FY09 Tactical Plans for Grid Grid Services Grid Security

1
FY09 Tactical Plans for/ Grid / Grid
Services/Grid / Security

• Gabriele Garzoglio for
• Garzoglio, Berman, Canal, Holzman, Mhashilkar
• Sep 24, 2008

2
FY09 Tactical Plan for / Grid / Grid Services
/ Grid / Security

• Relevant Strategic Plan(s)
• Grid, CD, Scientific Facilities
• Tactical Plan Leader Gabriele Garzoglio
• Organizational Unit home / CD / SCF / Grid

3
FY09 Tactical Plan Strategies and Goals

• Tactical Plan Strategies
• Provide leadership in the area of middleware
  development for Fermilab and the Open Science
  Grid.
• Provide a middleware infrastructure for Fermilab
  and the OSG, with focus on interoperations with
  major peer grids, such as EGEE, TeraGrid, etc.,
  supporting the needs of Fermilabs scientific
  community.
• Provide policy and operational advice to the
  CSExec and CST in the area of the grid security
  environment of the Open Science Enclave (OSE).
• Increase the ability of the staff to reason about
  grid security issues and act accordingly.
• Tactical Plan Goals
• To enhance and expand the body of grid software,
  business methods, and deployment community that
  is broadly accepted by the FNAL site and FNAL
  based virtual organizations.

4
FY09 Tactical Plan Objectives

• Tactical Plan Objectives for / Grid / Grid
  Services
• VO Services
• Improve usability and operability
• Deployment and support on OSG. Focus on reducing
  maintenance and achieve interoperability.
• Integrate emerging standards and increasingly
  complex use cases.
• WMS
• ReSS Maintenance, support, and operations for
  OSG and FermiGrid VOs
• Glide-In WMS Transition to maintenance and
  operation mode. Focus on CMS.
• Glide-In WMS Interoperability of EGEE / OSG and
  Peer / Campus Grids IS. Move to maintenance and
  operations mode.
• Gratia
• Develop new and improve accounting reports.
• Provide support for the production instance of
  Gratia for OSG and CD.
• Scientific Dashboard
• Develop and deploy to display customized metrics.
  Focus on storage for USCMS.

5
FY09 Tactical Plan Objectives

• Tactical Plan Objectives for / Grid / Security
• Plan and coordinate Fermilab OSE working group
• Implement a software security review process.
• Integrate software security best practices and
  procedures into the software development life
  cycle.
• Perform security-focused reviews of several
  software projects.

6
FY09 Tactical Plan Past Action Items

• Resolution of Past Action Items
• 24.2. (CLOSED) Consider how 1 FTE of security
  effort on OSG is shown in budget for future
  years. Mine is reporting effort to
  Grid/OSG/Security. Does this belong under Grid or
  Computer Security?
• RESOLUTION Don P The OSG security effort is to
  be handled in the way that we take OSG work on in
  the division. We may host the person in a group
  that has technical strengths, but the activity
  remains GRID. It is apropos that OSG security
  work be charged to the GRID root activity, and is
  planned for by the GRID activity process.

7
Project Activity / Grid / Grid Services / VO
Services

• Staffed at 1.1 FTE (of which 0.5 CMS). Project to
  be closed in FY09. Requesting 0.5 new hire from
  CMS funds for maintenance, should the current
  personnel allocation change.
• Stakeholders Fermilab VOs / FermiGrid, CMS /
  Atlas, OSG
• Scope Virtual Organization Management and Access
  Authorization
• Goals Related to this Activity
• 1. Improve usability and operability. Delegate
  responsibilities to components providers.
• Project. Existing goal. Medium Priority.
• 2. Deploy and support the VO Services. Focus on
  reducing maintenance and interoperability of the
  authorization systems. Delegate responsibilities
  to components providers.
• Service. Existing goal. High Priority.
• 3. Integrate emerging standards and increasingly
  complex use cases in the VO Service
  infrastructure.
• Project. Existing goal. Low Priority.

• Key Milestones
• Completion (Oct 08) and deployment (Dec 08) of
  the Authorization Interoperability Infrastructure
  (Oct 08).
• Low Risk this milestone lays down the foundation
  of EGEE/OSG middleware deployment
  interoperability. This reduces maintenance and
  development time to adapt software to different
  grid infrastructure.
• SBIR Phase II on Policy Declaration and
  Enforcement 2nd prototype by summer 09
• Low Risk Improves distribution and validation of
  VO vs. Site privilege policy enforcement
  administration of privilege authorization can
  stay at current level.
• VOMRS ? VOMS-Admin Convergence (4th Q FY09)
• Medium Risk Reduces maintenance effort on VOMRS.
  If not completed, extend 10-30 FTE maintenance
  indefinitely.

