Upload
bridie
View
17
Download
0
Tags:
Embed Size (px)
DESCRIPTION
BE/CO Day – 22.June. 2010. Computing infrastructure for accelerator controls and security-related aspects. - PowerPoint PPT Presentation
Citation preview
Computing infrastructure for accelerator controls and security-related aspects
BE/CO Day – 22.June.2010
The first part of this talk gives an overview of the computing infrastructure dedicated to the accelerator controls: consoles, files and application servers, and explains how it is supervised and how high availability is achieved.The second part explains the security-related aspects, such as the management of user passwords and groups, the separation of general purpose and technical (accelerator) networks, and the role-based access control system protecting accelerator devices.
BE/CO Day - Pierre Charrue 2
Outline
Operator Console in the CCC File and Application servers in the CCR
Users management
General and Technical Network Security
Role Based Access Control
22 June 2010
BE/CO Day - Pierre Charrue 3
Outline
Operator Console in the CCC File and Application servers in the CCR
Users management
General and Technical Network Security
Role Based Access Control
22 June 2010
BE/CO Day - Pierre Charrue 4
The CCC and CCR
22 June 2010
22 June 2010 BE/CO Day - Pierre Charrue 5
Inside CCC
General Purpose Fixed Display
Operator Consoles
22 June 2010 BE/CO Day - Pierre Charrue 6
A typical Operator ConsoleScreens with tunable distance and tilt
Acoustic panel used as back door
Task lightingTable height 72cm, American Oak look
PCs hidden buteasily accessible
BE/CO Day - Pierre Charrue 7
CCR principles
High Availability infrastructure The servers (and the services offered) should never stop
The CCR has a double power distribution coming from 2 different sources, with 15’ (resp. 60’) UPS
Each server has Redundant power supply Redundant system disks and user disks (RAID-1) Hot swappable power supply, RAID disks and fans units Automatic ECC RAM checks and isolation of faulty memory blocks
The CCR is very closely monitored Tº by the Operators in the CCC System monitoring with SMS and mails to the experts
Extremely good results : The CCR servers hardly stop when there is a general CERN power outage!
22 June 2010
BE/CO Day - Pierre Charrue 8
Inside the CCR
22 June 2010
BE/CO Day - Pierre Charrue 9
Inside the CCR
22 June 2010
BE/CO Day - Pierre Charrue 10
Outline
Operator Console in the CCC File and Application servers in the CCR
Users management
General and Technical Network Security
Role Based Access Control
22 June 2010
BE/CO Day - Pierre Charrue 11
User Management
CERN has a global user management and creates an account for every people working at CERN.
BE/CO manages the users that are allowed to access the Controls Infrastructure NFS filespace, passwd and groups system files Today this is based on a manual process
We are in the process of implementing and deploying a more secure and automatic management of our potential users Including SSH authorisations, limiting global accounts to specific
areas, automatic removal of accounts not valid anymore, …
22 June 2010
BE/CO Day - Pierre Charrue 12
Outline
Operator Console in the CCC File and Application servers in the CCR
Users management
General and Technical Network Security
Role Based Access Control
22 June 2010
Operator in the CCC
Specialist access from home
Access from the office inside CERN
Office development PC
Trusted Application Gateways
Home or remote PC
CERN FirewallConnection to
Internet
INTERNET
CERN Public Gateways(LXPLUS, CERNTS)
3 typical Use Cases
22 June 2010
BE/CO Day - Pierre Charrue 1422 June 2010
GeneralPurposeNetwork
TechnicalNetwork
TrustedHosts List
ExposedHosts List
Network Security
CERN security policy for Controls (CNIC initiative) defined and implemented the following :
9 January 2006 : closure of the GPN <-> TN connection No communication allowed to cross the bridge
except▪ from TRUSTED hosts on the GPN▪ to EXPOSED hosts on the TN
Connection to the TN requires formal authorization
MAC address authentication
BE/CO Day - Pierre Charrue 15
Outline
Operator Console in the CCC File and Application servers in the CCR
Users management
General and Technical Network Security
Role Based Access Control
22 June 2010
BE/CO Day - Pierre Charrue22 June 2010 16
What is RBAC
RBAC stands for Role Based Access Control RBAC is an infrastructure to prevent:
A well meaning person from doing the wrong thing at the wrong time.
An ignorant person from doing anything, at anytime. It is a suite of software components that provides
AUTHENTICATION (A1) on the client level AUTHORIZATION (A2) on the server level
Depending on WHICH action is made, on WHO is making the call, and from WHERE the call is issued, the access will be granted or denied
This allows for filtering, for control and for traceability of the access to the equipment
BE/CO Day - Pierre Charrue 17
Basic Concepts
Roles: user are assigned to roles Rules: access permission A1 = Authentication : Verifies who you are
with the NICE user name and password A2 = Authorization: Roles have permission to
make specified access
22 June 2010
BE/CO Day - Pierre Charrue 18
RBAC Overview
A1: User requests to be authenticated. RBAC authenticates user via NICE
user name and password RBA returns token to Application
A2: Application sends token to CMW
when connecting. CMW server (on front-end) verifies
token signature once, and uses the credentials for every subsequent request
CMW checks access map for role, location, application, mode
22 June 2010
Application RBAC
RBAC Token:
•Application name
•User name
•IP address/location
•Time of authentication
•Time of expiry
•Roles[ ]
•Digital signature (RBA private key)
CMW client
FESA
CMW server
Access MAP
BE/CO Day - Pierre Charrue 19
RBAC deployed on LHC in 2008
LHC Applications have now this little green/orange button to login to RBAC
22 June 2010
BE/CO Day - Pierre Charrue 20
Summary
The BE/CO/IN section is responsible for many different areas within the Controls infrastructure
In a controls infrastructure….▪ High availability file and application servers▪ Network Controls security▪ User management▪ Role Based access control
…. are essential Do not hesitate to contact us for further
discussions22 June 2010