Educause Security Discussion mailing list archives
Re: High Performance Computing for Regulated Data
From: Michael Thompson <Michael () WAYNE EDU>
Date: Fri, 13 Nov 2015 17:40:12 +0000
All, Something like this would likely need to be tailored to the environment. Here are a few points that come to mind: Cgroups: I would see use of cgroups to be a requirement preventing shared memory, cpu, and other resources from being seen by other users potentially logged into the same system. Networking: encrypted, vlan, and/or physical separation of traffic preventing ability to eavesdrop on traffic. Scheduler: choose the scheduler based on HIPAA and other security requirements. Verifying jobs are submitted without disclosing sensitive data to the scheduler or visible by others. Storage: separation of not only long term data storage but temporary\scratch space as well. SELinux if required for additional security and separation. Thanks, Michael Thompson Wayne State University Computing & Information Technology Phone: (313) 577-8106 e-Mail: Michael () Wayne edu<mailto:Michael () Wayne edu> From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Allan Williams Sent: Wednesday, November 11, 2015 4:21 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] High Performance Computing for Regulated Data G’day, If possible could you please post as summary or responses? I have been looking at something similar in Australia and there is not a lot of guidance. I have looked at some of the UK documents and the recently released NIST documents for big data. Regards, Allan On 10 Nov 2015, at 3:28 pm, Matthew Dalton <matthew.dalton () UMASS EDU<mailto:matthew.dalton () UMASS EDU>> wrote: All, I am looking for higher education experience in leveraging high performance computing environments for HIPAA/HITECH data sets. Does anyone have a model for this? We are trying to put together something that has models that address: 1. Compliance 2. Pricing While many vendors may have solutions, we are looking specifically for higher education feedback at this time. Please feel free to reach out directly, or on the list. Thank you. -- Matthew B. Dalton Chief Information Security Officer Information Technology A113 Lederle Graduate Research Center Lowrise University of Massachusetts Amherst 740 North Pleasant Street Amherst, MA 01003-9306 matthew.dalton () umass edu<mailto:matthew.dalton () umass edu> 413-545-4475 -- Allan Williams Associate Director (Services and Technologies) National Computational Infrastructure The Australian National University 143 Ward Road Acton ACT 2601 Australia P: +61-2-6125 8404 E: Allan.Williams () anu edu au<mailto:Allan.Williams () anu edu au> W: www.nci.org.au<http://www.nci.org.au>
Current thread:
- High Performance Computing for Regulated Data Matthew Dalton (Nov 10)
- Re: High Performance Computing for Regulated Data Allan Williams (Nov 11)
- Re: High Performance Computing for Regulated Data Michael Thompson (Nov 13)
- <Possible follow-ups>
- Re: High Performance Computing for Regulated Data Nick Lewis (Nov 11)
- Re: High Performance Computing for Regulated Data Anurag Shankar (Nov 13)
- Re: High Performance Computing for Regulated Data Matthew Dalton (Nov 18)
- Re: High Performance Computing for Regulated Data Anurag Shankar (Nov 20)
- Re: High Performance Computing for Regulated Data Allan Williams (Nov 11)