|
|
|
|
|
The Cybermedia Center
,
Osaka University
has been promoting a national project, IT-program of "Construction
of a Supercomputer Network" since 2002. The most significant aspect
of this project is that researchers with a variety of research backgrounds
in universities, research institutes and companies are working together
to achieve the project goal. Such backgrounds are: computer science, medicine,
pharmacy, biology and so on. In this project, we are responsible for contributing
to build the research infrastructure for bio-related research such as in-silico drug design and genome analysis with newly emerged Grid technologies.
Our responsibility in the project includes development of new Grid technologies
that Bio-researchers demand. For these reasons, this project is also known
as Biogrid project. |
|
Data security is what Bio-researchers strongly demand to IT researchers.
In particular, researchers and scientists working for pharmaceutic companies
demand the strong security for data used on the Grid, because the data
that they use may sometimes lead to big money! Briefly speaking, they have
a trade-off demand for the Grid. In short, while they want to make maximum
use of shared resources on the Grid (computational resources and up-to-date
public data), they have the strong demand that the confidential data they
want to use on the Grid should be treated exclusively to other groups and
people. Furthermore, they want more user-friendliness in accessing data
on the Grid.
|
|
The development of our secure grid filesystem was motivated by researchers'
demands. Working together with researchers and scientists, we aim at providing
a convenient method of acessing data with much confidentilaity in order
to realize the seamless sharing of diverse bio-related databases.
|
|
SDI (Single
Disk Image): End users (bio scientists and researchers) want to access the data, which
of interest is located in the remote storage on the Grid, without being
aware of data location. In other words, users want to access such data
as if it is located in the local disk. |
|
On-demand
Access: Users want to access data only when they need it. This is partly demanded
for security reasons. |
|
Exclusiveness: Each user wants to build his/her own SDI for strong data protection. In
particular, the researchers in pharmaceutic companies never want others
to know their own SDI information, that is to say, the information on what
kind of data they have accessed.
|
|
Data Confidentiality: Confidential data in transit should be encrypted with strong cryptographic
technologies. |
|
User Convenience:
Users do not want to give up user-friendliness even if security is improved.
They strongly demand an easy-to-use method of accessing data located at
a remote computer with security.
|
|
Based on the demands previously mentioned, our secure file system has been
developed. Our approach to the design and implementation of Secure Grid
Filesystem is described as follows. You can download our Secure Grid Filesystem
from the download page. You will also know how to configure it on the page. |
|
A User-oriented Secure Filesystem on the Grid, Shingo Takeda, Susumu Date, and Shinji Shimojo, 3rd IEEE/ACM International Symposium on Cluster Computing and the Grid (CCGrid2003) in Tokyo, Japan, May 2003.
Paper (PDF), Poster (PDF)
Grid technology enables us to share a diversity of computational resources on the Internet. In the grid environment, users often need a convenient method to share data safely in the storages, each of which is separately located across the untrusted public network. However, few existing grid file transfer services balance the trade-off between convenience and security, which leads to the difficulties of dealing with confidential data on the grid. To satisfy such users' demand, we have developed a user-oriented and secure filesystem seamlessly integrated to the grid environment.
The filesystem has been developed based on the two key technologies. The first is Grid Security Infrastructure (GSI) which is provided by the Globus Project. The second is Self-certifying File System (SFS) which is a secure network filesystem developed at Massachusetts Institute of Technology. We combined them to develop a new user-oriented secure filesystem, or GSI-SFS. |
|
GSI-SFS: A Grid File System, Shingo Takeda, Susumu Date, and Shinji Shimojo, IPSJ SIG Technical Reports (2003-OS-93) in Okinawa, Japan, pp. 97-104, May 2003.
Paper (PDF, Japanese)
Grid technology enables us to share a diversity of computational resources on the Internet. In the grid environment, users often demand a convenient method for sharing data safely among the storages, each of which is separately located across the untrusted public network. At present, few file transfer services which balance the trade-off between convenience and security exist, which leads to the difficulties of dealing with confidential data on the grid. To satisfy such users' demand, we have developed a user convenient and secure file system seamlessly integrated to the grid environment. |
|
|