A User-level Secure Grid File System
|
|
- Merilyn Carpenter
- 6 years ago
- Views:
Transcription
1 A User-level Secure Grid File System Ming Zhao, Renato J. Figueiredo Advanced Computing and Information Systems (ACIS) Electrical and Computer Engineering University of Florida {ming, Advanced Computing and Information Systems laboratory
2 Motivations Need for secure grid file systems Support for unmodified applications, fine-grained data sharing Support for strong, flexible and grid-compatible security Virtual machines Genome sequence alignment Public data no need for privacy Interactive development DOMAIN A Sparse file access Commercial application DOMAIN B WAN Limited mutual trust insecure network Fine-grained data sharing Genome sequence alignment DOMAIN C Highly confidential need strong encryption DOMAIN D 2 Ming Zhao, SC 07
3 Overview Goal Secure DFS-based grid data management Approach A user-level secure grid file system Contributions: Secure and efficient grid data access Secure services for management and configuration Support for unmodified applications and O/Ss Flexible configurations based on application needs Compatible with widely-accepted grid security infrastructure 3 Ming Zhao, SC 07
4 Outline Background Architecture Secure GFS-based data access Secure service-based management Implementation Secure Remote Procedure Calls GSI-based GFS Grid file access control GSI-based management services Performance Summary 4 Ming Zhao, SC 07
5 Background Grid File System (GFS, a.k.a. GVFS) User-level virtualization of distributed file systems via proxies Leverages widely deployed O/S clients and servers (NFS V3) Proxies control authentication, authorization, identity mapping Per session security configuration and enforcement Export /GFS/X to O/S client client GFS I server O/S server Map 1000:1000 <-> 100:100 C1 X s job UID 1000 GID 1000 WAN GFS II server user data Export /GFS/Y to Y@C2 Map 2000:2000 <-> 100:100 /GFS UID 100 GID 100 S O/S client client C2 Y s job UID 2000 GID 2000 R. Figueiredo, et al., Seamless Access to Decentralized Storage Services in Computational Grids via a Virtual File System, Cluster Computing, Ming Zhao, SC 07
6 Background Data Management Services Middleware for controlling the lifecycles and configurations of GFSs File System Service (FSS) Controls local proxies to establish and configure GFSs Data Scheduler Service (DSS) Schedules and customizes GFSs through interactions with FSSs C1 FSS Job $ GFS I FSS DSS data C2 FSS Job $ GFS II M. Zhao, et al., Supporting Application-Tailored Grid File System Sessions with WSRF-Based Services, HPDC, Ming Zhao, SC 07 S
7 Secure GFS-based Data Access Based on Transport Level Security (TLS) Efficient end-to-end secure channel for remote procedure calls (RPC) Grid user s () certificate is used for authentication and authorization Shared key is negotiated for encryption of GFS traffic Digital signature or MAC is used for integrity checking Grid-style ACL associates file access permissions with grid user identity Flexible and customizable security policies and mechanisms per GFS X s certificate RPC/TLS Access control C X s job WAN user data /GFS/X S 7 Ming Zhao, SC 07
8 Secure Service-based Management Based on Message Level Security (MLS) Protection of messages in service-level interactions (SOAP) Support for security cooperation with other middleware services Grid user or service authenticates with DSS using the user s certificate Authorization is done by checking an ACL or a dedicated service FSS controls client to use the user s certificate to set up GFS DSS FSS SOAP/WS-Security FSS X s certificate RPC/TLS Access control C X s job WAN user data /GFS/X S 8 Ming Zhao, SC 07
9 Secure RPC Based on Socket Layer Security (SSL/TLS) Efficient implementations and successful deployments Support for full-featured security and a wide range of algorithms Transparent protection of GFS traffic GFSs are set up on per-user/application basis SSL-enabled secure RPC library (SRPC) We have developed it based on TI-RPC and OpenSSL API examples clnt_tli_ssl_create(......, struct security_context) svc_tli_ssl_create(......, struct security_context) Security configurations are defined in the security_context struct Generic secure RPC support, no need for system-level changes 9 Ming Zhao, SC 07
10 GSI-based File System Proxy Enhancements Uses SRPC library for secure communications Parses and validates GSI (Grid Security Infrastructure) certificates for authentication and authorization Configurations Defined in a configuration file used by users or services Security policies, algorithms, and parameters Support for dynamic reconfigurations Change of security policies Reload of certificates Renegotiation of session keys 10 Ming Zhao, SC 07
