Upload File

meet ben & irods 4posting - paul evans

27
BUILDING A DAM SECURE FILE SYSTEM WITH Paul Evans principal architect daystrom technology group

Upload: vukhanh

Post on 30-Dec-2016

213 views

Category:

Documents


0 download

Report

TRANSCRIPT

Page 1: Meet Ben & iRODS 4Posting - Paul Evans

BUILDING A DAM SECURE FILE SYSTEM WITH

Paul Evansprincipal architect

daystrom technology group

Page 2: Meet Ben & iRODS 4Posting - Paul Evans

BENLET’S MEET…

Page 3: Meet Ben & iRODS 4Posting - Paul Evans

BEN…

IT M

AN

AG

ER*D

AM

TH

INKE

R

O C C A S I O N A LS L E E P E R

* D I G I TA L A S S E T M A N AG E M E N T

Page 4: Meet Ben & iRODS 4Posting - Paul Evans

OPERATIONAL REALITY

BUSINESSEXPECTATIONS

WHY DOESN'T BEN SLEEP MUCH?

Page 5: Meet Ben & iRODS 4Posting - Paul Evans

‘DRIVERS’ OF THE CHAOS(DATA)

Page 6: Meet Ben & iRODS 4Posting - Paul Evans

indeed, we love data…

we’re good at generating more and more, but…

( we never seem to throw any of it out )

arrivingtoo

FAST

too manyVARIANTS

tooMUCHData

Page 7: Meet Ben & iRODS 4Posting - Paul Evans

BEN’S ‘DATA’ CONCERNS….

INVENTORY

PLACEMENT & PERFORMANCE

EFFICIENCY

SECURITY

Page 8: Meet Ben & iRODS 4Posting - Paul Evans

INVENTORY

➡ WHAT DO WE HAVE➡ WHERE IS IT➡ WHO TOUCHED IT➡ WHEN SHOULD IT LEAVE

098q0987qwer987ads;lk ap8dfpasuptvpqweunqev;tjqwetvoij

098q0987qwer987ads;lk ap8dfpasuptvpqweunqev;tjqwetvoij

098q0987qwer987ads;lk ap8dfpasuptvpqweunqev;tjqwetvoij

098q0987qwer987ads;lk ap8dfpasuptvpqweunqev;tjqwetvoij

098q0987qwer987ads;lk ap8dfpasuptvpqweunqev;tjqwetvoij

Page 9: Meet Ben & iRODS 4Posting - Paul Evans

PLACEMENT / PERFORMANCE

MULTI-SITE MANGEMENTDISTRIBUTED PROCESSINGLIMITED BANDWIDTH

PROCESSING > FAST STORAGEIDLE DATA > DURABLE STORAGE

Page 10: Meet Ben & iRODS 4Posting - Paul Evans

EFFICIENCY

COST TIME TOACCESS

CEOEASY INVISIBLE

Page 11: Meet Ben & iRODS 4Posting - Paul Evans

WHY THE SECURITY FOCUS?

“THE HACK OF THE

CENTURY”

Page 12: Meet Ben & iRODS 4Posting - Paul Evans

SECURITY

BOUNDARIES

TRUST

MACHINE ATTACKS

Page 13: Meet Ben & iRODS 4Posting - Paul Evans

TRUSTIDENTIFYING‘BAD ACTORS’

VIA MULTIFACTORAUTHENTICATION

ID / PASSWORDTOKEN INHERENCEGEO-LOCATION

Page 14: Meet Ben & iRODS 4Posting - Paul Evans

BOUNDARIES: POUROUS

Page 15: Meet Ben & iRODS 4Posting - Paul Evans

ADVANCED MACHINERYFA

STSC

ALAB

LEAT

TAC

KS

Page 16: Meet Ben & iRODS 4Posting - Paul Evans

WHAT SHOULD BEN DO?

Page 17: Meet Ben & iRODS 4Posting - Paul Evans

DAM SECURE !

iRODS iCATKEYMANAGER

THREATANALYTICS

SECURE FACILITY

DECRYPTIONGATEWAY

DECRYPTIONCLIENT

DECRYPTIONCLIENT

ENCRYPTEDDATA SERVER

ENCRYPTEDDATA SERVER

ENCRYPTEDDATA SERVER

SECURE FACILITY

TLS

MUTIFACTORAUTH

Page 18: Meet Ben & iRODS 4Posting - Paul Evans

DAM SECURE INVENTORY POLICY-BASED INGEST INGEST

PORTAL

C4 ID

COMPRESS / ENCRYPT

ENCRYPTEDPRODUCTION

STORAGE

ENCRYPTEDPRODUCTION

STORAGEKEY

MANAGER

iRODS iCATRELIABLE INVENTORY

SECURE PROVENANCE

(WHAT & WHERE)

CENTRAL METADATA

(WHO & WHEN)

