J Jensen
CCLRC RAL
Data Management AUZN(mostly about SRM though)
GGF 16, Athens
J Jensen <[email protected]>
J Jensen
CCLRC RAL
GIN!
“Gimme Interoperability Now!!”
SRB ISLAND SRM ISLAND
J Jensen
CCLRC RAL
SRB - IANASRBE• SRB is not SRM
– Different aims, different users– SRB provides its own Data Grid
• AUCN:– Username/password– GSI for S commands (if compiled in)– Define id mapping…
• Access control replicated with data– Group permissions
J Jensen
CCLRC RAL
SRM Overview
• SRM is a file control protocol
– GGF standard – GSM-WG
– SOAP/HTTP over GSI sockets
• Something else does the transfer
– WAN: Usually GridFTP
– LAN: “local” protocol (RFIO, DCAP,…)
J Jensen
CCLRC RAL
Implementations
• “Special” ones – for specific tape MSS
– JLAB, LBNL, CERN/RAL
• General purpose (usually to disk)
– DPM from CERN/LCG,
– dCache from DESY/FNAL,
– StoRM from INFN
J Jensen
CCLRC RAL
SRM Versions
• Designers:– “ACL not a major
priority”• Implementers:
– Listen to users (often)
• Users:– “ACL not a major
priority” (HEP)
• Version 1.1– Secure (GSI),
but…– No functions for
ACL• Version 2.1
– Unixy +rwxrwxrwx– …POSIX
J Jensen
CCLRC RAL
Implementations
provides
SRM
SRM1.1 SRM2.1
dCache YES Not seen yet
DPM YES YES
CASTOR1 YES NO
CASTOR2 NO YES
J Jensen
CCLRC RAL
File Transfer
Area
Implementation
LAN WAN
dCache DCAP GridFTP
DPM RFIO GridFTP
CASTOR RFIO GridFTP
J Jensen
CCLRC RAL
“Local” Protocols
• Traditional insecure versions…– Use Unix UID for authentication– No data confidentiality (encryption)
• Both RFIO and DCAP have GSI versions– Not always used by default– Need hostcerts for pool nodes– Don’t necessarily encrypt– GSI/SSL negotiations slow
J Jensen
CCLRC RAL
GridFTP Implementations
• Use GSI authentication
• Authorise by DN, using gridmap files
• Don’t encrypt data by default
– Or large transfers would be slow
J Jensen
CCLRC RAL
DPM 1.5 Improved Security
• Integrated access control in nameserver– GridFTP, SRM, RFIO: consistent ACL
• RFIO– GSI only – No Encryption
• Performance vs confidentiality• POSIX ACLs• VOMS
J Jensen
CCLRC RAL
StoRM Security
• Requires ACL capable filesystem
– GPFS (, ext3, ReiserFS,…)
• Being tested by INFN CNAF
J Jensen
CCLRC RAL
CASTOR 2 SRM
• Access control not implemented yet
• Will rely on CASTOR for ACL
J Jensen
CCLRC RAL
SRM Data Movers: Gaps
• Data movers must update ACLs when moving data– Support SRM 2.1– Some copy as user (delegated)– Some as a service
• Not quite trivial– Data movers don’t have special
privileges
J Jensen
CCLRC RAL
Back Doors?
• File written via Grid can sometimes be read with local protocol
– Or via SRM 1.1?
• Privileged (root/admin) access
– Storage Filename is often “random”
– Rarely a concern
J Jensen
CCLRC RAL
Conclusions
• GIN: Two Islands – SRM and SRB
• WAN protocols secure (sort of)
– But no data encryption by default
• Increasingly, LAN protocols are secured
• Implementations are available (sort of)
– SRM 1.1 is still widely used