11 Grid File Access Control Per-GFS gridmap file Per file system access control Maps grid user identities to local user accounts A grid users gains the same file access permissions as the mapped local user Per-file/directory ACL file Per file/directory access control Stored as a protected hidden file:.filename.acl Contains pairs of grid user identity and access permission bitmask Leverages NFS ACCESS RPCs for checking ACL files and returning access permission bitmasks 11 Ming Zhao, SC 07
12 GSI-based Management Services Based on Web service standards Services based on WSRF (Web Service Resource Framework) Managing GFS states as resources Service-level security based on WS-Security Signing and verifying SOAP messages Implemented with WSRF::Lite Interoperable with other middleware services Grid file access control Uses ACLs stored in database Creates gridmap or ACL files for proxies Leverages dedicated security services E.g. Community authorization service 12 Ming Zhao, SC 07
13 Experimental Setup File system clients and servers Virtual machines Hosted on cluster nodes (3.2GHz hyperthreaded Xeon CPUs, 4GB memory) Network LAN Gigabit Ethernet WAN Emulated with NIST Net Benchmarks File system benchmarks IOzone, Postmark Applications Software development, scientific computing 13 Ming Zhao, SC 07
14 IOzone Intensive sequential reads LAN No client-side caching, no server-side disk accesses Configurations NFS V3/V4 Native, unsecured NFS GFS Unsecured GFS GFS-SSH SSH tunneling of GFS SGFS sgfs-aes: AES-256bit, SHA1-HMAC sgfs-rc: RC4-128bit, SHA1-HMAC sgfs-sha: SHA1-HMAC Runtime (second) Performance LAN sgfs-rc nfs-v3 nfs-v4 gfs sgfssha sgfsaes gfsssh 2-fold overhead for user-level security Stronger security sacrifices more performance sgfs-aes is used for the following study 14 Ming Zhao, SC 07
15 Postmark Simulates workloads from s, news, Web commerce Creation, transaction, deletion Intensive small reads/writes and metadata updates Performance GFS outperforms native NFS (by using aggressive attributes caching) Speedup increases as network latency grows 60 creation transaction deletion 1200 nfs-v3 sgfs Runtime (second) Runtime (second) nfs-v3 nfs-v4 sgfs gfs-ssh Network RTT (ms) LAN WAN 15 Ming Zhao, SC 07
16 Modified Andrew Benchmark Models software development process Copy, stat, search, compile Uses a larger workload than the original Andrew benchmark Performance Very close to native NFS on LAN Significant speedups on WAN (by using disk caching for attributes and data) Runtime (second) copy stat search compile LAN WAN (40ms RTT) nfs-v3 sgfs nfs-v3 sgfs Ming Zhao, SC 07
17 Seismic Models computing and data intensive scientific applications Phase 1: generate a large output file Phase 2, 3, 4: process data Performance Very close to native NFS on LAN Significant speedups on WAN (by using disk caching with write-back) phase 1 phase 2 phase 3 phase 4 LAN WAN(40ms RTT) 1021 Runtime (second) nfs-v3 sgfs nfs-v3 sgfs 17 Ming Zhao, SC 07
18 Related Work Security in distributed file systems NFS (V2, V3) NFS (V4), GridNFS AFS (OpenAFS, Coda) SGFS supports unmodified O/Ss, strong security for grid data access, and flexible application-tailored configurations Security in grid data management Globus Legion Condor SGFS combines the advantages of TLS and MLS, and is compatible with existing grid systems based on GSI 18 Ming Zhao, SC 07
19 Summary Problem Secure DFSs for grid data management Solution A user-level secure grid file system Strong and compatible security for grid data access Seamless support and flexible customization for applications Convenient integration with grid resources and systems Future work User-level cryptographic functions for protection of data storage 19 Ming Zhao, SC 07
20 Acknowledgments In-VIGO team Sponsors NSF IBM SUR DURIP Questions? 20 Ming Zhao, SC 07
Supporting Application- Tailored Grid File System Sessions with WSRF-Based Services
Supporting Application- Tailored Grid File System Sessions with WSRF-Based Services Ming Zhao, Vineet Chadha, Renato Figueiredo Advanced Computing and Information Systems Electrical and Computer Engineering
More informationDistributed File System Support for Virtual Machines in Grid Computing
Distributed File System Support for Virtual Machines in Grid Computing Ming Zhao, Jian Zhang, Renato Figueiredo Advanced Computing and Information Systems Electrical and Computer Engineering University
More informationFILE SYSTEM VIRTUALIZATION AND SERVICE FOR GRID DATA MANAGEMENT
FILE SYSTEM VIRTUALIZATION AND SERVICE FOR GRID DATA MANAGEMENT By MING ZHAO A DISSERTATION PRESENTED TO THE GRADUATE SCHOOL OF THE UNIVERSITY OF FLORIDA IN PARTIAL FULFILLMENT OF THE REQUIREMENTS FOR
More informationDistributed File System Virtualization Techniques Supporting On-Demand Virtual Machine Environments for Grid Computing
