4th EGEE User Forum/OGF 25 and OGF Europe's 2nd International Event
Le Ciminiere, Catania, Sicily, Italy
-
-
Basic Introduction to EGEE and Grid Computing - OBS! At the University!¶ University of Catania (Department of Physics and Astronomy)
University of Catania
Department of Physics and Astronomy
University of CataniaThe purpose of this session is to provide a high level introduction to Grid Technology and how this is applied to the EGEE grid. The session will also include a short demo, submitting jobs to EGEE using the P-Grade portal.
The course will be assume that the participants have no prior knowledge of Grid Compuitng, giving them a basic idea of the concepts of Grids, and their importance in providing large processing facilities for furthering e-Science projects.
This session is an accompaniment to the 4th EGEE User Forum which takes place in Catania 2-6 march 2009.
For more informatin and registration, please go to: http://indico.cern.ch/conferenceDisplay.py?confId=48867
-
Distributed data access and management with OGSA-DAI¶ Leopardi (50)
Leopardi (50)
Le Ciminiere, Catania, Sicily, Italy
Viale Africa 95100 CataniaDistributed data access and management with OGSA-DAI (1/2) (90 mins)
Mike JacksonThis session provides a comprehensive overview of a powerful solution for distributed data access, management and integration - OGSA-DAI - and how it can be used to solve data-related problems in both enterprise and research contexts. An overview of OGSA-DAI is given as well as the
latest work on increasing OGSA-DAI's power via distributed query processing and SQL view definition. It describes the relationship of OGSA-DAI to OGF's work on data access and integration standards - WS-DAI - and how such specifications provide a way of exposing OGSA-DAI's
functionality in a more usable format and lends itself to
inter-operability and integration with other service-oriented technologies.
This session provides a comprehensive overview of a powerful solution for distributed data access, management and integration - OGSA-DAI - and how it can be used to solve data-related problems in both enterprise and research contexts. An overview of OGSA-DAI is given as well as the
latest work on increasing OGSA-DAI's power via distributed query processing and SQL view definition. It describes the relationship of OGSA-DAI to OGF's work on data access and integration standards - WS-DAI - and how such specifications provide a way of exposing OGSA-DAI's
functionality in a more usable format and lends itself to
inter-operability and integration with other service-oriented technologies.Target audience: software developers, technical leaders
OGSA-DAI is OMII-UK's Grid data access and integration middleware product. Participants will learn about the problem space where OGSA-DAI sits as well as:
- How it can be used to achieve common data access and integration scenarios.
- How it offers a powerful solution for data access and integration scenarios by combining services with an underlying workflow engine.
- How OGSA-DAI can be used to develop well-defined services for data manipulation, with reference to WS-DAI.
By the end of the session, participants will have a good understanding of key features of OGSA-DAI, the problems it is designed to solve, and see how to reap the benefits of deploying in their projects. Examples of both research and business applications will be used.
Agenda:
OGSA-DAI- OGSA-DAI project
- Distributed data management scenarios
- Possible solutions
- OGSA-DAI and workflows
- Realising the scenarios
- OGSA-DAI and security
- Extending OGSA-DAI's power via SQL views and DQP
- Concealing workflows behind facades
- Standards, WS-DAI and OGSA-DAI
-
Elastic Management of a Grid Computing Service with OpenNebula and Amazon EC2¶ Michelangelo (120)
Michelangelo (120)
Le Ciminiere, Catania, Sicily, Italy
Viale Africa 95100 CataniaElastic Management of a Grid Computing Service with OpenNebula and Amazon EC2 (90 mins)
The goal of this tutorial is to provide a global overview of the process of installing, configuring and deploying a typical computing element of a Grid site using a private cloud. The tutorial will focus on three key aspects when managing a virtual infrastructure, namely: image management, networking and hypervisors. Additionally the tutorial will address the scale-out of the Grid site by allocating extra capacity on the Amazon EC2. The tutorial is based in open source cloud components and includes hands-on exercises.
CONTENTS:-
Overview of Grid & Cloud Technologies. This section briefly reviews the main characteristics and goals of the Cloud & Grid technologies and presents the challenges of deploying a Grid site (or a part of it) in a Cloud. Finally the main tools used in this tutorial are presented.
-
Configuring your site. This section will outline the philosophy of OpenNebula and details different configuration approaches for a private cloud. Finally the main OpenNebula subsystems are described and hints on extending and adapting them are provided.
-
Using OpenNebula. Here we describe the CLI tools and API to interact with OpenNebula, in particular we will review the interface to manage physical hosts, virtual networks and virtual machines.
-
Virtualizating a Grid Computing Element. In this part we will virtualized the components of a typical Grid computing service. In particular, specific aspects on image contextualization and networking will be discussed.
-
Scale-out of your Computing Element with Amazon EC2. The tutorial ends with the scale out of the previous site to Amazon EC2. Specific networking and configuration issues are described.
SKILLS GAINED
- Describe the features and benefits of using virtualization and clouds.
- Describe different architectures for a private cloud that can be deployed with OpenNebula.
- Install and basic configure OpenNebula.
- Manage cluster nodes, virtual networks and virtual machines.
- Understand the challenges of deploying an application in the cloud.
- Deploy a Grid Computing Element in the Cloud.PREREQUISITES
User level knowledge and skills in Unix or Linux systems . The course includes hands-on exercises to be performed using attendee's laptops.
Agenda:
AGENDA:
1. Overview of Grid & Cloud Technologies.
2. Configuring your site.
4. Using OpenNebula.
5. Virtualizating a Grid Computing Element.
6. Scale-out of your Computing Element with Amazon EC2. -
-
Introducing Desktop Grids and integration with Service Grids such as EGEE¶ Donatello (40)
Donatello (40)
Le Ciminiere, Catania, Sicily, Italy
Viale Africa 95100 CataniaIntroducing Desktop Grids and integration with Service Grids such as EGEE (90 mins)
Ad Emmen, Peter KacsukGrids? Clouds? Computer infrastructure on-demand! Computers grow older while you watch them Each second you do not use your computer is a second lost forever. You cannot "save" hard disk space for later if you do not use it. A computer at home or in the office, costs money and uses energy.
On the other hand - do not have enough computer power or disk space - when you need it, can be just as bad. Suppose you are a small company and you just did introduce a
new computer based service that does extremely well beyond all expectations and you get thousands of new customers all accessing your system that is too small to handle
it. By the time you ordered and installed new computers, your customers are already gone, disappointed with your service.But advanced computing techniques, with exotic names as Grid computing and Cloud computing now enable a computer infrastructure on-demand. This can be applied in science and industry.
This tutorial focuses on Desktop Grid computing put in context of computer infrastructure on-demand. The concepts and most important software projects will be described, including BOINC, XtremWeb and EDGeS. Comparisons with commercial Desktop Grid software, such as GridMP, LSF Desktop, will be made.
It will be shown how Desktop Grids works and how a BOINC Grid and an XtremWeb Grid can be set up.
