Enabling Grids for E-scienc. E Encrypted Data Store, Hydra & Delegation Interface Ricardo Rocha On behalf of the JRA 1 Data Management team JRA 1 All Hands Meeting, CERN 23 March 2006 www. eu-egee. org INFSO-RI-508833 JRA 1 All Hands Meeting, CERN
Outline Enabling Grids for E-scienc. E • Encrypted Data Storage in MDM • Hydra Key. Store • Delegation 1. 1 INFSO-RI-508833 JRA 1 All Hands Meeting, CERN
Encrypted Data Storage Enabling Grids for E-scienc. E • System developed as part of the Medical Data Manager • Requirements – Patient privacy § Needs fine access control (ACLs on all data and metadata) § Needs metadata contention (metadatabases administrated by accredited staff) – Data protection § Needs data encryption (even grid sites administrators are not accredited to access the data) • Objectives – Expose an standard grid interface (SRM) for medical image servers (DICOM) – Fulfill application security requirements without interfering with clinical practice INFSO-RI-508833 JRA 1 All Hands Meeting, CERN
Medical Data Retrieval Enabling Grids for E-scienc. E 1. get GUID from metadata Worker Node g. Lite. IO client 7. get file key and decrypt file locally In-memory decryption Metadata ACL control Fireman 2. glite-eds-get 6. on g. Lite. IO ret -the urn -fly server en en cry pte pti d f on ile an d Key ACL control Hydra Key store INFSO-RI-508833 File ACL control 3. get SURL from GUID 4. request file an on im yz 5. get file key ati on SRM-DICOM interface User Interface AMGA Metadata Anonimization & encryption DICOM server EGEE User Forum: The g. Lite File Transfer Service 4
The DPM + LFC based proposal Enabling Grids for E-scienc. E • LFC – As a replacement to Fi. Re. MAN. • DPM – SRM v 2 implementation, will provide ACLs – ACLs are only controlling one physical replica on local site • Modifications to do – Interface GFAL with encryption § The interface with hydra is planed. Timeline? – Interface the DICOM server with DPM instead of d. Cache § Jean-Philippe and Daniel started discussing to check how feasible it is. – Provide a coherent file-level ACL control (not just replica-level) § as g. Lite. IO+Fireman does INFSO-RI-508833 EGEE User Forum: The g. Lite File Transfer Service 5
The DPM + LFC based proposal Enabling Grids for E-scienc. E • What we gain with the move to DPM / LFC – Apparently DPM is more modular than d. Cache. In a long term we should move to such an SRM implementation. – DPM is interesting for “any biomed storage” § MDM is just an example of one particular case (DICOM servers) § Other biomed data needs encryption/access control (e. g. some bioinformatics databases). • What is needed / has to be done – A coherent grid file-level ACL control mechanism is mandatory – Need to rework on the MDM – No interface with encryption today INFSO-RI-508833 EGEE User Forum: The g. Lite File Transfer Service 6
Hydra Key. Store Enabling Grids for E-scienc. E • Repository for encryption keys • Used in the Medical Data Manager (MDM) system • Provides fine-grained (entry-level) access control – Basic permissions and ACLs on entries – Get/Set permission methods – Functionality exposed using the FAS interface (as used by the Fi. Re. MAN and the g. Lite Metadata Interface) • Information being stored cipher, key, iv (initialization vector), keyinfo • Open Issues – Authorization: changes needed to match DPM/LFC? INFSO-RI-508833 JRA 1 All Hands Meeting, CERN
Delegation Interface Enabling Grids for E-scienc. E • How it is done (Initiator) DELEGATOR DELEGATEE (Target Service) Step 1 Proxy Certificate Request Step 2 Certificate Request Step 3 Certificate Request Step 4 Step 5 Sign New Proxy Certificate Existing Proxy / Private Key New Proxy Certificate • Interface defined in a WSDL document • What was in 1. 0 – Minimal functionality § get. Proxy. Req(String delegation. ID) § put. Proxy(String delegation. ID, String proxy) – Proxies stored in a filesystem INFSO-RI-508833 JRA 1 All Hands Meeting, CERN
Delegation Interface Enabling Grids for E-scienc. E • What is new in 1. 1 – Semantics defined for the delegation ID § If not given, then hash(client. DN, VOMSAttributes) – More functionality (matching GT 4 Delegation) § New. Proxy. Req get. New. Proxy. Req() == get. Proxy. Req() with clear delegation ID semantics § renew. Proxy. Req(String delegation. ID) § destroy(String delegation. ID) § get. Termination. Time(String delegation. ID) – Abstraction over proxy storage backends § filesystem and database backends are provided Filesystem Backend Database Backend (My. SQL) • Storage <dlgee-storage>/<client-dn>/<dlg-id>/usercert. pem <dlgee-storage>/<client-dn>/<dlg-id>/userkey. pem <dlgee-storage>/<client-dn>/<dlg-id>/voms. attributes <dlgee-storage>/<client-dn>/<dlg-id>/termination. time • CREATE TABLE t_credential ( dlg_id VARCHAR(100), dn VARCHAR(255), certificate TEXT, priv_key TEXT, voms_attrs TEXT, termination_time DATETIME); • Storage Cache • CREATE TABLE t_credential_cache ( dlg_id VARCHAR(100), dn VARCHAR(255), cert_request TEXT, priv_key TEXT, voms_attrs TEXT); <dlgee-storage-cache>/<client-dn>/<dlg-id>/userreq. pem <dlgee-storage-cache>/<client-dn>/<dlg-id>/userkey. pem <dlgee-storage-cache>/<client-dn>/<dlg-id>/voms. attributes INFSO-RI-508833 JRA 1 All Hands Meeting, CERN
Delegation Interface Enabling Grids for E-scienc. E • Current Implementations – JAVA (org. glite. security. delegation-service-java) – C/C++ in gridsite – CLI tools (org. glite. security. delegation-cli) – Included in g. Lite 3. 1 • Integration – Additional port. Type in the FTS § No code changes needed on the web service § Proxies stored in database to be picked up by agents • – CREAM Open Issues – Interoperability tests – DLGEE Key. Pair generation § Currently a new keypair for every request (expensive) § GT 4 shares the same key between different requests • Per process, regenerated periodically? – Proxy renewal service § But interface also allows explicit renewal by the client INFSO-RI-508833 JRA 1 All Hands Meeting, CERN
Скачать презентацию Enabling Grids for E-scienc E Encrypted Data Store
7eced6645a03fa085d2847b983de416d.ppt