Cluster Computing 9, 45 56, 2006 C 2006 Springer Science + Business Media, Inc. Manufactured in The United States. Distributed File System Virtualization Techniques Supporting On-Demand Virtual Machine
More informationExperimental Study of Virtual Machine Migration in Support of Reservation of Cluster Resources
Experimental Study of Virtual Machine Migration in Support of Reservation of Cluster Resources Ming Zhao, Renato J. Figueiredo Advanced Computing and Information Systems (ACIS) Electrical and Computer
More informationJithendar Paladugula, Ming Zhao, Renato Figueiredo
Support for Data-Intensive, Variable- Granularity Grid Applications via Distributed File System Virtualization: A Case Study of Light Scattering Spectroscopy Jithendar Paladugula, Ming Zhao, Renato Figueiredo
More informationSupporting Application-Tailored Grid File System Sessions with WSRF-Based Services
Supporting Application-Tailored Grid File System Sessions with WSRF-Based Services Ming Zhao Vineet Chadha Renato J. Figueiredo Advanced Computing and Information Systems Laboratory (ACIS) Electrical and
More informationTransport Level Security
2 Transport Level Security : Security and Cryptography Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 28 October 2013 css322y13s2l12, Steve/Courses/2013/s2/css322/lectures/transport.tex,
More informationChapter 32 Security in the Internet: IPSec, SSL/TLS, PGP,
Chapter 32 Security in the Internet: IPSec, SSL/TLS, PGP, VPN, and Firewalls 32.1 Copyright The McGraw-Hill Companies, Inc. Permission required for reproduction or display. 32.2 Figure 32.1 Common structure
More informationScience gateways made easy: the In-VIGO approach
Science gateways made easy: the In-VIGO approach A. Matsunaga, M. Tsugawa, S. Adabala, R. Figueiredo, H. Lam and J. Fortes Advanced Computing and Information Systems Laboratory University of Florida June
More informationDeploying the TeraGrid PKI
Deploying the TeraGrid PKI Grid Forum Korea Winter Workshop December 1, 2003 Jim Basney Senior Research Scientist National Center for Supercomputing Applications University of Illinois jbasney@ncsa.uiuc.edu
More informationService Mesh and Microservices Networking
Service Mesh and Microservices Networking WHITEPAPER Service mesh and microservice networking As organizations adopt cloud infrastructure, there is a concurrent change in application architectures towards
More informationVirtual Machine Systems
Virtual Machine Systems Question Can a small operating system simulate the hardware of some machine so that Another operating system can run in that simulated hardware? More than one instance of that operating
More informationGLOBUS TOOLKIT SECURITY
GLOBUS TOOLKIT SECURITY Plamen Alexandrov, ISI Masters Student Softwarepark Hagenberg, January 24, 2009 TABLE OF CONTENTS Introduction (3-5) Grid Security Infrastructure (6-15) Transport & Message-level
More informationStorageCraft OneXafe and Veeam 9.5
TECHNICAL DEPLOYMENT GUIDE NOV 2018 StorageCraft OneXafe and Veeam 9.5 Expert Deployment Guide Overview StorageCraft, with its scale-out storage solution OneXafe, compliments Veeam to create a differentiated
More informationSingle Sign-On in In-VIGO: Role-based Access via Delegation Mechanisms Using Short-lived User Identities
Single Sign-On in In-VIGO: Role-based Access via Delegation Mechanisms Using Short-lived User Identities Sumalatha Adabala, Andréa Matsunaga, Maurício Tsugawa, Renato Figueiredo, José A. B. Fortes ACIS
More informationGrid Programming: Concepts and Challenges. Michael Rokitka CSE510B 10/2007
Grid Programming: Concepts and Challenges Michael Rokitka SUNY@Buffalo CSE510B 10/2007 Issues Due to Heterogeneous Hardware level Environment Different architectures, chipsets, execution speeds Software
More informationInternet2 Meeting September 2005
End User Agents: extending the "intelligence" to the edge in Distributed Systems Internet2 Meeting California Institute of Technology 1 OUTLINE (Monitoring Agents using a Large, Integrated s Architecture)
More informationAdvanced iscsi Management April, 2008
April, 2008 Gene Nagle, istor Networks SNIA Legal Notice The material contained in this tutorial is copyrighted by the SNIA. Member companies and individuals may use this material in presentations and
More information30 Nov Dec Advanced School in High Performance and GRID Computing Concepts and Applications, ICTP, Trieste, Italy
Advanced School in High Performance and GRID Computing Concepts and Applications, ICTP, Trieste, Italy Why the Grid? Science is becoming increasingly digital and needs to deal with increasing amounts of
More informationStorageCraft OneBlox and Veeam 9.5 Expert Deployment Guide