Desktop Grids will be compared to Service Grids, such as EGEE, and an introduction will be given into the EDGeS Grid infrastructure that connects both types of Grids with Bridges. The tutorial will explain what to do if you want to extend an EGEE VO with volunteer or local Desktop Grids or you want to connect your Desktop Grid to EGEE in order to get resources from EGEE.
Target Audience:
Persons considering setting up a Desktop Grid, or using it for applications. Grid experts that are new to Desktop Grids. Representatives of EGEE VO communities that would like to extend their EGEE resources with connected Desktop Grids. Representatives of Desktop Grids who would like to connect their Desktop Grid to EGEE via the EDGeS infrastructure.
Lecturers
Ad Emmen CV: Ad Emmen studied physics at the university of Nijmegen. He has been active in Hihg-performance computing, and later Grid computing for more than 25 years. Currently he is director of AlmereGrid, the first cityGrid in the world, and has extensive knowledge of operating Desktop Grids, using BOINC, XtremWeb and LSF Desktop technology. He is involved in the EDGeS project (http://EDGeS-grid.eu). Ad Emmen is Member of the Board of Gridforum Netherlands. He is editor of EnterTheGrid Primeur magazine, and Virtual Medical Worlds Magazine. Apart from HPC and Grids, he is also interested in XML technology and knowledge management. He developed the knowledge base on European e-Infrastructures for the e-IRGSP(2) project. http://AlmereGrid.nl http://EDGeS-grid.eu http://knowledgebase.e-irg.eu Peter Kacsuk CV: Peter KACSUK is the Head of the Laboratory of Parallel and Distributed Systems in MTA SZTAKI Computer and Automation Research Institute of the Hungarian Academy of Sciences. He received his MSc and university doctorate degrees from the Technical University of Budapest in 1976 and 1984, respectively. He received the kandidat degree (equivalent to PhD) from the Hungarian Academy in 1989. He habilitated at the University of Vienna in 1997. He recieved his professor title from the Hungarian President in 1999 and the Doctor of Academy degree (DSc) from the Hungarian Academy of Sciences in 2001. He has been a part-time full professor at the Cavendish School of Computer Science of the University of Westminster and the Eötvös Lóránd University of Science Budapest since 2001. He has published two books, two lecture notes and more than 200 scientific papers on parallel computer architectures, parallel software engineering and Grid computing. He is co-editor-in-chief of the Journal of Grid Computing published by Springer. He is the coordinator of the EDGeS project. http://www.lpds.sztaki.hu/index.php?menu=about&submenu=staff&&load=staff.php http://www.cpc.wmin.ac.uk/cpcsite/index.php/Staff -
Metascheduling architectures for NGIs¶ Da Vinci (120)
Da Vinci (120)
Le Ciminiere, Catania, Sicily, Italy
Viale Africa 95100 CataniaMetascheduling architectures for NGIs (90 mins)
I. M. Llorente (UCM) and E. Huedo (UCM)This session will provide a forum for representatives of grid infrastructures using GridWay to present their experiences, architectures and results.
Representatives of other infrastructures would learn the benefits of GridWay in building NGIs.
The focus would be on the use of GridWay in enterprise, regional, national or international infrastructures to highlight its benefits for current or future NGIs, especially in terms of flexibility and interoperation capabilities.
We are inviting representatives of some grid infrastructures using GridWay to present their experiences, results and GridWay-based architectures.
We will invite representatives of APAC Grid, D-Grid, AstroGrid-G, UK e-Science, TeraGrid, Spanish NGI, PRAGMA, CRO-Grid, UABGrid, TIGRE, SURAgrid, ThaiGrid or GARUDA.
We have confirmed the participation of representatives from the Spanish NGI, UABGrid (US), SURAgrid (US) and KIAE Grid (Russia).
Agenda:
1. State and future plans of the GridWay Metascheduler (10 minutes)
2. Presentation of selected infrastructures (60 minutes)
3. Open discussion (20 minutes) -
OGF Standards Adoption Track: UNICORE 6 Grid Middleware¶ Galilei (120)
Galilei (120)
Le Ciminiere, Catania, Sicily, Italy
Viale Africa 95100 CataniaOGF Standards Adoption Track: UNICORE 6 Grid Middleware (90 mins)
Morris Riedel, Achim StreitThis session will highlight the numerous open standards implemented within the open source UNICORE 6 Grid middleware. Although UNICORE 6 is majorly driven by High Performance Computing (HPC), it can also be used in typical Grid setups that take advantage of the use of High Throughput Computing (HTC). The session also provides pieces of information of how open source developers can contribute with their own solutions to the UNICORE technology.
Agenda:
(1)
Introduction to UNICORE 6(2)
Open Standards Adoption in UNICORE 6(3)
UNICORE 6 Developer Community at SourceForge -
OGF-Europe Tutorial: Managing Computational Activities on the Grid - from Specifications to Implementation¶ Caravaggio (120)
Caravaggio (120)
Le Ciminiere, Catania, Sicily, Italy
Viale Africa 95100 CataniaOGF-Europe Tutorial: Managing Computational Activities on the Grid - from Specifications to Implementation (1/2) (90 mins)
Sergio Andreozzi, Balazs Konya, Morris RiedelThis OGF-Europe tutorial will explore how current and upcoming OGF standards have made the interoperable submission, monitoring and controlling of computational activities in Grid systems a feature of Grid middleware.
Tutorial participants will gain new knowledge on a series of key specifications: BES (Basic Execution Service), JSDL (Job Submission Description Language), HPC Extensions (High-Performance Computing), GLUE (an information model for Grid resources).
Participants will learn about the on-going implementation work by leading European middleware providers.
Specific takeaways include insight into BES, JSDL, HPC extensions and GLUE standards, application scenarios, design choices and technical challenges for the transition from specifications to implementation.
Target audience: Grid developers and Grid advanced end-users
Agenda:
Agenda:
- General introduction
- Introducution to Job submission
-- Scenarios
-- Job management before OGF standards
- OGF Standards for Job Management
-- JSDL - B. Konya
-- HPC Extensions to JSDL - B. Konya
-- OGSA-BES - A. Konstantinov
-- GLUE
- Implementation of standards and extension to them
- Security aspects
- Exercises -
Transition towards EGI Workshop¶ Dante (550)
Dante (550)
Le Ciminiere, Catania, Sicily, Italy
Viale Africa 95100 CataniaTransition towards EGI workshop (1/2) (90 mins)
Dr. Ludek MatyskaThis workshop will start with the overview of the state of EGI, its state and expected form and will focus on the processes associated with the transition from EGEE and other existing Grid infrastructures into the EGI model in Europe; it will also touch the international (outside Europe) dimension and interaction. The workshop will be the best opportunity to provide feedback on these plans as expressed in the EGI transition Deliverable that will be available for public comments approximately one week before the workshop. The workshop will be composed from presentations of the EGI_DS team and we also plan to invite users and representatives of especially non European Grid infrastructures to explicitly share their views and expectations, as well as eventual worries.
