HPC Cloud SecurityHigh Performance Computing (HPC) Cloud Security |
Today, the increasing complexity of different types of workloads has resulted in the diversity of infrastructure architectures to serve them. The use of cloud to process HPC workloads is an illustration of this trend. For example, Microsoft’s Azure Batch leverages on the scale and flexibility of the cloud for big compute, and SAP HANA which AWS has a special HPC instance created for it. Google Cloud has also ventured into HPC with its massively multi-core instance to provide a powerful and flexible infrastructure. However, amongst all the demonstrated efficacies that cloud has brought about, researchers face certain challenges running HPC in a cloud computing environment. One of the most prominent issue involve the architectural requirements that support most HPC workloads. Due to the high-performance requirements of these workloads, ‘close to metal’ operations are often demanded, stretching the processor’s core physical computing resource to its utmost capabilities. The apprehension lies in that running on a virtualized hypervisor may cause performance to suffer. Also, due to the nature of high-performance requirements, high-speed interconnect is an element encompassed by HPC for fast communication. Storage is also a factor that influences high-speed communications requirements. HPC applications used by researchers frequently handle a colossal volume of data which are pulled from consistent storage. For lower-latency access, data are often divided between multiple storage instances, further straining on I/O environments. These technical concerns for HPC are further complicated by the complex and ever-evolving threat landscape. As we increasingly see cases of pure HPC bare metal infrastructure interacting with the cloud such as I/O interfaces and processes, it brings along more ‘opportunities’ for malicious attacks. While this should be considered and integrated into security policies and guidelines, performance face the peril of being compromised as precious resources are carved out for security protocols and processes. ‘Vanilla’ cloud environments were typically not made to handle environments like this. The crossing of cloud and HPC environments often leads us to questions of how security in an HPC cloud environment can be implemented, enforced and ensured without the need to compromise performance. This Working Group strives to provide recommendations that can answer these questions. |
Scope |
|
Goals |
The objectives of the HPC Cloud Security will include:
|