Authors: Catherine Hinton (Los Alamos National Laboratory), Aron Warren (Sandia National Laboratories), Ian Lee (Lawrence Livermore National Laboratory), Marc Santoro (Los Alamos National Laboratory), John Allen (Lawrence Livermore National Laboratory), Justin Mercer (Sandia National Laboratories)
Abstract: Applying security standards, configurations and policies originally designed for servers or workstations to something as functionally different as a supercomputing cluster can be a frustrating task. With rigorous interpretation, such efforts often present obstacles to approving a “functional” system, typically paint an inaccurate picture of the actual security posture of a given cluster, and always seem to involve large-scale exceptions to address misapplication. This meeting will consist of short presentations from three Department of Energy HPC centers; each one representing a unique perspective on methods used to meet a set of cybersecurity requirements in order to deliver mission critical systems.
Long Description: The goal of the BoF is to engage the community to discuss methods used on
HPC clusters to meet and address various security standards and regulations. All of the widely
accepted and leveraged standards in use today were designed with server or workstation-type
computing devices in mind. Many industries that have, or intend to incorporate, HPC clusters
in their environment, will be expected to apply these security configurations in order to meet
regulatory requirements. Attempting to apply security configurations that are not designed for
large scale, highly integrated, parallel computing systems could be detrimental to a business’s
use case; and even prevent the interoperability of the cluster. The session leaders for this BoF
have combined decades of experience and expertise in this area. The Department of Energy
National Labs represented are Sandia National Laboratories, Los Alamos National Laboratory,
and Lawrence Livermore National Laboratory. Hear how we interpret configuration standards, such as STIG or CIS in order to meet compliance controls as interpreted by NIST, HIPAA, and CNSS. Our intention is to attract an audience that is currently dealing with this problem of securing HPCs, to foster a community to discuss challenges and potential solutions that can be shared both during the BoF and at a later date. The expected outcome is to initiate engagement and develop a working group that can continue to collaborate and possibly engage the organizations that are developing regulations and national standards.
URL:
Back to Birds of a Feather Archive Listing