Convener: Klaus Ullmann (DFN)- 1
- 2
- 3
-
4
Discussion¶
-
Usage Control for Next Generation Grids¶ Raffaello (80)
Raffaello (80)
Le Ciminiere, Catania, Sicily, Italy
Viale Africa 95100 CataniaUsage Control for Next Generation Grids (1/2) (90 mins)
Alvaro Arenas (STFC RAL, UK); Lorenzo Blasi (HP, Italy); Giovanni Cortese (Interplay, Italy); Bruno Crispo (VUA, Netherlands, and Univ. Trento, Italy); Fabio Martinelli (CNR, Italy); Philippe MassonetUsage control is an authorisation framework that extends traditional access control by controlling data access as well as usage. This tutorial presents how to model and implement usage control for Grids. The tutorial comprises five parts: an introduction to the usage control model; an OGSA-based architecture for usage control; usage control policies in XACML; an alternative policy language for usage control in Grids; and two case studies showing the application of usage control in Grid systems
The “Usage Control for Next Generation Grids” tutorial consists of the following six talks:Usage Control for Grids.
The usage control model (UCON) is a new access control paradigm proposed by Park and Sandhu that encompasses and extends different existing models. Its main novelty, in addition to the unification view, is based on continuity of usage monitoring and mutability of attributes. This talk introduces the usage control model and highlights the challenges in controlling resource usage in Grid systems.An Architecture for Usage Control in Grids.
This talk describes an OGSA-based architecture for implementing usage control for Grids. The architecture has been developed in the EU GridTrust project, extending the current Grid Security Infrastructure (GSI) to deal with usage control.Usage Control Policies in XACML.
XACML is the standard language for access control in distributed systems. This talk presents how XACML has been extended and used for the specific purpose of expressing and supporting usage control in Grid applications. Particular emphasis will be given to performance and scalability issues. Furthermore, the talk will address the issue of the interaction of scheduling with access control.Usage Control in Action: Controlling Service Usage in a Grid-Based Content Management System.
This talk presents a case study of the application of usage control based on XACML. The case study is a grid-based content management system that supports a distributed organization in the execution of collaborative projects, aiming at the production of a complex ‘digital’ product. The production process is structured along a workflow such as a software production process or a web / content publishing process.PolPA: A Usage Control Policy Language for Grids.
Policies languages as XACML cannot express the full potentiality of usage control models such as UCON. This talk shows an alternative policy language, PolPA, that has been designed specifically for expressing usage control policies and has been tailored for dealing with Grids. Since it is based on Process Algebras, PolPA is very expressive and allows to encode all the core models that have been defined by Park and Sandhu. This talk also describes a reference architecture to enforce PolPA in Grid systems.Usage Control in Action: Controlling Resource Usage in a Grid-Based Supply Chain.
This talk presents a case study of the application of usage control based on PolPA. The case study is a transportation supply chain which exploits Grid services for optimizing both the delivery and cost of each customer order. Each transporter uses a Grid-based computing service to re-optimize the routes of its vehicles’ fleet after the addition of each new transportation task. Transporters submit their routing jobs to a Grid portal supported by their association. Local usage control policies allow computational service providers to protect their resources and other transporters’ data.References:
• “A Model for Usage Control in GRID Systems”, F. Martinelli and P. Mori. In Proceeding of Grid-STP 2007, International Workshop on Security, Trust and Privacy in Grid Systems at SecureComm 2007. IEEE Computer Society, (2007), IEEE Catalog Number: 07EX168, ISBN: 1-4244-0975-6.• "XACML Policy Integration Algorithms.", P. Mazzoleni, B. Crispo, S. Sivasubramanian, E. Bertino: , ACM Transactions on Information and System Security (TISSEC), vol.11 n.1, February, 2008.
• “Efficient Integration of Fine-Grained Access Control and Resource Brokering in Grid”. P. Mazzoleni, B. Crispo, S. Sivasubramanian, E. Bertino, The Journal of Supercomputing, Springer Netherlands, October 2008.
• “A Secure Environment for Grid-Based Supply Chains”, L.Blasi, A.Arenas, B.Aziz, P.Mori, U.Rovati, B.Crispo, F.Martinelli, P.Massonet. Published in: Collaboration and the Knowledge Economy: Issues, Applications, Case Studies, P. and M. Cunningham (Eds), IOS Press, 2008 Amsterdam, ISBN 978-1-58603-924-0.
Agenda:
1. Usage Control for Grids (25 minutes).
2. An Architecture for Usage Control in Grids (20 minutes).
3. Usage Control Policies in XACML (45 minutes).
4. Usage Control in Action: Controlling Service Usage in a Grid-Based Content Management System (20 minutes).
5. PolPA: A Usage Control Policy Language for Grids (45 minutes).
6. Usage Control in Action: Controlling Resource Usage in a Grid-Based Supply Chain (25 minutes). -
Using the ETICS Test System to analyse standard compliance and interoperability of grid software¶ Machiavelli (40)
Machiavelli (40)
Le Ciminiere, Catania, Sicily, Italy
Viale Africa 95100 CataniaThe ETICS Tutorial provides an introduction to the ETICS system concepts and features. It describes the ETICS Portal and the ETICS Client and guides the users through basic usage scenarios. It will be shown how ETICS can be used to perform standard compliance testing and interoperabilty testing
The ETICS System is an advanced build and test system designed to facilitate the management of complex distributed software in general and grid software in particular. In this tutorial, users will be given hands-on training on using the ETICS System to perform standard compliance and interoperability tests of software. The tutorial is divided in two parts:- in the first part attendees will be given an introduction to ETICS and its typical usage scenarios using the web appliations and the command-line client.
- in the second part it will be shown how to use ETICS to perform standard compliance testing and how to set up and manage interoperability tests among different middleware implementations including ARC, UNICORE and CREAM
Agenda: - ETICS Overview
- The ETICS Portal and the Web Applications
- Installing the ETICS Client
- Basic usage scenarios
- The ETICS Plugins and their application to compliance analysis
- Setting up and managing distributed tests. The example will show how to tests interoperabilty among ARC, UNICORE and gLite CREAM
-
Vulnerability Assessment and Secure Coding Practices for Middleware Tutorial¶ Bernini (80)
Bernini (80)
Le Ciminiere, Catania, Sicily, Italy
Viale Africa 95100 CataniaVulnerability Assessment and Secure Coding Practices for Middleware Tutorial (1/2) (90 mins)
James A. Kupsch and Prof. Barton P. MillerSecurity is crucial in the software that we develop and use. This tutorial is relevant to anyone wanting to learn about assessing software for security flaws and for developers wishing to minimize security flaws in software they develop.
We share our experience in vulnerability assessment of real-world grid middleware. You will learn skills critical for developers and analysts concerned about software security, and the importance of independent vulnerability assessment.
The tutorial covers a process to actively discover vulnerabilities. We show how to gather information about a system which is used to direct the search for vulnerabilities, and how to integrate vulnerability assessment and discovery into the development cycle.
Next, we examine coding practices to prevent vulnerabilities by describing more than 20 types of vulnerabilities with examples of how they commonly arise, and techniques to prevent them. Most examples are in C, C++, Perl, and the standard C and POSIX APIs.
This tutorial teaches critical assessment and coding skills. In addition, it discusses policy issues relating to independent auditing, vulnerability reporting, and integrating security fixes into the software release cycle.