TECHNICAL DEPLOYMENT GUIDE StorageCraft OneBlox and Veeam 9.5 Expert Deployment Guide Overview StorageCraft, with its scale-out storage solution OneBlox, compliments Veeam to create a differentiated diskbased
More informationCS 470 Spring Distributed Web and File Systems. Mike Lam, Professor. Content taken from the following:
CS 470 Spring 2018 Mike Lam, Professor Distributed Web and File Systems Content taken from the following: "Distributed Systems: Principles and Paradigms" by Andrew S. Tanenbaum and Maarten Van Steen (Chapters
More informationComparing TCP performance of tunneled and non-tunneled traffic using OpenVPN. Berry Hoekstra Damir Musulin OS3 Supervisor: Jan Just Keijser Nikhef
Comparing TCP performance of tunneled and non-tunneled traffic using OpenVPN Berry Hoekstra Damir Musulin OS3 Supervisor: Jan Just Keijser Nikhef Outline Introduction Approach Research Results Conclusion
More informationSystem Requirements. Network Administrator Guide
System Requirements Network Administrator Guide 1 Beam Network Administrator Guide Suitable Technologies, Inc. May 2018 Beam is a comprehensive Presence System that couples high-end video, high-end audio,
More informationAlliance Key Manager A Solution Brief for Partners & Integrators
Alliance Key Manager A Solution Brief for Partners & Integrators Key Management Enterprise Encryption Key Management This paper is designed to help technical managers, product managers, and developers
More informationDistributed File Systems
Distributed File Systems Today l Basic distributed file systems l Two classical examples Next time l Naming things xkdc Distributed File Systems " A DFS supports network-wide sharing of files and devices
More informationDelegated Access for Hadoop Clusters in the Cloud
Delegated Access for Hadoop Clusters in the Cloud David Nuñez, Isaac Agudo, and Javier Lopez Network, Information and Computer Security Laboratory (NICS Lab) Universidad de Málaga, Spain Email: dnunez@lcc.uma.es
More informationUniversity of Wisconsin-Madison
Evolving RPC for Active Storage Muthian Sivathanu Andrea C. Arpaci-Dusseau Remzi H. Arpaci-Dusseau University of Wisconsin-Madison Architecture of the future Everything is active Cheaper, faster processing
More informationSecuring the Frisbee Multicast Disk Loader
Securing the Frisbee Multicast Disk Loader Robert Ricci, Jonathon Duerig University of Utah 1 What is Frisbee? 2 Frisbee is Emulab s tool to install whole disk images from a server to many clients using
More informationCS 470 Spring Distributed Web and File Systems. Mike Lam, Professor. Content taken from the following:
CS 470 Spring 2017 Mike Lam, Professor Distributed Web and File Systems Content taken from the following: "Distributed Systems: Principles and Paradigms" by Andrew S. Tanenbaum and Maarten Van Steen (Chapters
More informationDistributed Systems. Hajussüsteemid MTAT Distributed File Systems. (slides: adopted from Meelis Roos DS12 course) 1/25
Hajussüsteemid MTAT.08.024 Distributed Systems Distributed File Systems (slides: adopted from Meelis Roos DS12 course) 1/25 Examples AFS NFS SMB/CIFS Coda Intermezzo HDFS WebDAV 9P 2/25 Andrew File System
More informationMichigan Grid Research and Infrastructure Development (MGRID)
Michigan Grid Research and Infrastructure Development (MGRID) Abhijit Bose MGRID and Dept. of Electrical Engineering and Computer Science The University of Michigan Ann Arbor, MI 48109 abose@umich.edu
More informationAn Architecture For Computational Grids Based On Proxy Servers
An Architecture For Computational Grids Based On Proxy Servers P. V. C. Costa, S. D. Zorzo, H. C. Guardia {paulocosta,zorzo,helio}@dc.ufscar.br UFSCar Federal University of São Carlos, Brazil Abstract
More informationPerformance Analysis of iscsi Middleware Optimized for Encryption Processing in a Long-Latency Environment
Performance Analysis of iscsi Middleware Optimized for Encryption Processing in a Long-Latency Environment Kikuko Kamisaka Graduate School of Humanities and Sciences Ochanomizu University -1-1, Otsuka,
More informationNetwork Administrator s Guide
Overview Network Administrator s Guide Beam is a comprehensive Smart Presence system that couples high-end video, high-end audio, and the freedom of mobility for a crisp and immersive, video experience
More informationNetwork Device Provisioning
Network Device Provisioning Spring Internet2 Meeting April 23, 2013 Jim Jokl University of Virginia 1 The Problem Set Enable the use of strong authentication Passwords are painful and phishing is easy
More informationThe case for ubiquitous transport-level encryption
1/25 The case for ubiquitous transport-level encryption Andrea Bittau, Michael Hamburg, Mark Handley, David Mazières, and Dan Boneh Stanford and UCL November 18, 2010 Goals 2/25 What would it take to encrypt
