Download
slide1 n.
Skip this Video
Loading SlideShow in 5 Seconds..
TERENA - Collaboration on Storage Services Jari.Miettinen@csc.fi Mikael.Linden@csc.fi PowerPoint Presentation
Download Presentation
TERENA - Collaboration on Storage Services Jari.Miettinen@csc.fi Mikael.Linden@csc.fi

TERENA - Collaboration on Storage Services Jari.Miettinen@csc.fi Mikael.Linden@csc.fi

115 Vues Download Presentation
Télécharger la présentation

TERENA - Collaboration on Storage Services Jari.Miettinen@csc.fi Mikael.Linden@csc.fi

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. ePoste Restante and ePort Payéexchanging files using centralized temporary storage with federated authentication TERENA - Collaboration on Storage Services Jari.Miettinen@csc.fi Mikael.Linden@csc.fi Amsterdam 29.6.2007

  2. Content • road to ePostal services • current delivery procedures • obstacles on the road of the user • ePoste Restante and ePort Payé • connection to AAI - Haka • deployment scenarios • caveats by the path • current development status • advantages to the user community

  3. road to ePostal services @CSC (1/2) • CSC supercomputing centre • general-purpose fiber disk service • long-term archiving • the Project Disk service for individual research groups • Nic.funet.fi ftp archive since 1990 • the origin of Linux • over 4M files • performance record 800Mbps sustained on Fedora6 release day (Oct 23 2006)

  4. road to ePostal services @CSC (2/2) • Funet e-mail support and coordination • expert services • spam filtering support • mail delivery backup for customers (renounced Dec 2006) • Haka authentication federation • operator role • deployment support for service builders • CSC SC applications: the web-based Scientist’s interface • P2P study in co-operation with YLE (2006) • insight to usefullness of P2P

  5. current delivery procedures • customer problem: how to deliver a 4.7GB data disk containing sensitive data to colleague? • possible solutions: • travel • courier: Fedex and others • conventional posting • Skype it • feed it to P2P network • setup a small home/office ftp/web server • e-mail

  6. obstacles on the road of the user • CO2 emissions and ecological footprint • Skype/P2P jeopardizes security and confidence • data could be encrypted • how to erase a file from the P2P network? • organizational security policies and practices • networks are not open anymore • e2e principle is broken: wide use of NAT etc. • new servers have to be registered – even small ftp servers ;-) • conventions in the e-mail administration • many sites have file size restrictions • focus in spam war nowadays... • reliability and performance • home/office systems are not tuned • network bottlenecks

  7. ePoste Restante and ePort Payé (1/2) • ePoste Restante • an electrical version of a fetch mail office • authenticated user uploads a file to the server • the non-authenticated friend of the user downloads the file • ePort Payé • reminds of free postage envelopes, carriage paid • the authenticated user generates an electrical voucher • the voucher is delivered to his non-authenticated friend • the friend uploads a file to the server • the user downloads the file

  8. ePoste Restante and ePort Payé (2/2) • common features • web-based • no adminstration intervention is needed during normal operation • file is automagically deleted after a fixed period of time (days) • the amount of downloads is limited (half a dozen) • ordinary e-mail is used for delivering short notices and downloading information • optional use of https

  9. connection to AAI - Haka • authentication • no CSC supercomputing user environment account is required as users are autheticated in their home organizations • saves time and effort in adminstration procedures! • easy for users • AUP has to be accepted anyway - electrically • authorization • political decision: in the first phase e.g. all the researches of the Funet organizations joined to Haka may be accepted as users • check the contence of the schacHomeOrganizationType –attribute provided by IdP, e.g. • schacHomeOrganization=uta.fi • schacHomeOrganizationType=PREFIX:fi:university • metadata • useful user data could be got automatically, e.g. the real user name, e-mail address, organization information • minimizes the user typing efforts • further development: AAI enabled shared data areas for research groups

  10. deployment scenarios • simple extension to the popular e-mail • send less attachments • one may even doesn’t want to keep them anyway... • data intensive research – up to middle class volumes • computational data • digitized material: documents, scripts, maps,... • digital material: images,... • measurement data

  11. caveats by the path • data security: integrity • users should (always) encrypt their sensitive data in transfers • the current user customs overlook (at least) integrity • easy end user encrypting solution is needed – a mouse click • we may need a password/passphrase exchange/clearing house service  • misuse • every system can be misused • banned in AUP • usage is logged • some checking needed in regularly - TOP10 user lists etc. • a new tunnel for viruses • users can transfer executables – advisory needed • the problem already exists • Who do you trust? Trust us!

  12. current development status • work for new services in the Funet user SIG during 2006-2007 • revealed two separate and independent implementations in the universities: Turku and Oulu • testing and piloting in Nic.funet.fi during summer 2007 • Haka/shibboleth support • feature selection and supplement • decisions: autumn 2007 • (possible) production - late 2007

  13. advantages to the user community • person-to-person file transfer is enabled easily for end users • self-service • simple trust model: sender-receiver • CSC doesn’t have to be trusted  • non-interactive operation • support for even larger files sizes

  14. Questions and comments, please!