The security of software is becoming increasingly important to anyone who uses or develops it. This tutorial teaches developers and assessors how to proactively reduce the number of vulnerabilities in their software. Just as independent QA testing is essential for assessing software reliability, testing for security is essential for assuring software security. Even projects that architect their software with security in mind still need independent vulnerability assessment to detect design flaws or coding problems that can arise in any project. Testing for security is an essential part of the development process and a unique skill that requires training.This tutorial is an outgrowth of our experience in performing vulnerability assessment of a variety of grid middleware, which includes Condor from the University of Wisconsin, the Storage Resource Broker from the San Diego Supercomputer Center, MyProxy from the National Center for Supercomputer Applications, and EGEE's glexec. The tutorial teaches the processes and skills that we developed and used in these activities.
This tutorial is relevant to anyone who wants to learn about analyzing software for security flaws and for developers wishing to minimize security flaws in software that they develop. It covers the two sides of security: the offensive--how to find problems through the use of proactive vulnerability assessment; and the defensive--how to prevent problems by showing many types of vulnerabilities that occur in code and what techniques can be used to prevent them.
The target audience for this tutorial is anyone involved with the development of software, wishing to assess the security of software, or managing the software development process. To gain maximum benefit from this tutorial, attendees should be familiar with the process of developing software and the C programming language, along with a basic knowledge of the standard C library and the POSIX API.
This tutorial does not assume any prior knowledge of security assessment or vulnerabilities. Some of the examples include less common APIs, or are in a programming language other than the C programming language. In these instances, enough explanation is given so the attendee unfamiliar with the topic should be able to understand the concepts.
The first part of this tutorial explains how to perform a vulnerability assessment. Our process is based on a deep assessment of the software, done by one who is working in cooperation with the development team and has access to source code, internal documents and developers. We emphasize understanding of the process of vulnerability assessment and developing the skills needed to conduct such an assessment.
The first step of a vulnerability assessment is to gain an in-depth understanding of the system. Without an understanding of how it works, it is impossible to know what are the critical assets and what are the threats to these assets. To do this, the tutorial shows a process to gather and document this information by performing an architectural, resource and privilege analysis. These steps are completed by meeting with the developers, reviewing design documents and end-user documentation, using the system, and looking at the code.
The architectural analysis consists of discovering and documenting the high level structures of the system: functionality, hosts, configuration parameters, processes, user interaction, interactions between processes, interactions with external systems, other communication channels, resources controlled by processes, and trust between components.
The resource and privilege analysis is the process of discovering and documenting the objects that the system can manipulate, such as in-memory data structures, database records, files, CPU cycles, and physical devices controlled by the computer. It also documents what actions can be performed on the resources in the system. The privilege analysis documents the privilege model defined by the system itself, and the configuration of privileges in the underlying operating system and external applications, such as databases.
The tutorial then shows how to create data flow diagrams from the results of the prior analyses. These diagrams contain much of the information collected earlier in a succinct fashion that allows the analyst to easily comprehend the system.
The tutorial then covers the process of performing a component analysis, which is looking for vulnerabilities in components of the system. Since it is not realistic to completely verify the security of the system, the tutorial shows how to use the previous steps of the analysis to focus the search to find both those that are likely to be easily found by outside attackers, and also those vulnerabilities that can lead to higher value targets such as the compromise of the host operating system or a subversion of the privilege system. Information in the second part of the tutorial explains how to look for specific types of vulnerabilities.
The tutorial also describes how to integrate the results of the vulnerability assessment process into the software development process, including writing vulnerability reports, the vulnerability disclosure process, fixing vulnerabilities, and releasing security updates.
The second part of this tutorial focuses on vulnerabilities. It features several interactive secure coding quizzes where the audience is challenged to find as many vulnerabilities as they can in short code fragments. What the audience finds (and does not find) are then discussed.
This part also contains a discussion of the most common vulnerabilities and is valuable to both developers and security assessors. Descriptions of each vulnerability are presented with examples. It is shown how the vulnerability typically occurs within code, pointing out APIs or techniques that commonly result in the vulnerability, and also how the vulnerability can be mitigated or eliminated through the use of other techniques or APIs. The causes and types of vulnerabilities covered include:
- Lack of data validation
- Error Handling
- Buffer overflows
- Numeric parsing
- Integer vulnerabilities
- Race conditions
- Injection attacks
- Format string attack
- Command injection
- SQL injection
- Cross-site scripting (XSS)
- Directory traversals
- Memory management attacks
- Race conditions
- Denial of service
- Insecure permissions
- Not dropping privileges
- Information leaks
-
10:30
Coffee
-
Distributed data access and management with OGSA-DAI¶ Leopardi (50)
Leopardi (50)
Le Ciminiere, Catania, Sicily, Italy
Viale Africa 95100 CataniaDistributed data access and management with OGSA-DAI (1/2) (90 mins)
Mike JacksonThis session provides a comprehensive overview of a powerful solution for distributed data access, management and integration - OGSA-DAI - and how it can be used to solve data-related problems in both enterprise and research contexts. An overview of OGSA-DAI is given as well as the
latest work on increasing OGSA-DAI's power via distributed query processing and SQL view definition. It describes the relationship of OGSA-DAI to OGF's work on data access and integration standards - WS-DAI - and how such specifications provide a way of exposing OGSA-DAI's
functionality in a more usable format and lends itself to
inter-operability and integration with other service-oriented technologies.
This session provides a comprehensive overview of a powerful solution for distributed data access, management and integration - OGSA-DAI - and how it can be used to solve data-related problems in both enterprise and research contexts. An overview of OGSA-DAI is given as well as the
latest work on increasing OGSA-DAI's power via distributed query processing and SQL view definition. It describes the relationship of OGSA-DAI to OGF's work on data access and integration standards - WS-DAI - and how such specifications provide a way of exposing OGSA-DAI's
functionality in a more usable format and lends itself to
inter-operability and integration with other service-oriented technologies.Target audience: software developers, technical leaders
OGSA-DAI is OMII-UK's Grid data access and integration middleware product. Participants will learn about the problem space where OGSA-DAI sits as well as:
- How it can be used to achieve common data access and integration scenarios.
- How it offers a powerful solution for data access and integration scenarios by combining services with an underlying workflow engine.
- How OGSA-DAI can be used to develop well-defined services for data manipulation, with reference to WS-DAI.
By the end of the session, participants will have a good understanding of key features of OGSA-DAI, the problems it is designed to solve, and see how to reap the benefits of deploying in their projects. Examples of both research and business applications will be used.
Agenda:
OGSA-DAI- OGSA-DAI project
- Distributed data management scenarios
- Possible solutions
- OGSA-DAI and workflows
- Realising the scenarios
- OGSA-DAI and security
- Extending OGSA-DAI's power via SQL views and DQP
- Concealing workflows behind facades
- Standards, WS-DAI and OGSA-DAI
-
Genesis II (90 mins¶ Michelangelo (120)
Michelangelo (120)
Le Ciminiere, Catania, Sicily, Italy
Viale Africa 95100 CataniaGenesis II (90 mins)
Genesis II is the first integrated implementation of the standards and profiles coming out of the OGF Open Grid Services Architecture (OGSA) Working Group [2-4]. Genesis II is a complete set of Grid services for users and applications which not only follows our maxim – “by default the user should not have to think” – but is also a from-scratch implementation of the standards and profiles – not a wrapping of existing artifacts. Genesis II is open source under the Apache license.