More informationComparison of SSL/TLS libraries based on Algorithms/languages supported, Platform, Protocols and Performance. By Akshay Thorat
Comparison of SSL/TLS libraries based on Algorithms/languages supported, Platform, Protocols and Performance By Akshay Thorat Table of Contents TLS - Why is it needed? Introduction- SSL/TLS evolution Libraries
More informationCSCE 715: Network Systems Security
CSCE 715: Network Systems Security Chin-Tser Huang huangct@cse.sc.edu University of South Carolina Web Security Web is now widely used by business, government, and individuals But Internet and Web are
More informationSecurity context. Technology. Solution highlights
Code42 CrashPlan Security Code42 CrashPlan provides continuous, automatic desktop and laptop backup. Our layered approach to security exceeds industry best practices and fulfills the enterprise need for
More informationStorage and File Hierarchy
COS 318: Operating Systems Storage and File Hierarchy Jaswinder Pal Singh Computer Science Department Princeton University (http://www.cs.princeton.edu/courses/cos318/) Topics Storage hierarchy File system
More informationCOS 318: Operating Systems
COS 318: Operating Systems File Systems: Abstractions and Protection Jaswinder Pal Singh Computer Science Department Princeton University (http://www.cs.princeton.edu/courses/cos318/) Topics What s behind
More informationSolutions Business Manager Web Application Security Assessment
White Paper Solutions Business Manager Solutions Business Manager 11.3.1 Web Application Security Assessment Table of Contents Micro Focus Takes Security Seriously... 1 Solutions Business Manager Security
More informationSECURITY ON AWS 8/3/17. AWS Security Standards MORE. By Max Ellsberry
SECURITY ON AWS By Max Ellsberry AWS Security Standards The IT infrastructure that AWS provides has been designed and managed in alignment with the best practices and meets a variety of standards. Below
More informationCloud Computing CS
Cloud Computing CS 15-319 Distributed File Systems and Cloud Storage Part I Lecture 12, Feb 22, 2012 Majd F. Sakr, Mohammad Hammoud and Suhail Rehman 1 Today Last two sessions Pregel, Dryad and GraphLab
More informationUnderstanding StoRM: from introduction to internals
Understanding StoRM: from introduction to internals 13 November 2007 Outline Storage Resource Manager The StoRM service StoRM components and internals Deployment configuration Authorization and ACLs Conclusions.
More informationEnabling Efficient and Scalable Zero-Trust Security
WHITE PAPER Enabling Efficient and Scalable Zero-Trust Security FOR CLOUD DATA CENTERS WITH AGILIO SMARTNICS THE NEED FOR ZERO-TRUST SECURITY The rapid evolution of cloud-based data centers to support
More informationCourse : Planning and Administering SharePoint 2016
Course Outline Course 20339-1: Planning and Administering SharePoint 2016 Duration: 5 days About this course This five-day course will provide you with the knowledge and skills to plan and administer a
More informationPCI DSS Compliance. White Paper Parallels Remote Application Server
PCI DSS Compliance White Paper Parallels Remote Application Server Table of Contents Introduction... 3 What Is PCI DSS?... 3 Why Businesses Need to Be PCI DSS Compliant... 3 What Is Parallels RAS?... 3
More informationGSI-based Security for Web Services
GSI-based Security for Web Services Sriram Krishnan, Ph.D. sriram@sdsc.edu Topics Covered High-level Overview Message and Transport Level Security Authentication and Authorization Implementation details
More informationScience Computing Clouds.
Science Computing Clouds. December 9, 2008 Chan-Hyun Youn School of Engineering/ Grid Middleware Research Center Information and Communications University COPYRIGHT@LANS Lab, Information and Communication
More informationOracle Developer Day
Oracle Developer Day Sponsored by: Track # 1: Session #2 Web Services Speaker 1 Agenda Developing Web services Architecture, development and interoperability Quality of service Security, reliability, management
More informationAdvanced RDMA-based Admission Control for Modern Data-Centers
Advanced RDMA-based Admission Control for Modern Data-Centers Ping Lai Sundeep Narravula Karthikeyan Vaidyanathan Dhabaleswar. K. Panda Computer Science & Engineering Department Ohio State University Outline
More informationCIS 21 Final Study Guide. Final covers ch. 1-20, except for 17. Need to know:
CIS 21 Final Study Guide Final covers ch. 1-20, except for 17. Need to know: I. Amdahl's Law II. Moore s Law III. Processes and Threading A. What is a process? B. What is a thread? C. Modes (kernel mode,
More informationtcpcrypt: real transport-level encryption Andrea Bittau, Mike Hamburg, Mark Handley, David Mazieres, Dan Boneh. UCL and Stanford.
