General design and security risk review of a new and permanent central logging and transfer performance analysis service
Concern 1: Detail was requested on specific fields to be stored in the database and on the REST API referenced in the document. (JP Navarro, Jim Basney)
- Resolution: List of fields from the log file has been added to the design document, and the REST API component of the design has been removed.
Concern 2: Questions were raised about the security implications of remote access to the database and other processing/data submission issues. (Jim Basney, Dave Carver)
- Resolution: Subsequent design modifications at the request of SPs have eliminated the need for remote SQL access, as log files are now copied directly to the central database location and processed centrally. Further clarification of SPs responsibility for scrubbing logs, if desired, was added to the design document. The desirability of a consistent policy for collecting and dissemination service usage information was expressed in the design review but is outside the scope of this activity.
Concern 3: Questions about specific performance analysis and other intended usages of the collected data. (JP Navarro, Dave Carver)
- Resolution: The design document was slightly altered to make it clearer that the primary usage of the database is to generate metrics and reporting information for NSF and internal usage, and to clarify the listed example(s) of potential performance analysis activities.
Review Output Documents (Final)
Review Input Documents
Criteria 1: Is the proposed data transfer information/logging that will be collected appropriate and complete to achieve the desired goals?
Criteria 2: Is the central data transfer information/logging repository design appropriate for the types of analysis and reporting that XSEDE needs?
Criteria 3: Are the security mechanisms appropriate for information in transit, stored in the central repository, and when accessed by information consumers?
ScheduleCurrent Date: 2019-08-22
Current Status: Closed (Design and Security Review)
|Target Date||Actual Date||Activity Milestone|
|2015-12-14||Review launch date|
|2015-12-31||2016-01-25||Written feedback due (Reviewers)|
|2016-01-15||2016-02-16||Written response date (Review Material Developers)|
|2016-01-18||2016-02-16||Final approval due and completion date (Reviewers)|
Review Last Updated: 2016-02-16 3:44 pm
If you are a reviewer, please login to sign or withdraw from this review.
- Jim Basney
SIGNED: 2016-01-29 15:38
- John-Paul Navarro
SIGNED: 2016-02-04 17:33
- Rajkumar Kettimuthu
- Lee Liming
SIGNED: 2016-02-04 13:25
- Gary Rogers
- Shava Smallen
SIGNED: 2016-02-08 11:44
Review Material Developers