J Jensen

CCLRC RAL

Data Management AUZN(mostly about SRM though)

GGF 16, Athens

J Jensen <j.jensen@rl.ac.uk>

J Jensen

CCLRC RAL

GIN!

“Gimme Interoperability Now!!”

SRB ISLAND SRM ISLAND

J Jensen

CCLRC RAL

SRB - IANASRBE• SRB is not SRM

– Different aims, different users– SRB provides its own Data Grid

• AUCN:– Username/password– GSI for S commands (if compiled in)– Define id mapping…

• Access control replicated with data– Group permissions

J Jensen

CCLRC RAL

SRM Overview

• SRM is a file control protocol

– GGF standard – GSM-WG

– SOAP/HTTP over GSI sockets

• Something else does the transfer

– WAN: Usually GridFTP

– LAN: “local” protocol (RFIO, DCAP,…)

J Jensen

CCLRC RAL

Implementations

• “Special” ones – for specific tape MSS

– JLAB, LBNL, CERN/RAL

• General purpose (usually to disk)

– DPM from CERN/LCG,

– dCache from DESY/FNAL,

– StoRM from INFN

J Jensen

CCLRC RAL

SRM Versions

• Designers:– “ACL not a major

priority”• Implementers:

– Listen to users (often)

• Users:– “ACL not a major

priority” (HEP)

• Version 1.1– Secure (GSI),

but…– No functions for

ACL• Version 2.1

– Unixy +rwxrwxrwx– …POSIX

J Jensen

CCLRC RAL

Implementations

provides

SRM

SRM1.1 SRM2.1

dCache YES Not seen yet

DPM YES YES

CASTOR1 YES NO

CASTOR2 NO YES

J Jensen

CCLRC RAL

File Transfer

Area

Implementation

LAN WAN

dCache DCAP GridFTP

DPM RFIO GridFTP

CASTOR RFIO GridFTP

J Jensen

CCLRC RAL

“Local” Protocols

• Traditional insecure versions…– Use Unix UID for authentication– No data confidentiality (encryption)

• Both RFIO and DCAP have GSI versions– Not always used by default– Need hostcerts for pool nodes– Don’t necessarily encrypt– GSI/SSL negotiations slow

J Jensen

CCLRC RAL

GridFTP Implementations

• Use GSI authentication

• Authorise by DN, using gridmap files

• Don’t encrypt data by default

– Or large transfers would be slow

J Jensen

CCLRC RAL

DPM 1.5 Improved Security

• Integrated access control in nameserver– GridFTP, SRM, RFIO: consistent ACL

• RFIO– GSI only – No Encryption

• Performance vs confidentiality• POSIX ACLs• VOMS

J Jensen

CCLRC RAL

StoRM Security

• Requires ACL capable filesystem

– GPFS (, ext3, ReiserFS,…)

• Being tested by INFN CNAF

J Jensen

CCLRC RAL

CASTOR 2 SRM

• Access control not implemented yet

• Will rely on CASTOR for ACL

J Jensen

CCLRC RAL

SRM Data Movers: Gaps

• Data movers must update ACLs when moving data– Support SRM 2.1– Some copy as user (delegated)– Some as a service

• Not quite trivial– Data movers don’t have special

privileges

J Jensen

CCLRC RAL

Back Doors?

• File written via Grid can sometimes be read with local protocol

– Or via SRM 1.1?

• Privileged (root/admin) access

– Storage Filename is often “random”

– Rarely a concern

J Jensen

CCLRC RAL

Conclusions

• GIN: Two Islands – SRM and SRB

• WAN protocols secure (sort of)

– But no data encryption by default

• Increasingly, LAN protocols are secured

• Implementations are available (sort of)

– SRM 1.1 is still widely used