Genesis II is the first integrated implementation of the standards and profiles coming out of the OGF Open Grid Services Architecture (OGSA) Working Group [2-4]. Genesis II is a complete set of Grid services for users and applications which not only follows our maxim – “by default the user should not have to think” – but is also a from-scratch implementation of the standards and profiles – not a wrapping of existing artifacts. Genesis II is open source under the Apache license.
Genesis II was created to address a number of needs and answer various questions about emerging Grid technology. These included
• the need for a production Grid system with which to provide compute and data Grid capabilities to various partner groups and research projects,
• the desire to have a fully functional Grid framework on which further Grid research could be performed,
• and the desire to “test drive” the various specifications making their way through various standardization organizations to both vet and better understand those specifications, both in isolation, and together as a whole.
Genesis II is fully operational in a production environment at the University of Virginia. It supports both data and compute Grid functionality. Users can interact with Genesis II via both a familiar command-line interface (based largely on common *NIX commands such as ls, cat, cp, etc.), through a Grid aware FTP daemon, via an IFS file system in Windows, and in Linux via a FUSE [5] file system driver that maps the Genesis namespace into the local file system namespace. Genesis II has OGSA-BES [1, 4] implementations for both Windows and Linux, as well as a simple job manager that implements a simple queue. To run jobs users can submit JSDL documents to a queue (described shortly) or run them directly on a BES resource.Agenda:
The proposed tutorial will focus on installing and using Genesis II. The tutorial will begin with an overview of Genesis II, how the standards fit into Genesis II, and the driving architectural theme – a single shared directory system that maps human paths to EPR’s. We will then install Genesis II on participant laptops (if they have them and are willing), demonstrate how to mount and use the FUSE and Windows IFS interfaces to Genesis II, how to run jobs, run sets of jobs, and share data with other users. -
OGF-Europe Tutorial: How new communities can get access to a Grid infrastructure¶ Galilei (120)
Galilei (120)
Le Ciminiere, Catania, Sicily, Italy
Viale Africa 95100 CataniaOGF-Europe Tutorial: How new communities can get access to a Grid infrastructure (90 mins)
David Fergusson, Morris Riedel, Balazs KonyaThis OGF-Europe tutorial will explain how new communities or organizations can get access to existing Grid infrastructures.
The following Grid infrastructures will be considered: EGEE, NorduGrid, DEISA
-
OGF-Europe Tutorial: Managing Computational Activities on the Grid - from Specifications to Implementation¶ Caravaggio (120)
Caravaggio (120)
Le Ciminiere, Catania, Sicily, Italy
Viale Africa 95100 CataniaOGF-Europe Tutorial: Managing Computational Activities on the Grid - from Specifications to Implementation (1/2) (90 mins)
Sergio Andreozzi, Balazs Konya, Morris RiedelThis OGF-Europe tutorial will explore how current and upcoming OGF standards have made the interoperable submission, monitoring and controlling of computational activities in Grid systems a feature of Grid middleware.
Tutorial participants will gain new knowledge on a series of key specifications: BES (Basic Execution Service), JSDL (Job Submission Description Language), HPC Extensions (High-Performance Computing), GLUE (an information model for Grid resources).
Participants will learn about the on-going implementation work by leading European middleware providers.
Specific takeaways include insight into BES, JSDL, HPC extensions and GLUE standards, application scenarios, design choices and technical challenges for the transition from specifications to implementation.
Target audience: Grid developers and Grid advanced end-users
Agenda:
Agenda:
- General introduction
- Introducution to Job submission
-- Scenarios
-- Job management before OGF standards
- OGF Standards for Job Management
-- JSDL - B. Konya
-- HPC Extensions to JSDL - B. Konya
-- OGSA-BES - A. Konstantinov
-- GLUE
- Implementation of standards and extension to them
- Security aspects
- Exercises -
Porting Applications with Globus GridWay¶ Da Vinci (120)
Da Vinci (120)
Le Ciminiere, Catania, Sicily, Italy
Viale Africa 95100 CataniaPorting Applications with Globus GridWay (90 mins)
I. M. Llorente (UCM) and E. Huedo (UCM)The aim of the tutorial is to provide a global overview of the process of installing, configuring and using GridWay. The tutorial also focuses on the development of codes using the C and JAVA bindings of the DRMAA OGF standard. The development of codes using DRMAA assures compatibility of applications with other management systems that implements the standard.
During the tutorial, participants would receive a practical overview of the agenda topics, having the opportunity to exercise GridWay functionality with examples on a real grid infrastructure
Agenda:
1. Introduction to the GridWay Metascheduler (10 min)
2. Installation and Basic Configuration (20 min)
3. Submission, Monitoring and Control of Jobs (30 min)
4. Programming with the DRMAA OGF standard (30 min) -
Porting applications to the Grid using the EDGeS Application Development Methodology¶ Donatello (40)
Donatello (40)
Le Ciminiere, Catania, Sicily, Italy
Viale Africa 95100 CataniaPorting applications to the Grid using the EDGeS Application Development Methodology (90 mins)
Tamas Kiss, Ad EmmenAbstract:
A Grid can be a powerful number crunching machine bringing the power of thousands of processors to an application developer's finger tips. Although current Grid infrastructures offer significant amount of resources to run computation and data intensive applications, some scenarios still overgrow the capabilities of existing
Grids. Unfortunately, the two main types of Grids infrastructures, Service and Desktop Grid systems, were not interoperable until recently. The European EDGeS
project is currently developing a bi-directional bridge connecting this diverse collection of resources.Programming an application for a Grid is not easy. Current Grid application development efforts very often use ad-hoc approaches only when porting the applications. Developers do not follow any suggested methodology and this may result
is poorly documented systems that do not fulfill user expectations. In order to avoid this trap, support application developers and provide guidelines when porting
an application to the EDGeS Grid platform, the EDGeS Application Development Methodology (EADM) has been specified.This tutorial introduces the EDGeS Grid platform (EGEE extended with BOINC and XtremWeb Desktop Grids) and the EDGeS Application
Development Methodology. So far 12 applications from fields of bio-science, chemistry, physics, engineering, e-market, etc. have been ported to EDGeS. Case studies of tools that make the application development easier and examples for applications that have been ported to EDGeS using the EADM
are presented.
