Foundations for the DoD Centralized Super Computing Facility.
Part of the “Architecting, Implementing, and Supporting Multi-Level Security Eco-System in HPC, ISR, Big Data Analysis and Other Environments” workshop at SuperComputing 2015.
Historically cyber security in HPC has been limited to detecting intrusions rather than designing security from the beginning in a holistic, layered approach to protect the system. SELinux has provided the needed framework to address cyber security issues for a decade, but the lack of an HPC and data analysis eco-system based on SELinux and the perception that the resulting configuration is “hard” to use has prevented SELinux configurations from being widely accepted. This tutorial will discuss the eco-system that has been developed and certified, debunk the “hard” perception, and illustrate approaches for both government and commercial applications. The tutorial includes discussions on:
The tutorial is based on currently existing, certified and operational SELinux HPC eco-systems and the Department of Energy (DoE) Los Alamos National Labs (LANL) and DoD High Performance Computing Modernization Office (HPCMO) are both working through evaluations with the intention of implementing in their systems.
Slides also available on SlideShare: