REVIEW-15: SDIACT-220 Incremental GenesisII fixes and enhancements - Design/Security Review

Overview

General design and security risk review for an incremental Genesis II release to be operated and supported by UVa for XSEDE uses as SaaS.

Review Summary

Concern raised by JP regarding confirmation of plan to continue using NCSA resources khan and kirk: resolved by contacting NCSA and determining that those machines actually would not be available and adjusting design to plan to use VM resources at IU instead.
Concern raised by Victor and echoed by JP about optionality of testing by SD&I and Ops, at least for GFFS client: resolved by adding a client-side test plan as deliverable for SD&I and Ops.
Concern raised by JP about specifics of target hosts for migration: resolved by adding host details for new primary container hosts.

Review Output Documents (Final)

https://software.xsede.org/svn/sdi/activities/sdiact-220/trunk/Plans/sdiact220-design.docx
https://software.xsede.org/svn/sdi/activities/sdiact-220/trunk/Plans/GFFS_Security_Practices_and_Designs.docx

Review Input Documents

https://software.xsede.org/svn/sdi/activities/sdiact-220/trunk/Plans/sdiact220-design.docx
https://software.xsede.org/svn/sdi/activities/sdiact-220/trunk/Plans/GFFS_Security_Practices_and_Designs.docx

Review Criteria

  1. Are the services operated in a secure way and are the procedures appropriate to deal with planned and unplanned outages and unplanned incidents?
  2. Are XSEDE credentials processed and used in a secure fashion as they flow from clients to UVa operated WS-STS services and back to XSEDE security services?

Schedule

Current Date: 2023-09-26
Current Status: Closed (Design and Security Review)
Target Date Actual Date Activity Milestone
  2016-02-23 Review launch date
2016-02-05 Written feedback due (Reviewers)
2016-02-19 2016-03-03 Written response date (Review Material Developers)
2016-02-26 2016-03-03 Final approval due and completion date (Reviewers)
Review Created: 2016-01-21 3:09 pm
Review Last Updated: 2016-04-15 12:00 pm

 

Reviewers

If you are a reviewer, please login to sign or withdraw from this review.

Required

  • Victor Hazlewood
    SIGNED: 2016-02-12 10:29

Optional

  • Jim Basney
    SIGNED: 2016-01-22 16:59
  • Jim Marsteller
  • John-Paul Navarro
    SIGNED: 2016-02-12 11:52
  • Gary Rogers
  • Tabitha Samuel
  • Adam Slagell
  • Shava Smallen
  • Patrick Storm
    SIGNED: 2016-02-24 13:59

Review Material Developers

Chris Koeritz

Review Facilitator

John-Paul Navarro

 

Please post your comments using the "New topic" or "Post reply" buttons in the forum below.


National Science Foundation (NSF)

© ACCESS All Rights Reserved.

ACCESS is an advanced computing and data resource supported by the National Science Foundation and made possible through these lead institutions and their partners:
Carnegie Mellon University, University of Colorado Boulder, University of Illinois at Urbana-Champaign, and State University of New York at Buffalo .


Administrative Login