8
Project Activity / Grid / Grid Services / WMS

• Staffed at 1.3 FTE 0.5 WMS/ReSS (CD) 0.8
  WMS/CMS (USCMS). Requesting 0.5 new hire from CMS
  funds, should the current personnel allocation
  change.
• Stakeholders Fermilab / Fermigrid, CMS / Atlas,
  OSG
• Scope Push / Pull-based Workload Management
  Systems.
• Goals Related to this Activity
• 1. Maintenance and support for ReSS. Improve
  operational qualities.
• Project. Existing goal. Medium Priority.
• 2. Transition Glide-in WMS to maintenance and
  operation mode.
• Project. New goal. High Priority.
• 3. Interoperability of EGEE / OSG and Peer /
  Campus Grids Information system.
• Project. Existing goal. High Priority.

• Key Milestones
• ReSS compliance w/ FermiGrid operational model
  (Dec 08), improved support for SE (Dec 08),
  improved deployment verification tools (Feb 09),
  compliance with GIP for OSG v1.2 (Feb 09), secure
  resource registration (Apr 09)
• Improves operational qualities of ReSS (medium
  prio) keep up software with OSG updates (high
  prio). Medium/High risk ReSS may not be able to
  transition to FermiGrid operation, thus not
  reducing its operation costs ReSS may not be
  able to keep up with change, making automatic
  resource selection unusable.
• GlideIn WMS Project release (3rd Q FY09).
  Deployment for production users at Fermilab (2nd
  Q FY09). Deployment for analysis users (4th Q
  FY09).
• High Risk this milestone enables operations of
  the production infrastructure for CMS computing.

9
Project Activity / Grid / Grid Services / Gratia

• Staffed at 0.82 FTE (of which 0.25 CMS and 0.25
  OSG Extensions for Gratia Maintenance)
• Stakeholders Fermilab / OSG
• Scope Accounting for OSG and FermiGrid
• Goals Related to this Activity
• 1. Develop new accounting reports and enhance
  existing ones.
• Project. New goal. Medium Priority.
• 2. Provide maintenance for the production
  instance of the Gratia accounting system for OSG
  and CD.
• Service. Existing goal. High Priority.

• Key Milestones / Metrics
• Repeated releases to address new requirements per
  user/stakeholders requests and to address newly
  discovery issues for CMS.
• Medium risk users, like CMS, will not be able to
  take advantage of additional accounting metrics
  to evaluate their progress. Maintenance may also
  be compromised.

10
Project Activity / Grid / Grid Services /
Scientific Dashboard

• Staffed at 1.2 FTE
• Stakeholders CMS, RunII, FermiGrid
• Scope Provide services to adapt, organize,
  archive, retrieve, correlate, and display
  middleware-generated events and workflow data.
• Goals Related to this Activity
• 1. Develop and deploy a scientific-dashboard
  infrastructure to display on-demand metrics of
  running Grid services. Focus on the use cases of
  storage for US CMS.
• Project. New goal. Low Priority.

• Key Milestones
• Project definition and acceptance, requirements
  document (Oct, 2008). Repeated releases of
  prototypes, until first stable release, to the
  satisfaction of stakeholders
• Low Risk should the project not be financed,
  users will have to invest time to display,
  correlate, and analyze events from each different
  workflow and metric, as they do today.

11
Project Activity / Grid / Security
Staffed at .16 FTE approximately 1 hour/week
meeting for others Stakeholders CD, FermiGrid,
CST, All Fermilab VOs, Grid Projects at
Fermilab Scope Issues relating to grid security
Goals Related to this Activity 1. Plan and
coordinate Fermilab OSE working group. Ongoing.
Existing goal. High priority. 2. Implement a
security review process Project. New goal. Medium
Priority. 3. Perform security focused reviews of
several software projects. New goal Medium
Priority. 4. Integration of security best
practices/procedures into the software
development lifecycle. Project. New goal. Medium
Priority.

• Key Milestones
• Implement the STE for the OSE (2nd Q)
• High Risk accomplishing this milestone helps
  tracking security risks and their mitigation
  strategies for the OSE.
• Perform security review of glideinWMS, SAZ (1st
  Q, 2nd Q)
• Low Risk not performing security reviews has the
  risk of not discovering potential security
  vulnerabilities in our software.

12
FY09 Resource Request, Preliminary Allocation
Level 0 Activity / Grid /
Table of budget requests
13
Impact of Possible Cuts

• Requesting 1 potential new hire on CMS budget
  depending on personnel movement in FY09.
• The associated risk is a slowdown in the support,
  deployment, and operations of
• workload management systems for CMS and OSG,
• the VO Services authorization infrastructure for
  OSG, CMS, Atlas, and FermiGrid,
• the SAM-Grid system for DZero production
  activities
• some development activities of the Grid security
  program