. 384-322 BCE) Aristotle was born with

234 views • 9 slides
Socrates, Meno, and Definitions David Pattillo University of Notre Dame Fall, 2015 Platontic

Socrates, Meno, and Definitions David Pattillo University of Notre Dame Fall, 2015 Platontic

Socrates, Meno, and Definitions David Pattillo University of Notre Dame Fall, 2015 Platontic Dialogues Meno is a dialogue written by Plato (429-347 B.C) Youll notice that the dialogue is between Socrates (470-399 B.C), Platos

262 views • 9 slides
THE VIRTUES OF LOVE (3) Heat makes all things expand. And the warmth of love will

THE VIRTUES OF LOVE (3) Heat makes all things expand. And the warmth of love will

THE VIRTUES OF LOVE (3) Heat makes all things expand. And the warmth of love will always expand a persons heart. I CORINTHIANS 13 LOVE IS A MANY SPLENDORED THING! 1. Patient Long T empered 2. Kind Benevolent 3. Not

205 views • 18 slides
Statistical WI (and more) in Two-Messages Yael Tauman Kalai Joint work with: Dakshita Khurana

Statistical WI (and more) in Two-Messages Yael Tauman Kalai Joint work with: Dakshita Khurana

Statistical WI (and more) in Two-Messages Yael Tauman Kalai Joint work with: Dakshita Khurana and Amit Sahai Interactive Proofs [Goldwasser-Micali-Rackoff85, Babai85] Zero-knowledge proofs for all ! [Goldreich-Micali-Wigderson87 ]

403 views • 17 slides
Virtue ethics January 30 th , 2018 Group Activity: Heinzs dilemma A woman was on her deathbed.

Virtue ethics January 30 th , 2018 Group Activity: Heinzs dilemma A woman was on her deathbed.

CS4001: Computing, Society and Professionalism Sauvik Das | Assistant Professor Virtue ethics January 30 th , 2018 Group Activity: Heinzs dilemma A woman was on her deathbed. There was one drug that the doctors thought might save her. It was

413 views • 28 slides
ETHICS AND WORLD VIEWS IN RELATION TO BIOTECHNOLOGY Prof. . Jerry ry O. Ugwu wuanyi anyi / D

ETHICS AND WORLD VIEWS IN RELATION TO BIOTECHNOLOGY Prof. . Jerry ry O. Ugwu wuanyi anyi / D

MO MODU DULE LE 5 ETHICS AND WORLD VIEWS IN RELATION TO BIOTECHNOLOGY Prof. . Jerry ry O. Ugwu wuanyi anyi / D Dr. . F. I. Akane aneme me University of Nigeria, Nsukka Course Structure/ Module Content Unit 1; Overview of the

785 views • 52 slides
Public Vices and Private Virtues of Future High Precision Physics Giampiero PASSARINO

Public Vices and Private Virtues of Future High Precision Physics Giampiero PASSARINO

Outlines Public Vices and Private Virtues of Future High Precision Physics Giampiero PASSARINO Dipartimento di Fisica Teorica, Universit` a di Torino, Italy INFN, Sezione di Torino, Italy Outlines A personal (and technical)

756 views • 63 slides
Ethics Roundtable for Legislative Staff Peggy Kerns, NCSL Ethics Center, August 2014 Legislative

Ethics Roundtable for Legislative Staff Peggy Kerns, NCSL Ethics Center, August 2014 Legislative

Ethics Roundtable for Legislative Staff Peggy Kerns, NCSL Ethics Center, August 2014 Legislative Values Which Way to Go? Ethics Principles: integrity, trust &amp; honesty; doing the right thing Professional and personal standards of

116 views • 11 slides
BUSINESS ETHICS 2014-2015 Fourth and fifth lessons Gianfranco Rusconi ABOUT PAPER OF DONALDSON

BUSINESS ETHICS 2014-2015 Fourth and fifth lessons Gianfranco Rusconi ABOUT PAPER OF DONALDSON

10/20/2014 BUSINESS ETHICS 2014-2015 Fourth and fifth lessons Gianfranco Rusconi ABOUT PAPER OF DONALDSON AND WEHRANE* WHAT ABOUT IDEAS AND LIMITS OF: CONSEQUENTIALISM/UTILITARIANISM, DEONTOLOGY AND VIRTUE ETHICS? BASF CASE :

406 views • 8 slides
The Transaction Concept: Virtues and Limitations Jim Gray, June 1981 Presented by Zhiyi Xu ECS

The Transaction Concept: Virtues and Limitations Jim Gray, June 1981 Presented by Zhiyi Xu ECS

The Transaction Concept: Virtues and Limitations Jim Gray, June 1981 Presented by Zhiyi Xu ECS 265, UC Davis 1 of 12 Overview Part 1: What is Transaction? A General Model Part 2: NonStop Time-Domain Addressing

561 views • 12 slides
The Challenges of Capitalism for the Common Good Insert footer on Slide Master Tuesday 17 June

The Challenges of Capitalism for the Common Good Insert footer on Slide Master Tuesday 17 June

The Challenges of Capitalism for the Common Good Insert footer on Slide Master Tuesday 17 June 2014 www.henley.ac.uk The merchant and the common good in history Professor Agustn Gonzlez Enciso, Department of History &amp; Institute of

1.01k views • 97 slides

More recommend