Security is King

By By Daniel Pasco, Chief Engineer/Executive VP, Brain Murmurs Inc.

May 29, 2006

I've noticed that although there are many different volunteer Grid computing systems, no single commercial products seems to have emerged as the dominant player. I have some thoughts to share on the obstacles preventing the advancement of Grid technology in the marketplace, and a solution for overcoming them.

The Problem: Security

The single biggest issue is, in my opinion, security. In a volunteer grid system, the computing software has to run on a computer that belongs to someone and is used for things other than supercomputing. I used to work as a network administrator at Kistler Aerospace, and know just how paranoid folks are about their computers. People are suspicious of anything that might make them stop working.

I'm not talking about the Young Turks in a company. Junior staff is usually excited to try anything new. Unfortunately (and I'm speaking from experience here), this enthusiasm often results in massive computer crashes and all-nighters in which they get to learn things like “How to rebuild a UNIX server” and “Really, really don't break the Primary Domain Controller if you don't have a Backup Domain Controller.”

The real xenophobes are the Old Guard: the people further up the org chart, with two or three decades of experience under their belts. By and large, they are immune to hype and conservative about what goes onto their computers. And unless they are extremely technical, if you come by and install a Grid client on their machine one day, and for some reason they can't print the next week, odds are good that they will suspect it is the Grid client that is to blame.

As far as I am concerned, the IT manager has a job only slightly less thankless than that of a mine sweeper. Computers go down all the time, and the IT manager is a constant focus for criticism and intolerance by the staff. If you ask the average IT guy how to best keep a network stable, they will tell you it is to lock the staff out of the building and keep them away from their computers. Ideally, the computers should all be turned off, too.

A seasoned IT manager is going to be vehemently against installing Grid computing clients on their network. It is just one more thing that can break. And since it is a network application, it is something that can break the entire network if things go really bad.

If you tell them that the software they'll be running was written by the local staff, they'd probably shut you down even faster. I don't know why, but there seems to be a perception that if it was published by another company it might be safer. Familiarity breeds contempt. I'm not speaking in general terms here. I remember a co-worker of mine trying to talk our IT admin into letting us install a test servlet on our corporate gateway. When faced with the assertion that the code was totally stable and safe, the admin barked bitterly at the engineer, “Yeah, right. I've seen the kind of bugs you write.”

So, what are the options for making sure that the code your Grid client runs is safe?

For starters, you can make sure that the Grid client only runs code signed by trusted organizations. What people think this does is make your computer safe. What it actually does is dramatically reduce the odds of your computer accidentally running malware (trojan horse viruses, worms, etc.).

The downside to blind faith in trusted code is that accidents happen. Look at the security holes in Microsoft Windows. Consider how much business revenue has been lost in the United States due to these security problems. Consider how hard it is to keep a straight face when your browser presents you with a code-signing certificate and offers you the option to “Always trust software from Microsoft.”

If a company you trust (hell, it could be your own company) downloads library binaries to use for development and doesn't do an md5 check on the libraries before linking them in with their code, they are opening the door for trojan horse viruses. If they link the libraries with their own code, and then sign the entire package, you now have signed code from a trusted source that contains a virus.

Likewise, there are simply bugs. Suppose that a program does some work, stores intermediate results in a scratch directory and then deletes the directory when completed. Improper input (like a null string) could cause the directory to delete a user directory instead of a subdirectory inside the user's folder. This bug could easily be present in a signed code library.

All that signing code does is tell you who to blame when it's already too late.

The Solution: Run-time Checking

Java, on the other hand, has the capability to provide run-time checking. If the security manager is enabled, the Java runtime will check every line of code before it is executed. If the code attempts to delete the user's directory (forbidden), the code will be halted. If the code attempts to read from anywhere outside of its own scratch directory, the code will be halted. If the code attempts to open an unauthorized network connection, it will be halted.

Runtime checking provides 11th hour preventative measures against the things the developers didn't know about their code.

I am convinced that run time checks are the very best way to safely host foreign code on a network. I am also convinced that promising run time checks on client code is the best way to coax people into allowing Grid software to run on their computers. Most IT admins will probably still balk at the idea, but if the benefits to the organization are high enough, they might at least not threaten to quit their jobs over the idea.

About Daniel Pasco

Daniel Pasco is chief engineer and executive vice president at Brain Murmurs Inc., in Seattle. He is in charge of internal product research and development and lead architect of the JIVA Grid software suite.

Subscribe to HPCwire's Weekly Update!

Be the most informed person in the room! Stay ahead of the tech trends with industy updates delivered to you every week!