tcpcrypt: real transport-level encryption Andrea Bittau, Mike Hamburg, Mark Handley, David Mazieres, Dan Boneh. UCL and Stanford. What would it take to encrypt the vast majority of TCP traffic? Performance
More informationKerberos & HPC Batch systems. Matthieu Hautreux (CEA/DAM/DIF)
Kerberos & HPC Batch systems Matthieu Hautreux (CEA/DAM/DIF) matthieu.hautreux@cea.fr Outline Kerberos authentication HPC site environment Kerberos & HPC systems AUKS From HPC site to HPC Grid environment
More informationCisco AnyConnect Secure Mobility Solution. György Ács Regional Security Consultant
Cisco AnyConnect Secure Mobility Solution György Ács Regional Security Consultant Mobile User Challenges Mobile and Security Services Web Security Deployment Methods Live Q&A 2011 Cisco and/or its affiliates.
More informationCisco VPN Internal Service Module for Cisco ISR G2
Data Sheet Cisco VPN Internal Service Module for Cisco ISR G2 Compact Versatile High-Performance VPN Module The Cisco VPN Internal Service Module (VPN ISM) is a module for the Cisco Integrated Services
More informationPerformance Implications of Security Protocols
Performance Implications of Security Protocols Varsha Mainkar Technical Staff Member Network Design & Performance Analysis Advanced Technologies, Joint Work with Paul Reeser 5th INFORMS Telecom Conference
More informationOverview SENTINET 3.1
Overview SENTINET 3.1 Overview 1 Contents Introduction... 2 Customer Benefits... 3 Development and Test... 3 Production and Operations... 4 Architecture... 5 Technology Stack... 7 Features Summary... 7
More informationXenApp 5 Security Standards and Deployment Scenarios
XenApp 5 Security Standards and Deployment Scenarios 2015-03-04 20:22:07 UTC 2015 Citrix Systems, Inc. All rights reserved. Terms of Use Trademarks Privacy Statement Contents XenApp 5 Security Standards
More informationMicrosoft Architecting Microsoft Azure Solutions.
Microsoft 70-535 Architecting Microsoft Azure Solutions https://killexams.com/pass4sure/exam-detail/70-535 QUESTION: 106 Your organization has developed and deployed several Azure App Service Web and API
More informationAN IPSWITCH WHITEPAPER. The Definitive Guide to Secure FTP
AN IPSWITCH WHITEPAPER The Definitive Guide to Secure FTP The Importance of File Transfer Are you concerned with the security of file transfer processes in your company? According to a survey of IT pros
More informationOperating Systems. Week 13 Recitation: Exam 3 Preview Review of Exam 3, Spring Paul Krzyzanowski. Rutgers University.
Operating Systems Week 13 Recitation: Exam 3 Preview Review of Exam 3, Spring 2014 Paul Krzyzanowski Rutgers University Spring 2015 April 22, 2015 2015 Paul Krzyzanowski 1 Question 1 A weakness of using
More informationSafeguarding Cardholder Account Data
Safeguarding Cardholder Account Data Attachmate Safeguarding Cardholder Account Data CONTENTS The Twelve PCI Requirements... 1 How Reflection Handles Your Host-Centric Security Issues... 2 The Reflection
More informationCS 416: Operating Systems Design April 22, 2015
Question 1 A weakness of using NAND flash memory for use as a file system is: (a) Stored data wears out over time, requiring periodic refreshing. Operating Systems Week 13 Recitation: Exam 3 Preview Review
More informationScaling Acceleration Capacity from 5 to 50 Gbps and Beyond with Intel QuickAssist Technology
SOLUTION BRIEF Intel QuickAssist Technology Scaling Acceleration Capacity from 5 to 5 Gbps and Beyond with Intel QuickAssist Technology Equipment manufacturers can dial in the right capacity by choosing
More informationvedge Cloud Datasheet PRODUCT OVERVIEW DEPLOYMENT USE CASES EXTEND VIPTELA OVERLAY INTO PUBLIC CLOUD ENVIRONMENTS
vedge Cloud Datasheet PRODUCT OVERVIEW Viptela vedge Cloud is a software router platform that supports entire range of capabilities available on the physical vedge-100, vedge-1000 and vedge-2000 router
More informationUsing the MyProxy Online Credential Repository
Using the MyProxy Online Credential Repository Jim Basney National Center for Supercomputing Applications University of Illinois jbasney@ncsa.uiuc.edu What is MyProxy? Independent Globus Toolkit add-on
More informationSecuring VMware NSX-T J U N E 2018
