Security in Data Intensive Computing

Panel Chair: Dr. David Black, EMC Corp., USA

This section covers a spectrum of data security topics relevant to high performance computing, including:

• Possible differences in security requirements for transient data usage within a computational cluster vs. longer term storage.
• Opportunities to take advantage of security features being driven into commercial products by highly publicized thefts of personal data and regulatory compliance requirements.
• The impact of the increasing importance of long term storage of data on security requirements and application of security technology that has historically focused on communication.

On these and other topics, panelists will offer their views on the most important gaps that need to be addressed to meet the security needs of high performance computing sites and steps that can/should be taken to motivate more, or more in depth, effort to address these gaps.

Questions:

• Are there differences in security requirements for transient data usage within a computational cluster vs. longer term storage? If so, what are the differences? Do they lead to opportunities to apply stronger security mechanisms to longer term storage without getting in the way of high-performance computing usage of that data? If so, how?
• Are there opportunities to leverage commercial security developments (e.g., systems that provide regulatory compliance assurance that data cannot be deleted or modified) for the information security requirements of high performance computing sites? If so, where and where are the remaining gaps? To what extent are these gaps specific to classified information vs. gaps that will be addressed in future commercial products?
• How does the increasing importance of long term storage of data affect security requirements and application of communication-centric technology? What are the opportunities for application of commercial developments in security for stored data to high performance computing sites?
• Given commercial security developments in these and other areas, what are the most important gaps that need to be addressed to meet the security needs of high performance computing sites? What can/should the high performance computing site do to motivate more, or more in depth, effort to address these gaps?