Target Audience:
Application developers that want to port an application to Desktop Grids. Representatives of EGEE user communities who want to port existing EGEE applications to the EDGeS infrastructure.Lecturer:
Tamas KissCV:
Tamas Kiss is a Senior Lecturer in Database Systems at the Department of Information Systems and Computing, and a researcher at the Centre for Parallel Computing at the
School of Informatics, University of Westminster, London. His research interests include parallel and Grid computing, and he has extended experience in the area of legacy code deployment, interoperation of Grid systems, and application porting to
service and desktop Grid systems. He led the design and development activities resulting in the Grid Execution Management for Legacy Code Architecture (GEMLCA)
solution, now a Globus incubator project, within the UK EPSRC founded OGSA Testbed project. He contributed to the CoreGrid Network of Excellence project as the leader
of the Legacy Code Wrapping and Deployment Methodologies Research Group within the Institute on Grid Systems, Tools and Environments. He currently leads the Grid Application Support Service activity within the European EDGeS project.
Tamas has extended experience in teaching in higher education and giving Grid tutorials, lectures and hands-on sessions (e.g. GEMLCA/P-GRADE portal courses organised by the UK National e-Science Center (NESC) and the EGEE project). He co-authored one book and more than 50 scientific papers in journals and conference proceedings, and as book chapters. -
Transition towards EGI Workshop¶ Dante (550)
Dante (550)
Le Ciminiere, Catania, Sicily, Italy
Viale Africa 95100 CataniaTransition towards EGI workshop (1/2) (90 mins)
Dr. Ludek MatyskaThis workshop will start with the overview of the state of EGI, its state and expected form and will focus on the processes associated with the transition from EGEE and other existing Grid infrastructures into the EGI model in Europe; it will also touch the international (outside Europe) dimension and interaction. The workshop will be the best opportunity to provide feedback on these plans as expressed in the EGI transition Deliverable that will be available for public comments approximately one week before the workshop. The workshop will be composed from presentations of the EGI_DS team and we also plan to invite users and representatives of especially non European Grid infrastructures to explicitly share their views and expectations, as well as eventual worries.
-
5
User Support and Specialised Support Centres¶Speakers: Dr Charles Loomis (CNRS/LAL), Dr Diana Cresti (INFN)
-
6
Middleware¶Speakers: Mr Laurence Field (CERN), Michael Gronager (NDGF), Dr Mirco Mazzucato (INFN), Steven Newhouse (CERN)
-
7
Operations¶Speakers: Prof. Laura Perini (Dipartimento di Fisica), Dr Tiziana Ferrari (INFN CNAF)
- 8
- 9
-
5
-
Usage Control for Next Generation Grids¶ Raffaello (80)
Raffaello (80)
Le Ciminiere, Catania, Sicily, Italy
Viale Africa 95100 CataniaUsage Control for Next Generation Grids (1/2) (90 mins)
Alvaro Arenas (STFC RAL, UK); Lorenzo Blasi (HP, Italy); Giovanni Cortese (Interplay, Italy); Bruno Crispo (VUA, Netherlands, and Univ. Trento, Italy); Fabio Martinelli (CNR, Italy); Philippe MassonetUsage control is an authorisation framework that extends traditional access control by controlling data access as well as usage. This tutorial presents how to model and implement usage control for Grids. The tutorial comprises five parts: an introduction to the usage control model; an OGSA-based architecture for usage control; usage control policies in XACML; an alternative policy language for usage control in Grids; and two case studies showing the application of usage control in Grid systems
The “Usage Control for Next Generation Grids” tutorial consists of the following six talks:Usage Control for Grids.
The usage control model (UCON) is a new access control paradigm proposed by Park and Sandhu that encompasses and extends different existing models. Its main novelty, in addition to the unification view, is based on continuity of usage monitoring and mutability of attributes. This talk introduces the usage control model and highlights the challenges in controlling resource usage in Grid systems.An Architecture for Usage Control in Grids.
This talk describes an OGSA-based architecture for implementing usage control for Grids. The architecture has been developed in the EU GridTrust project, extending the current Grid Security Infrastructure (GSI) to deal with usage control.Usage Control Policies in XACML.
XACML is the standard language for access control in distributed systems. This talk presents how XACML has been extended and used for the specific purpose of expressing and supporting usage control in Grid applications. Particular emphasis will be given to performance and scalability issues. Furthermore, the talk will address the issue of the interaction of scheduling with access control.Usage Control in Action: Controlling Service Usage in a Grid-Based Content Management System.
This talk presents a case study of the application of usage control based on XACML. The case study is a grid-based content management system that supports a distributed organization in the execution of collaborative projects, aiming at the production of a complex ‘digital’ product. The production process is structured along a workflow such as a software production process or a web / content publishing process.PolPA: A Usage Control Policy Language for Grids.
Policies languages as XACML cannot express the full potentiality of usage control models such as UCON. This talk shows an alternative policy language, PolPA, that has been designed specifically for expressing usage control policies and has been tailored for dealing with Grids. Since it is based on Process Algebras, PolPA is very expressive and allows to encode all the core models that have been defined by Park and Sandhu. This talk also describes a reference architecture to enforce PolPA in Grid systems.Usage Control in Action: Controlling Resource Usage in a Grid-Based Supply Chain.
This talk presents a case study of the application of usage control based on PolPA. The case study is a transportation supply chain which exploits Grid services for optimizing both the delivery and cost of each customer order. Each transporter uses a Grid-based computing service to re-optimize the routes of its vehicles’ fleet after the addition of each new transportation task. Transporters submit their routing jobs to a Grid portal supported by their association. Local usage control policies allow computational service providers to protect their resources and other transporters’ data.References:
• “A Model for Usage Control in GRID Systems”, F. Martinelli and P. Mori. In Proceeding of Grid-STP 2007, International Workshop on Security, Trust and Privacy in Grid Systems at SecureComm 2007. IEEE Computer Society, (2007), IEEE Catalog Number: 07EX168, ISBN: 1-4244-0975-6.• "XACML Policy Integration Algorithms.", P. Mazzoleni, B. Crispo, S. Sivasubramanian, E. Bertino: , ACM Transactions on Information and System Security (TISSEC), vol.11 n.1, February, 2008.
• “Efficient Integration of Fine-Grained Access Control and Resource Brokering in Grid”. P. Mazzoleni, B. Crispo, S. Sivasubramanian, E. Bertino, The Journal of Supercomputing, Springer Netherlands, October 2008.
• “A Secure Environment for Grid-Based Supply Chains”, L.Blasi, A.Arenas, B.Aziz, P.Mori, U.Rovati, B.Crispo, F.Martinelli, P.Massonet. Published in: Collaboration and the Knowledge Economy: Issues, Applications, Case Studies, P. and M. Cunningham (Eds), IOS Press, 2008 Amsterdam, ISBN 978-1-58603-924-0.
Agenda:
1. Usage Control for Grids (25 minutes).
2. An Architecture for Usage Control in Grids (20 minutes).
3. Usage Control Policies in XACML (45 minutes).
4. Usage Control in Action: Controlling Service Usage in a Grid-Based Content Management System (20 minutes).
5. PolPA: A Usage Control Policy Language for Grids (45 minutes).
6. Usage Control in Action: Controlling Resource Usage in a Grid-Based Supply Chain (25 minutes). -
Using the ETICS Test System to analyse standard compliance and interoperability of grid software¶ Machiavelli (40)
Machiavelli (40)
Le Ciminiere, Catania, Sicily, Italy
Viale Africa 95100 CataniaThe ETICS Tutorial provides an introduction to the ETICS system concepts and features. It describes the ETICS Portal and the ETICS Client and guides the users through basic usage scenarios. It will be shown how ETICS can be used to perform standard compliance testing and interoperabilty testing
The ETICS System is an advanced build and test system designed to facilitate the management of complex distributed software in general and grid software in particular. In this tutorial, users will be given hands-on training on using the ETICS System to perform standard compliance and interoperability tests of software. The tutorial is divided in two parts:- in the first part attendees will be given an introduction to ETICS and its typical usage scenarios using the web appliations and the command-line client.
