scenario 2: safety critical instruments. threats/risk analysis o all the usual grid problems o...
TRANSCRIPT
Scenario 2:
Safety Critical Instruments
Threats/Risk Analysis
o All the usual grid problemso Greater risk of overlapping resource usageo Risk of confidentiality leaks (accidental?)o Grid ethos conflicts with safety-critical opso Impact severity of information leaks (eg
pharma paranoia)
Major Issues
o Requirements to make results publicly available (at some time)
o How does remote user verify actual derivation of results for review/publication
Policy Requirements
o Document user-interaction with service/resource (like extended lab manual)
o Decouple ‘low-level’ execution languageo From ‘high-level’ service use languageo Encode these requirements into
interface/translation constraints to eqip controlling software
Trust Relationships
o Not based solely on technical (electronic) assertions (eg PKI)
o Trust based on signing chain expressed a credibility (authority of institution (RA))
o Trust to use resource mediated by research council
o Trust to use resource ultimately based on local authorisation
Roles
o Physical operationo Service accesso Service provision (local RA/grid)o Training provider (in house for project
kit; outside fore remote safety training)
o Roles not static o Security officer
Technical Gaps
o Graceful failure – grid mediated authorisationo Last resort – console access to perform shutdown
recovero Local+remote authentication and authorisation for
local equipment for example grid firewalls, changing over time
o Firewall to protect campus nets from outdoing grid traffic
o Vendor eqpt not designed with security of interoperability in mind
o Requires common language to express services constraints on use (esp safety criticality)
Training Requirements
o Generic – for end users (safe key storage etc)
o Safety – ring fenced security layers to stop users doing undesirable things
o Resources – classify and identify resources according to safety criticality and authorise accordingly.
Recommendations
oDistinguish infrastructure issues from project resource specific –specific onesoIdentify other safety concerned grid projects (as well as safety crucial resources or operations)
Recommendations
o Distinguish infrastructure issues from project resource specific –specific ones
o Identify other safety concerned grid projects (as well as safety crucial resources or operations)