Hyperion: AI-driven HPC Industry Continues to Push Growth Projections

November 21, 2019

Three major forces – AI, cloud and exascale – are combining to raise the HPC industry to heights exceeding expectations. According to market study results released this week by Hyperion Research at SC19 in Denver, Read more…

By Doug Black

At SC19: Bespoke Supercomputing for Climate and Weather

November 20, 2019

Weather and climate applications are some of the most important uses of HPC – a good model can save lives, as well as billions of dollars. But many weather and climate models struggle to run efficiently in their HPC en Read more…

By Oliver Peckham

Microsoft, Nvidia Launch Cloud HPC Service

November 20, 2019

Nvidia and Microsoft have joined forces to offer a cloud HPC capability based on the GPU vendor’s V100 Tensor Core chips linked via an InfiniBand network scaling up to 800 graphics processors. The partners announced Read more…

By George Leopold

Hazra Retiring from Intel Data Center Group, Successor Not Known

November 20, 2019

Rajeeb Hazra, corporate VP of Intel’s Data Center Group and GM for the Enterprise and Government Group, is retiring after more than 24 years at the company. At this writing, his successor is unknown. An earlier story on... Read more…

By Doug Black

Jensen Huang’s SC19 – Fast Cars, a Strong Arm, and Aiming for the Cloud(s)

November 20, 2019

We’ve come to expect Nvidia CEO Jensen Huang’s annual SC keynote to contain stunning graphics and lively bravado (with plenty of examples) in support of GPU-accelerated computing. In recent years, AI has joined the s Read more…

By John Russell

AWS Solution Channel

Making High Performance Computing Affordable and Accessible for Small and Medium Businesses with HPC on AWS

High performance computing (HPC) brings a powerful set of tools to a broad range of industries, helping to drive innovation and boost revenue in finance, genomics, oil and gas extraction, and other fields. Read more…

IBM Accelerated Insights

Data Management – The Key to a Successful AI Project

 

Five characteristics of an awesome AI data infrastructure

[Attend the IBM LSF & HPC User Group Meeting at SC19 in Denver on November 19!]

AI is powered by data

While neural networks seem to get all the glory, data is the unsung hero of AI projects – data lies at the heart of everything from model training to tuning to selection to validation. Read more…

SC19 Student Cluster Competition: Know Your Teams

November 19, 2019

I’m typing this live from Denver, the location of the 2019 Student Cluster Competition… and, oh yeah, the annual SC conference too. The attendance this year should be north of 13,000 people, with the majority attende Read more…

By Dan Olds

Hyperion: AI-driven HPC Industry Continues to Push Growth Projections

November 21, 2019

Three major forces – AI, cloud and exascale – are combining to raise the HPC industry to heights exceeding expectations. According to market study results r Read more…

By Doug Black

At SC19: Bespoke Supercomputing for Climate and Weather

November 20, 2019

Weather and climate applications are some of the most important uses of HPC – a good model can save lives, as well as billions of dollars. But many weather an Read more…

By Oliver Peckham

Hazra Retiring from Intel Data Center Group, Successor Not Known

November 20, 2019

Rajeeb Hazra, corporate VP of Intel’s Data Center Group and GM for the Enterprise and Government Group, is retiring after more than 24 years at the company. At this writing, his successor is unknown. An earlier story on... Read more…

By Doug Black

Jensen Huang’s SC19 – Fast Cars, a Strong Arm, and Aiming for the Cloud(s)

November 20, 2019

We’ve come to expect Nvidia CEO Jensen Huang’s annual SC keynote to contain stunning graphics and lively bravado (with plenty of examples) in support of GPU Read more…

By John Russell

Top500: US Maintains Performance Lead; Arm Tops Green500

November 18, 2019

The 54th Top500, revealed today at SC19, is a familiar list: the U.S. Summit (ORNL) and Sierra (LLNL) machines, offering 148.6 and 94.6 petaflops respectively, Read more…

By Tiffany Trader

ScaleMatrix and Nvidia Launch ‘Deploy Anywhere’ DGX HPC and AI in a Controlled Enclosure

November 18, 2019

HPC and AI in a phone booth: ScaleMatrix and Nvidia announced today at the SC19 conference in Denver a joint offering that puts up to 13 petaflops of Nvidia DGX Read more…

By Doug Black

Intel Debuts New GPU – Ponte Vecchio – and Outlines Aspirations for oneAPI

November 17, 2019

Intel today revealed a few more details about its forthcoming Xe line of GPUs – the top SKU is named Ponte Vecchio and will be used in Aurora, the first plann Read more…

By John Russell

SC19: Welcome to Denver

November 17, 2019

A significant swath of the HPC community has come to Denver for SC19, which began today (Sunday) with a rich technical program. As is customary, the ribbon cutt Read more…

By Tiffany Trader

Supercomputer-Powered AI Tackles a Key Fusion Energy Challenge

August 7, 2019

Fusion energy is the Holy Grail of the energy world: low-radioactivity, low-waste, zero-carbon, high-output nuclear power that can run on hydrogen or lithium. T Read more…

