ABSTRACT
Arcutek will develop a security service called "HEAP" or "HPC Evaluation And Plan" as a complete configuration of security solutions for connection, file ingress/egress, compute, data-at-rest and other infrastructure areas. Security for HPC environments is complex and requires a holistic approach to identify, protect, detect, respond and recover from security events. Some vendor-specific guides are available through the National Institute of Standards and Technology and the Center for Internet Security, but no government or industry plan completely encompasses the security of HPC architecture. We endeavor to research common off the shelf products and open source tools which would bring HPC components into compliance with the NIST 800-53A Revision 4 and the "Security Controls Catalog and Assessment Procedures."[1]
- National Institute of Standards and Technology Special Publication 800-53A Revision 4, Assessing Security and Privacy Controls in Federal Information Systems and Organization. 2014-12. Accessed: 2018-06-01. Google ScholarDigital Library
- High-Performance Computing Security Workshop: 2018. https://www.nist.gov/news-events/events/2018/03/high-performance-computing-security-workshop Accessed: 2018- 06- 01.Google Scholar
- PILLITTERI, V., NIST Risk Management Framework Overview. 2018-03-28. https://www.nist.gov/sites/default/files/documents/2018/03/28/vickie_nist_risk_management_framework_overview-hpc.pdfGoogle Scholar
- Security Controls and Assessment Procedures for Federal Information Systems and Organizations Control Families. 2014-12. https://nvd.nist.gov/800-53/Rev4 Accessed: 2018- 06- 01.Google Scholar
- Access Control Family. 2014-12. https://nvd.nist.gov/800-53/Rev4/family/Access%20Control Accessed: 2018- 06- 01.Google Scholar
- A Free, Flexible, and Secure Way To Provide Multiple Factors of Authentication to Your Community. https://www.tacc.utexas.edu/-/a-free-flexible-and-secure-way-to-provide-multiple-factors-of-authentication-to-your-community Accessed: 2018- 06- 01.Google Scholar
- Galaxy. The Galaxy Project. 2018 https://www.usegalaxy.org/Google Scholar
- OSC OnDemand. Ohio Supercomputer Center. 2018. https://www.osc.edu/supercomputing/portalsGoogle Scholar
- National Institute of Standards and Technology Special Publication 800-30 Revision 1, Guide for Conducting Risk Assessments. 2014-09. Accessed: 2018-06-01.Google Scholar
- Security Content Automation Protocol. https://csrc.nist.gov/Projects/Security-Content-Automation-Protocol/SCAP-Content Accessed: 2018-06-01.Google Scholar
- National Vulnerabilities Database, The National Checklist Program Repository. https://nvd.nist.gov/ncp/repository?scap_Accessed: 2018-06-01.Google Scholar
- Open-Scap. Red Hat Incorporated. 2018. https://www.open-scap.org/download/Google Scholar
- NSF America's Seed Fund SBIR STTR. https://seedfund.nsf.gov/ Accessed: 2018-06-01.Google Scholar
Index Terms
- High Performance Computing Evaluate And Plan
Recommendations
A secure communications infrastructure for high-performance distributed computing
HPDC '97: Proceedings of the 6th IEEE International Symposium on High Performance Distributed ComputingApplications that use high-speed networks to connect geographically distributed supercomputers, databases, and scientific instruments may operate over open networks and access valuable resources. Hence, they can require mechanisms for ensuring integrity ...
Evaluating parameter sweep workflows in high performance computing
SWEET '12: Proceedings of the 1st ACM SIGMOD Workshop on Scalable Workflow Execution Engines and TechnologiesScientific experiments based on computer simulations can be defined, executed and monitored using Scientific Workflow Management Systems (SWfMS). Several SWfMS are available, each with a different goal and a different engine. Due to the exploratory ...
A strengthening plan for enterprise information security based on cloud computing
Cloud computing environment came about in order to effectively manage and use enormous amount of data that have become available with the development of the Internet. Cloud computing service is widely used not only to manage the users' IT resources, but ...
Comments