- Vincent presented to possible models to kickstart the discussion:
- User credentials pushed to the job (as with GLExec)
- Pilot doing storage operation on behalf of the job
- The second option was not deemed realistic by members of the WG:
- This adds a lot of constrains on the user job, the pilot job might not know which files are needed
- This means no streaming/direct processing of the data, all need to be downloaded on disk
- No check point possible
- Maarten noted that with the experience we had in security incidents, we might be able to lower a bit the requirements, as the risk doesn't seem so high...
- Two other designs were shortly discussed:
- Each job receive a unique non-guessable path on which the job is supposed to write. That path should be open to write for the time window on which the job is supposed to write
- The payload announce in its job description all file operation needed. The pilot can then sign access tokens given to the payload for each access (the storage needs to be aware of this mechanism)
- Agreement was reached that the WG should collect all VO data workflows, to understand better the situation, before discussing any model that could fit them