260 likes | 361 Vues
Grid Infrastructures for the Electronics Domain: Requirements and Early Prototypes from an EPSRC Pilot Project. R. Sinnott 1 , A. Asenov 2 , A. Brown 2 , C. Millar 1,2 , G. Roy 2 , S. Roy 2 , G. Stewart 1 1 National e-Science Centre, University of Glasgow
E N D
Grid Infrastructures for the Electronics Domain: Requirements and Early Prototypes from an EPSRC Pilot Project R. Sinnott1, A. Asenov2, A. Brown2, C. Millar1,2, G. Roy2, S. Roy2, G. Stewart1 1National e-Science Centre, University of Glasgow 2Department of Electronics and Electrical Engineering, University of Glasgow r.sinnott@nesc.gla.ac.uk
The Challenge Toshiba 04 Device diversification 90nm: HP, LOP, LSTP 45nm: UTB SOI 32nm: Double gate
The simulation Paradigm now A 22 nm MOSFET In production 2008 A 4.2 nm MOSFET In production 2023 Statistical variability
Vout2 [V] Vout1 [V] Statistical variability
Delivering new results Simple concept Integrated Hierarchical Statistical Design Complex data and workflows Data and Compute Intensive Security Sensitive
Workflow Mgt Framework Data Mgt Framework Workflow Definition Domain Knowledge Capture/Pres. Robust Enactment Data Access/Linkage/Integration Dependency Mgt Data Transformation Job submission/mgt Replication/Movement Computational Steering Metadata/Provenance Visualisation Services Storage/Curation Services Resource Mgt Framework Advanced Security Framework Accounting Components Trust Federation Information Services Identity Management Resource Broking Service Security attributes definition Meta-scheduling Services Policy Decision/Enforcement Points Reservation/Allocation Services Attribute Request/Release Policies NanoCMOS EEE-Infrastructure Components Optimised nanoCMOS Grid Infrastructure
? 4. Home site authenticates user and pushes attributes totheservice provider 3.User selects their home institution 2. Shibboleth redirects userto W.A.Y.F. service LDAP LDAP 1. User points browser at Grid resource/portal Shibboleth Scenario uid AuthZ Identity Provider Service provider Shib Frontend AuthN Only send nanoCMOS attrs to nanoCMOS partners? Home Institution 6. Make final AuthZ decision Only see/use what allowed to? Federation Grid Application Only accept nanoCMOS partners? 5. Pass authentication info and attributestoauthZ function W.A.Y.F. User Grid Portal
OMII SPAM-GP project: Scoped Attribute Management Portlet (SCAMP)
? 4. Home site authenticates user and pushes attributes totheservice provider 3.User selects their home institution 2. Shibboleth redirects userto W.A.Y.F. service LDAP LDAP 1. User points browser at Grid resource/portal Basic Federated Shibboleth Scenario AuthZ Identity Provider Service provider Shib Frontend AuthN Home Institution 6. Make final AuthZ decision Federation Grid Application 5. Pass authentication info and attributestoauthZ function W.A.Y.F. User Grid Portal
Glasgow SoA using Glasgow DIS to issue Edin. roles Edinburgh SoA using Glasgow DIS to issue Edin. roles ACs created for Edin. roles • DyVOSE - Dynamic Privilege Management Infrastructure Glasgow Edinburgh LDAP LDAP Glasgow Education VO policies Edinburgh Education VO policies PERMIS based Authorisation checks/decisions Nucleotide + Protein Sequence DB Grid BLAST Service Grid BLAST Data Service data input Implemented by Students Protein/nucleotide data returned based on student team role Grid-data Client
AuthZ 4. Home site authenticates user and pushes attributes totheservice provider 3.User selects their home institution 2. Shibboleth redirects userto W.A.Y.F. service LDAP LDAP VO wide authZ 1. User points browser at Grid resource/portal Other Shibboleth Scenario Identity Provider Service provider VOMS AuthN Home Institution 6. Make final AuthZ decision Federation Grid Application 5. Pass authentication info and attributestoauthZ function W.A.Y.F. User Grid Portal
The Future…? Scaling system up to support much larger simulations and support real science and generate IEEE Transactions papers in Electronics Managing larger data sets capturing / annotating / storing / securely sharing … data across experiments Security hardening Finer grained security on resources like NGS Trust! Visualisation & Steering OMII-RAVE Keep feeding requirements into OMII-UK what works what doesn’t work and needs fixing Security aware workflows