- in the second part it will be shown how to use ETICS to perform standard compliance testing and how to set up and manage interoperability tests among different middleware implementations including ARC, UNICORE and CREAM
Agenda: - ETICS Overview
- The ETICS Portal and the Web Applications
- Installing the ETICS Client
- Basic usage scenarios
- The ETICS Plugins and their application to compliance analysis
- Setting up and managing distributed tests. The example will show how to tests interoperabilty among ARC, UNICORE and gLite CREAM
-
Vulnerability Assessment and Secure Coding Practices for Middleware Tutorial¶ Bernini (80)
Bernini (80)
Le Ciminiere, Catania, Sicily, Italy
Viale Africa 95100 CataniaVulnerability Assessment and Secure Coding Practices for Middleware Tutorial (1/2) (90 mins)
James A. Kupsch and Prof. Barton P. MillerSecurity is crucial in the software that we develop and use. This tutorial is relevant to anyone wanting to learn about assessing software for security flaws and for developers wishing to minimize security flaws in software they develop.
We share our experience in vulnerability assessment of real-world grid middleware. You will learn skills critical for developers and analysts concerned about software security, and the importance of independent vulnerability assessment.
The tutorial covers a process to actively discover vulnerabilities. We show how to gather information about a system which is used to direct the search for vulnerabilities, and how to integrate vulnerability assessment and discovery into the development cycle.
Next, we examine coding practices to prevent vulnerabilities by describing more than 20 types of vulnerabilities with examples of how they commonly arise, and techniques to prevent them. Most examples are in C, C++, Perl, and the standard C and POSIX APIs.
This tutorial teaches critical assessment and coding skills. In addition, it discusses policy issues relating to independent auditing, vulnerability reporting, and integrating security fixes into the software release cycle.
The security of software is becoming increasingly important to anyone who uses or develops it. This tutorial teaches developers and assessors how to proactively reduce the number of vulnerabilities in their software. Just as independent QA testing is essential for assessing software reliability, testing for security is essential for assuring software security. Even projects that architect their software with security in mind still need independent vulnerability assessment to detect design flaws or coding problems that can arise in any project. Testing for security is an essential part of the development process and a unique skill that requires training.This tutorial is an outgrowth of our experience in performing vulnerability assessment of a variety of grid middleware, which includes Condor from the University of Wisconsin, the Storage Resource Broker from the San Diego Supercomputer Center, MyProxy from the National Center for Supercomputer Applications, and EGEE's glexec. The tutorial teaches the processes and skills that we developed and used in these activities.
This tutorial is relevant to anyone who wants to learn about analyzing software for security flaws and for developers wishing to minimize security flaws in software that they develop. It covers the two sides of security: the offensive--how to find problems through the use of proactive vulnerability assessment; and the defensive--how to prevent problems by showing many types of vulnerabilities that occur in code and what techniques can be used to prevent them.
The target audience for this tutorial is anyone involved with the development of software, wishing to assess the security of software, or managing the software development process. To gain maximum benefit from this tutorial, attendees should be familiar with the process of developing software and the C programming language, along with a basic knowledge of the standard C library and the POSIX API.
This tutorial does not assume any prior knowledge of security assessment or vulnerabilities. Some of the examples include less common APIs, or are in a programming language other than the C programming language. In these instances, enough explanation is given so the attendee unfamiliar with the topic should be able to understand the concepts.
The first part of this tutorial explains how to perform a vulnerability assessment. Our process is based on a deep assessment of the software, done by one who is working in cooperation with the development team and has access to source code, internal documents and developers. We emphasize understanding of the process of vulnerability assessment and developing the skills needed to conduct such an assessment.
The first step of a vulnerability assessment is to gain an in-depth understanding of the system. Without an understanding of how it works, it is impossible to know what are the critical assets and what are the threats to these assets. To do this, the tutorial shows a process to gather and document this information by performing an architectural, resource and privilege analysis. These steps are completed by meeting with the developers, reviewing design documents and end-user documentation, using the system, and looking at the code.
The architectural analysis consists of discovering and documenting the high level structures of the system: functionality, hosts, configuration parameters, processes, user interaction, interactions between processes, interactions with external systems, other communication channels, resources controlled by processes, and trust between components.
The resource and privilege analysis is the process of discovering and documenting the objects that the system can manipulate, such as in-memory data structures, database records, files, CPU cycles, and physical devices controlled by the computer. It also documents what actions can be performed on the resources in the system. The privilege analysis documents the privilege model defined by the system itself, and the configuration of privileges in the underlying operating system and external applications, such as databases.
The tutorial then shows how to create data flow diagrams from the results of the prior analyses. These diagrams contain much of the information collected earlier in a succinct fashion that allows the analyst to easily comprehend the system.
The tutorial then covers the process of performing a component analysis, which is looking for vulnerabilities in components of the system. Since it is not realistic to completely verify the security of the system, the tutorial shows how to use the previous steps of the analysis to focus the search to find both those that are likely to be easily found by outside attackers, and also those vulnerabilities that can lead to higher value targets such as the compromise of the host operating system or a subversion of the privilege system. Information in the second part of the tutorial explains how to look for specific types of vulnerabilities.
The tutorial also describes how to integrate the results of the vulnerability assessment process into the software development process, including writing vulnerability reports, the vulnerability disclosure process, fixing vulnerabilities, and releasing security updates.
The second part of this tutorial focuses on vulnerabilities. It features several interactive secure coding quizzes where the audience is challenged to find as many vulnerabilities as they can in short code fragments. What the audience finds (and does not find) are then discussed.