Page 19: Meet Ben & iRODS 4Posting - Paul Evans

DAM SECURE PLACEMENT & PERFORMANCE

site

one

ENCRYPTEDPRODUCTIONSTORAGE

ENCRYPTEDARCHIVESTORAGE

PROCESSING

INGESTPORTAL

site

two

ENCRYPTEDPRODUCTIONSTORAGE

ENCRYPTEDARCHIVESTORAGE

PROCESSING

INGESTPORTAL

Page 20: Meet Ben & iRODS 4Posting - Paul Evans

SECURITY: SPOT BAD ACTORS

iRODS iCATKEYMANAGER

THREATANALYTICS

MUTIFACTORAUTH

Page 21: Meet Ben & iRODS 4Posting - Paul Evans

SECURITY: NO BOUNDARIES

SECURE FACILITY

DECRYPTIONGATEWAY

DECRYPTIONCLIENT

DECRYPTIONCLIENT

ENCRYPTEDDATA SERVER

ENCRYPTEDDATA SERVER

ENCRYPTEDDATA SERVER

SECURE FACILITY

TLS

SELF-DEFENDINGPORTABLE DATA

Page 22: Meet Ben & iRODS 4Posting - Paul Evans

SECURITY: VS MACHINES

iRODS iCATKEYMANAGER

THREATANALYTICS

MUTIFACTORAUTH

Page 23: Meet Ben & iRODS 4Posting - Paul Evans

DAM SECURE EFFICIENCY

site1 site2 site3

$$$ $$$$$

ENCRYPTEDPRODUCTION

STORAGE

ENCRYPTEDIDLE

STORAGE

ENCRYPTEDIDLE

STORAGEiRODS iCAT

ENCRYPTEDPRODUCTION

STORAGE

Page 24: Meet Ben & iRODS 4Posting - Paul Evans

BEN HAS NO (DATA) WORRIES!

INVENTORY

PLACEMENT & PERFORMANCE

EFFICIENCY

SECURITY

Page 25: Meet Ben & iRODS 4Posting - Paul Evans

BEN IS HAPPY THANKS TO:

technology grouptechnology group

Page 26: Meet Ben & iRODS 4Posting - Paul Evans

LINKS• iRODS Data Management: pixspan.com/medical_imaging.php

• Daystrom Integration: daystrom.com/technical-expertise/data-grids.html

• HGST Storage: hgst.com/company/resources/hgst-erasure-coding-and-self-protecting-technology

• C4 ID: etcentric.org/wp-content/uploads/2015/09/C4-ID-ETC-Whitepaper.pdf

• Pixspan Compression: pixspan.com/medical_imaging.php

• FireEye TAP: fireeye.com/products/threat-analytics-platform.html

http://www.pixspan.com/medical_imaging.php
http://www.daystrom.com/technical-expertise/data-grids.html
https://www.hgst.com/company/resources/hgst-erasure-coding-and-self-protecting-technology
http://www.etcentric.org/wp-content/uploads/2015/09/C4-ID-ETC-Whitepaper.pdf
http://www.pixspan.com/medical_imaging.php
https://www.fireeye.com/products/threat-analytics-platform.html
Page 27: Meet Ben & iRODS 4Posting - Paul Evans

UGM2016

Paul Evansprincipal architect

[email protected]

technology grouptechnology group


Production Data Grids SRB - iRODS

DDN & iRODS · DDN & iRODS iRODS User Group Meeting Cambridge, MA June 18, 2014 David Martin WOS Product Line Manager

iRODS Tutorial I. Getting Started

iRODS Tutorial II. Data Grid Administration

iRODS Tutorial Data Grid Administration

Big Data is today: key issues for big data - Dr Ben Evans

Introduction to iRODS

Matthew Kelleher RedEye and Ben Hart Evans Cycles

ODSC and iRODS

SRM- iRODS Interface Development

Tech-Talk: iRods

Java Core | Modern Java Concurrency | Martijn Verburg & Ben Evans

The iRODS-GridFTP DSI - GlobusWorld€¦ · Presented at GlobusWorld 2015 by Dan Bedard Executive Director, iRODS Consortium April 14-15, 2015 The iRODS-GridFTP DSI (GlobusWorld 2015)

iRODS · 10/6/2015  · Use Cases with iRODS and CiGri at CIMENT. Bruno Bzeznik, Université Joseph Fourier-Grenoble • iRODS in Complying with Public Research Policy. Vic Cornell,

SRB and iRODS @ CC-IN2P3

Integration of iRODS data workflows in an extensible HTTP ...Antonio-Cineca...Integration of iRODS data workflows in an extensible HTTP REST API framework iRODS UGM 2019 Mattia D’[email protected]

The Development of a Native Cross-Platform iRODS GUI Client · 2020. 8. 21. · iRODS Clients I iRODS has many di erent (kinds of) client applications I The reference implementation

iRODS& Workflows&&&Beyond&

iRODS: A Rule Oriented Data ManagementSystem

iRODS Tutorial II. Data Grid Administration

Enterprise iRODS (E-iRODS) Manual

I Upgraded iRODS And I John Constable Upgraded iRODS And I Still Have All My Hair John Constable [email protected] Background Wellcome Trust Sanger Institute has had iRODS

Building the iRODS Consortium

IRODS Executive Overview Summer 2014 Edition June 18, 2014 iRODS Executive Overview (Summer 2014)1

IRODS workshop, September 26-28 2012 , Link öping (Sweden) iRODS Workshop introduction

iRODS and Large-Scale Data Management

Academic Workflows with iRODS FINAL

Ben Evans SPEDDEXES 2014

Development of the irods rados plugin @ iRODS User group meeting 2014

iRODS usage at CC-IN2P3

iRODS UGM 2016 Preso Summary FINAL

Ben Evans Photography Art Portfolio

DTM a lightweight computing virtualization system based on iRODS · 2020-06-20 · DTM a lightweight computing virtualization system based on iRODS IRODS User Group Meeting, Tucson,

iRODS Tutorial Rules and Microservices

IRODS workshop, September 26-28 2012 , Link öping (Sweden) iRODS Workshop users needs summary