By Oliver Peckham

Using AI to Solve One of the Most Prevailing Problems in CFD

October 17, 2019

How can artificial intelligence (AI) and high-performance computing (HPC) solve mesh generation, one of the most commonly referenced problems in computational engineering? A new study has set out to answer this question and create an industry-first AI-mesh application... Read more…

By James Sharpe

Cray Wins NNSA-Livermore ‘El Capitan’ Exascale Contract

August 13, 2019

Cray has won the bid to build the first exascale supercomputer for the National Nuclear Security Administration (NNSA) and Lawrence Livermore National Laborator Read more…

By Tiffany Trader

DARPA Looks to Propel Parallelism

September 4, 2019

As Moore’s law runs out of steam, new programming approaches are being pursued with the goal of greater hardware performance with less coding. The Defense Advanced Projects Research Agency is launching a new programming effort aimed at leveraging the benefits of massive distributed parallelism with less sweat. Read more…

By George Leopold

AMD Launches Epyc Rome, First 7nm CPU

August 8, 2019

From a gala event at the Palace of Fine Arts in San Francisco yesterday (Aug. 7), AMD launched its second-generation Epyc Rome x86 chips, based on its 7nm proce Read more…

By Tiffany Trader

D-Wave’s Path to 5000 Qubits; Google’s Quantum Supremacy Claim

September 24, 2019

On the heels of IBM’s quantum news last week come two more quantum items. D-Wave Systems today announced the name of its forthcoming 5000-qubit system, Advantage (yes the name choice isn’t serendipity), at its user conference being held this week in Newport, RI. Read more…

By John Russell

Ayar Labs to Demo Photonics Chiplet in FPGA Package at Hot Chips

August 19, 2019

Silicon startup Ayar Labs continues to gain momentum with its DARPA-backed optical chiplet technology that puts advanced electronics and optics on the same chip Read more…

By Tiffany Trader

Crystal Ball Gazing: IBM’s Vision for the Future of Computing

October 14, 2019

Dario Gil, IBM’s relatively new director of research, painted a intriguing portrait of the future of computing along with a rough idea of how IBM thinks we’ Read more…

By John Russell

Leading Solution Providers

ISC 2019 Virtual Booth Video Tour

CRAY
CRAY
DDN
DDN
DELL EMC
DELL EMC
GOOGLE
GOOGLE
ONE STOP SYSTEMS
ONE STOP SYSTEMS
PANASAS
PANASAS
VERNE GLOBAL
VERNE GLOBAL

Cray, Fujitsu Both Bringing Fujitsu A64FX-based Supercomputers to Market in 2020

November 12, 2019

The number of top-tier HPC systems makers has shrunk due to a steady march of M&A activity, but there is increased diversity and choice of processing compon Read more…

By Tiffany Trader

Intel Confirms Retreat on Omni-Path

August 1, 2019

Intel Corp.’s plans to make a big splash in the network fabric market for linking HPC and other workloads has apparently belly-flopped. The chipmaker confirmed to us the outlines of an earlier report by the website CRN that it has jettisoned plans for a second-generation version of its Omni-Path interconnect... Read more…

By Staff report

Kubernetes, Containers and HPC

September 19, 2019

Software containers and Kubernetes are important tools for building, deploying, running and managing modern enterprise applications at scale and delivering enterprise software faster and more reliably to the end user — while using resources more efficiently and reducing costs. Read more…

By Daniel Gruber, Burak Yenier and Wolfgang Gentzsch, UberCloud

Dell Ramps Up HPC Testing of AMD Rome Processors

October 21, 2019

Dell Technologies is wading deeper into the AMD-based systems market with a growing evaluation program for the latest Epyc (Rome) microprocessors from AMD. In a Read more…

By John Russell

Rise of NIH’s Biowulf Mirrors the Rise of Computational Biology

July 29, 2019

The story of NIH’s supercomputer Biowulf is fascinating, important, and in many ways representative of the transformation of life sciences and biomedical res Read more…

By John Russell

Xilinx vs. Intel: FPGA Market Leaders Launch Server Accelerator Cards

August 6, 2019

The two FPGA market leaders, Intel and Xilinx, both announced new accelerator cards this week designed to handle specialized, compute-intensive workloads and un Read more…

By Doug Black

Intel Debuts New GPU – Ponte Vecchio – and Outlines Aspirations for oneAPI

November 17, 2019

Intel today revealed a few more details about its forthcoming Xe line of GPUs – the top SKU is named Ponte Vecchio and will be used in Aurora, the first plann Read more…

By John Russell

When Dense Matrix Representations Beat Sparse

September 9, 2019

In our world filled with unintended consequences, it turns out that saving memory space to help deal with GPU limitations, knowing it introduces performance pen Read more…

By James Reinders

  • arrow
  • Click Here for More Headlines
  • arrow
Do NOT follow this link or you will be banned from the site!
Share This