This part also contains a discussion of the most common vulnerabilities and is valuable to both developers and security assessors. Descriptions of each vulnerability are presented with examples. It is shown how the vulnerability typically occurs within code, pointing out APIs or techniques that commonly result in the vulnerability, and also how the vulnerability can be mitigated or eliminated through the use of other techniques or APIs. The causes and types of vulnerabilities covered include:
- Lack of data validation
- Error Handling
- Buffer overflows
- Numeric parsing
- Integer vulnerabilities
- Race conditions
- Injection attacks
- Format string attack
- Command injection
- SQL injection
- Cross-site scripting (XSS)
- Directory traversals
- Memory management attacks
- Race conditions
- Denial of service
- Insecure permissions
- Not dropping privileges
- Information leaks
-
12:30
Lunch
-
Welcome to EGEE User Forum/OGF25 & OGF Europe's 2nd International Event - Opening Plenary¶ Dante (550)
Dante (550)
Le Ciminiere, Catania, Sicily, Italy
Viale Africa 95100 Catania- 10
-
11
Welcome from EGEE - Bob Jones, EGEE-III Project Director¶Speaker: Dr Bob Jones (CERN)
- 12
-
13
Welcome from OGF Europe - Silvana Muscella, OGF Europe Technical Coordinator¶Speaker: Silvana Muscella
-
14
Plenary Talk - European Commission - Kyriakos Baxevanidis¶
-
15
Science in Sicily and the Sicilian Grid - Prof. Francesco Catara – University of Messina¶"Science in Sicily and the Sicilian Grid" Francesco Catara, University of Catania & Consorzio COMETA Born in Catania, Francesco Catara has been a full professor of Theoretical Physics since 1986. His research activity is mainly in the fields of Quantum Many Body Theories and Nuclear Reaction Theories. The author of 100 scientific papers published in international journals, he has given invited talks in numerous Workshops and Conferences, and has conduced many lecture courses, both at under graduated and post graduated level. He has been referee of the journals: Physical Review, Physical Review Letters and Nuclear Physics A. Director of the Catania branch of INFN in the years 1977-1983 and 2001-2007. Presently President of the Consortium COMETA, which was born from the gathering of the 3 Sicilian Universities and 3 national research institutes operating in Sicily in the fields of Astrophysics (INAF), Nuclear and Subnuclear Physics (INFN), Geology and Volcanology (INVG). The goal of COMETA is to create a grid infrastructure in Sicily, connected to the italian and international grids. This has been achieved and the Sicilian grid is fully operating.Speaker: Francesco Catara
-
15:30
Coffee
-
Cloud and Grid I: Innovation and Operations¶ Dante (550)
Dante (550)
Le Ciminiere, Catania, Sicily, Italy
Viale Africa 95100 Catania-
16
Cloud Computing: More than a Virtual Stack¶"Cloud Computing: More than a Virtual Stack" Peter Coffee, Director of Platform Research, salesforce.com Peter Coffee, former Technology Editor of enterprise IT journals PC Week and eWEEK, works with corporate and commercial application developers to build a community based on Force.com: the salesforce.com Platform-as-a-Service (PaaS). He has 26 years' experience in guiding the adoption and management of innovative information technologies and practices as a developer, consultant, educator, and internationally published author. He has provided expert analysis of IT industry issues and events including Internet security, the Microsoft antitrust case and the HP/Compaq acquisition for major news publications and broadcast media; he has been a keynote speaker, workshop leader, moderator or presenter at IT events throughout the U.S. as well as in England, Canada, Mexico, Brazil, China, Singapore, India and Australia. Peter was previously the first manager of PC planning at The Aerospace Corporation, and before that was a Senior Engineer in arctic project management and chemical facility construction for several divisions of Exxon Corporation. He holds an engineering degree from MIT and an MBA from Pepperdine University, and has been a faculty member at Pepperdine and also at UCLA (computer science) and Chapman College (business analytics). He is the author of two books, How to Program Java and Peter Coffee Teaches PCs.Speaker: Peter Coffee
-
17
Global Grid Operations - What it means for the LHC Grid and the HEP Community¶"Global Grid Operations - What it means for the LHC Grid and the HEP Community" Jamie Shiers BSc, PhD, CERN Jamie Shiers currently leads the Grid Support group in CERN’s IT department. This group plays a leading role in the overall Worldwide LHC Computing Grid (WLCG) project, acting in many ways as a bridge between sites, services and the experiments, with a strong focus on service and operations. He has worked on many aspects of LHC computing since the early 1990s, moving to the Grid service area in 2005 when he led two major “Service Challenges” designed to help bring the service up to the level required for LHC data taking and analysis. He has been a member of both EGEE and EGI_DS projects and is a member of the Management Board of WLCG. He has authored numerous articles on Grid computing, including comparisons with Clouds from both technical and non-technical viewpoints. Dr. Shiers received a PhD in physics from the University of Liverpool in 1981, following a degree in physics obtained at the University of London (Imperial College) in 1978. He has worked in the IT department at CERN for the past 25 years in a wide variety of positions, including operations, application development and support, databases and data management, as well as various project leadership roles. Prior to this he worked as a research physicist at the Max Planck Institute for Physics in Munich, Germany and as a guest physicist at CERN.Speaker: Dr Jamie Shiers (CERN)
-
16
-
CAOPS - IGTF Workshop¶ Caravaggio (120)
Caravaggio (120)
Le Ciminiere, Catania, Sicily, Italy
Viale Africa 95100 CataniaCAOPS - IGTF Workshop (1/3) (90 mins)
Christos Kanellopoulos, Yoshio Tanaka, David Groep
(CAOPS-WG) PresentationThis is the 4th CAOPS - IGTF Workshop. The purpose of the workshop is to discuss issues best practices in Grid CA Operations and the
International Grid Trust Federation (IGTF) -
Data Management¶ Raffaello (80)
Raffaello (80)
Le Ciminiere, Catania, Sicily, Italy
Viale Africa 95100 CataniaData Management is the most significant challenge to many user communities within EGEE. It also represents one of the main uses of e-infrastructure - the large scale computational analysis of large volumes of data. Many communities are having to develop new techniques and use new services to deal with the 'data deluge' coming from their research activities. Now that the e-infrastructure exists to store and analyse the data, the next challenge for many end-users is how to derive information and gain knowledge from the raw data to meet their research objectives.
The presentations cover two broad areas - the standards being used to provide consistent access to the data management services and the services that form the operational e-infrastructure. These presentations will include:
- how standards from the Open Grid Forum (ByteIO, WSDAIR and RNS) are being used to navigate and access information stored in catalogues, such as the LFC or AMGA, so that these can be accessed from either Windows or Linux.
- how an application community has been validating the operational effectiveness of the infrastructure (both its services and networking links) as part of their distributed data analysis.
- how 3D graphical images of data sets can be analysed using the e-Infrastructure.
- how distributed key storage services can be used to encrypt and store data using the existing e-infrastructure.
-
-
18
Debugging Data Transfers between CMS Computing Centres¶The Debugging Data Transfers (DDT) Task Force was created to coordinate the debugging of data transfer links among WLCG sites supporting the CMS Virtual Organization. The task force aimed to commission the most crucial transfer routes among CMS sites by designing and enforcing a clear procedure to debug problematic links. The preparation, activities and experience of the DDT Task Force are discussed. Common technical problems and challenges encountered are explained and summarized.Speaker: Dr Nicolo Magini (CERN IT-GS-EIS & INFN-CNAF)
-
19
VisIVO: data visualization on the grid.¶We present new integrated services offered by VisIVO, a framework for exploration of large-scale scientific datasets. . We show new features of the recently developed VisIVO Server, a command line application for intuitive visual discovery with 3D views being created from data tables.A grid version is ported and deployed in the Cometa Consortium GRID, and can run on worker nodes of this computational grid.Speaker: Ugo Becciani (INAF)
-
20
Encrypted Data Storage¶Encrypted Data Storage is now moving to production status within gLite middleware. Experiences of support and development are given.Speaker: John White White (Helsinki Institute of Physics HIP)