[Beowulf] confidential data on public HPC cluster

[Nifty Tom Mitchell]

On Mon, Mar 01, 2010 at 11:29:49AM -0500, Jonathan Dursi wrote:
> 
> Hi;
> 
> We're a fairly typical academic HPC centre, and we're starting to
> have users talk to us about using our new clusters for projects that
> have various requirements for keeping data confidential. 

"Various requirements" should spell it out for you.
The requirements result in consequences and a price.
Multiple groups may have conflicting requirements
and cannot play together.

If they want timeshare does that desire argue with 
their requirements?

In one senario you can isolate storage and kickstart (clean load) all
the compute hosts between project access.  i.e. It is possible for each group to
have its own "Head Node" with a dedicated NFS resource and allow only one
"Head Node" to be physically connected to cluster at a time.

Requirements should specify staff requirements and more
including physical access. 

The cost of a breach can dwarf the cost of dedicated individual disk 
farms and clusters.    If their requirements cost you then they
need to put skin in the game.

Your best solution might be to turn it back at them and make 
"various requirements" of them that you can live with!  This
might require a legal review as well.


-- 
	T o m  M i t c h e l l 
	Found me a new hat, now what?