Securing VMware NSX-T J U N E 2018 Securing VMware NSX Table of Contents Executive Summary...2 NSX-T Traffic [Control, Management, and Data]...3 NSX Manager:...7 NSX Controllers:...9 NSX Edge:...10 NSX-T
More informationChapter 18 Distributed Systems and Web Services
Chapter 18 Distributed Systems and Web Services Outline 18.1 Introduction 18.2 Distributed File Systems 18.2.1 Distributed File System Concepts 18.2.2 Network File System (NFS) 18.2.3 Andrew File System
More informationSentinet for BizTalk Server VERSION 2.2
for BizTalk Server VERSION 2.2 for BizTalk Server 1 Contents Introduction... 2 SOA Repository... 2 Security... 3 Mediation and Virtualization... 3 Authentication and Authorization... 4 Monitoring, Recording
More informationVPN World. MENOG 16 Istanbul-Turkey. By Ziad Zubidah Network Security Specialist
VPN World MENOG 16 Istanbul-Turkey By Ziad Zubidah Network Security Specialist What is this Van used for?! Armed Van It used in secure transporting for valuable goods from one place to another. It is bullet
More informationSecurity Overview of the BGI Online Platform
WHITEPAPER 2015 BGI Online All rights reserved Version: Draft v3, April 2015 Security Overview of the BGI Online Platform Data security is, in general, a very important aspect in computing. We put extra
More informationEnd-to-End Java Security Performance Enhancements for Oracle SPARC Servers Performance engineering for a revenue product
End-to-End Java Security Performance Enhancements for Oracle SPARC Servers Performance engineering for a revenue product Luyang Wang, Pallab Bhattacharya, Yao-Min Chen, Shrinivas Joshi and James Cheng
More information2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 1
2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 1 Cisco AnyConnect as a Service György Ács Regional Security Consultant Mobile User Challenges Mobile and Security Services Web Security
More informationShared Parallel Filesystems in Heterogeneous Linux Multi-Cluster Environments
LCI HPC Revolution 2005 26 April 2005 Shared Parallel Filesystems in Heterogeneous Linux Multi-Cluster Environments Matthew Woitaszek matthew.woitaszek@colorado.edu Collaborators Organizations National
More informationiscsi Technology: A Convergence of Networking and Storage
HP Industry Standard Servers April 2003 iscsi Technology: A Convergence of Networking and Storage technology brief TC030402TB Table of Contents Abstract... 2 Introduction... 2 The Changing Storage Environment...
More informationAcronyms. International Organization for Standardization International Telecommunication Union ITU Telecommunication Standardization Sector
Acronyms 3DES AES AH ANSI CBC CESG CFB CMAC CRT DoS DEA DES DoS DSA DSS ECB ECC ECDSA ESP FIPS IAB IETF IP IPsec ISO ITU ITU-T Triple DES Advanced Encryption Standard Authentication Header American National
More informationJuliusz Pukacki OGF25 - Grid technologies in e-health Catania, 2-6 March 2009
Grid Technologies for Cancer Research in the ACGT Project Juliusz Pukacki (pukacki@man.poznan.pl) OGF25 - Grid technologies in e-health Catania, 2-6 March 2009 Outline ACGT project ACGT architecture Layers
More informationCorente Cloud Services Exchange
Corente Cloud Services Exchange Oracle s Corente Cloud Services Exchange (Corente CSX) is a cloud-based service that enables distributed enterprises to deliver trusted IPSec VPN connectivity services to
More informationLayered Architecture
The Globus Toolkit : Introdution Dr Simon See Sun APSTC 09 June 2003 Jie Song, Grid Computing Specialist, Sun APSTC 2 Globus Toolkit TM An open source software toolkit addressing key technical problems
More informationGrandstream Networks, Inc. GWN7000 Multi-WAN Gigabit VPN Router VPN Configuration Guide
Grandstream Networks, Inc. GWN7000 Multi-WAN Gigabit VPN Router VPN Configuration Guide Table of Contents SUPPORTED DEVICES... 5 INTRODUCTION... 6 GWN7000 VPN FEATURE... 7 OPENVPN CONFIGURATION... 8 OpenVPN
More informationNetwork Security. Thierry Sans
Network Security Thierry Sans HTTP SMTP DNS BGP The Protocol Stack Application TCP UDP Transport IPv4 IPv6 ICMP Network ARP Link Ethernet WiFi The attacker is capable of confidentiality integrity availability
More informationINCREASE APPLICATION SECURITY FOR PCI DSS VERSION 3.1 SUCCESS AKAMAI SOLUTIONS BRIEF INCREASE APPLICATION SECURITY FOR PCI DSS VERSION 3.
