Andrew Prout, Albert Reuther, Michael Houle, Michael Jones, Peter Michaleas, LaToya Anderson, William Arcand, Bill Bergeron, David Bestor, Alex Bonn, Daniel Burrill, Chansup Byun, Vijay Gadepally, Matthew Hubbell, Hayden Jananthan, Piotr Luszczek, Lauren Milechin, Guillermo Morales, Julie Mullen, Antonio Rosa, Charles Yee, Jeremy Kepner
{"title":"HPC with Enhanced User Separation","authors":"Andrew Prout, Albert Reuther, Michael Houle, Michael Jones, Peter Michaleas, LaToya Anderson, William Arcand, Bill Bergeron, David Bestor, Alex Bonn, Daniel Burrill, Chansup Byun, Vijay Gadepally, Matthew Hubbell, Hayden Jananthan, Piotr Luszczek, Lauren Milechin, Guillermo Morales, Julie Mullen, Antonio Rosa, Charles Yee, Jeremy Kepner","doi":"arxiv-2409.10770","DOIUrl":null,"url":null,"abstract":"HPC systems used for research run a wide variety of software and workflows.\nThis software is often written or modified by users to meet the needs of their\nresearch projects, and rarely is built with security in mind. In this paper we\nexplore several of the key techniques that MIT Lincoln Laboratory\nSupercomputing Center has deployed on its systems to manage the security\nimplications of these workflows by providing enforced separation for processes,\nfilesystem access, network traffic, and accelerators to make every user feel\nlike they are running on a personal HPC.","PeriodicalId":501422,"journal":{"name":"arXiv - CS - Distributed, Parallel, and Cluster Computing","volume":"10 1","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2024-09-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"arXiv - CS - Distributed, Parallel, and Cluster Computing","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/arxiv-2409.10770","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0
Abstract
HPC systems used for research run a wide variety of software and workflows.
This software is often written or modified by users to meet the needs of their
research projects, and rarely is built with security in mind. In this paper we
explore several of the key techniques that MIT Lincoln Laboratory
Supercomputing Center has deployed on its systems to manage the security
implications of these workflows by providing enforced separation for processes,
filesystem access, network traffic, and accelerators to make every user feel
like they are running on a personal HPC.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