INCREASE APPLICATION SECURITY FOR PCI DSS VERSION 3.1 SUCCESS Protect Critical Enterprise Applications and Cardholder Information with Enterprise Application Access Scope and Audience This guide is for
More informationAuthenticated Storage Using Small Trusted Hardware Hsin-Jung Yang, Victor Costan, Nickolai Zeldovich, and Srini Devadas
Authenticated Storage Using Small Trusted Hardware Hsin-Jung Yang, Victor Costan, Nickolai Zeldovich, and Srini Devadas Massachusetts Institute of Technology November 8th, CCSW 2013 Cloud Storage Model
More informationSecuring Enterprise Extender
Securing Enterprise Extender Sam Reynolds IBM z/os Communications Server Design samr@us.ibm.com Ray Romney Cisco Systems romney@cisco.com Tony Amies William Data Systems Product Architect tony.amies@willdata.com
More informationVendor: Citrix. Exam Code: 1Y Exam Name: Designing Citrix XenDesktop 7.6 Solutions. Version: Demo
Vendor: Citrix Exam Code: 1Y0-401 Exam Name: Designing Citrix XenDesktop 7.6 Solutions Version: Demo DEMO QUESTION 1 Which option requires the fewest components to implement a fault-tolerant, load-balanced
More informationGrid Computing Fall 2005 Lecture 16: Grid Security. Gabrielle Allen
Grid Computing 7700 Fall 2005 Lecture 16: Grid Security Gabrielle Allen allen@bit.csc.lsu.edu http://www.cct.lsu.edu/~gallen Required Reading Chapter 16 of The Grid (version 1), freely available for download
More informationEI 338: Computer Systems Engineering (Operating Systems & Computer Architecture)
EI 338: Computer Systems Engineering (Operating Systems & Computer Architecture) Dept. of Computer Science & Engineering Chentao Wu wuct@cs.sjtu.edu.cn Download lectures ftp://public.sjtu.edu.cn User:
More informationPROTECTED EXTENSIBLE AUTHENTICATION PROTOCOL
Q&A PROTECTED EXTENSIBLE AUTHENTICATION PROTOCOL This document answers questions about Protected Extensible Authentication Protocol. OVERVIEW Q. What is Protected Extensible Authentication Protocol? A.
More informationConfiguring Tunnel Interfaces on Cisco IOS XR Software
Configuring Tunnel Interfaces on Cisco IOS XR Software This module describes the configuration of Tunnel-IPSec interfaces on the Cisco CRS Router. Tunnel interfaces are virtual interfaces that provide
More informationApplication of Monitoring Standards for enhancing Energy System Security
Application of Monitoring Standards for enhancing Energy System Security G. DONDOSSOLA*, R. TERRUGGIA*, P. WYLACH*, G. PUGNI**, F. BELLIO*** RSE SpA*, Enel SpA**, Enel Produzione SpA*** Italy About RSE
More informationA High-Performance Storage and Ultra- High-Speed File Transfer Solution for Collaborative Life Sciences Research
A High-Performance Storage and Ultra- High-Speed File Transfer Solution for Collaborative Life Sciences Research Storage Platforms with Aspera Overview A growing number of organizations with data-intensive
More informationCrossing the Chasm: Sneaking a parallel file system into Hadoop
Crossing the Chasm: Sneaking a parallel file system into Hadoop Wittawat Tantisiriroj Swapnil Patil, Garth Gibson PARALLEL DATA LABORATORY Carnegie Mellon University In this work Compare and contrast large
More informationA: PLANNING AND ADMINISTERING SHAREPOINT 2016
ABOUT THIS COURSE This five-day course will provide you with the knowledge and skills to plan and administer a Microsoft SharePoint 2016 environment. The course teaches you how to deploy, administer, and
More informationS.No QUESTIONS COMPETENCE LEVEL UNIT -1 PART A 1. Illustrate the evolutionary trend towards parallel distributed and cloud computing.
VALLIAMMAI ENGNIEERING COLLEGE SRM Nagar, Kattankulathur 603203. DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING Year & Semester : IV & VII Section : CSE -1& 2 Subject Code : CS6703 Subject Name : Grid
More informationDelivers cost savings, high definition display, and supercharged sharing
TM OpenText TM Exceed TurboX Delivers cost savings, high definition display, and supercharged sharing OpenText Exceed TurboX is an advanced solution for desktop virtualization and remote access to enterprise
More informationCloudSky: A Controllable Data Self-Destruction System for Untrusted Cloud Storage Networks
CloudSky: A Controllable Data Self-Destruction System for Untrusted Cloud Storage Networks The material in these slides mainly comes from the paper CloudSky: A Controllable Data Self-Destruction System
More informationIntegrating the Hardware Management Console s Broadband Remote Support Facility into your Enterprise
System z Integrating the Hardware Management Console s Broadband Remote Support Facility into your Enterprise SC28-6880-00 System z Integrating the Hardware Management Console s Broadband Remote Support
More information