National lab looks to commercialize HPC security tool
- By Susan Miller
Lawrence Livermore National Laboratory is looking for a partner to help further develop and commercialize its method for securely processing protected data in high-performance computing clusters.
With the growing demand for big data analysis and improvements in hardware, researchers have been running large-scale simulations in HPC and cloud environments. The lab saw the need for a way to secure data in high-performance computing centers and in cloud environments so that it could meet regulatory and privacy requirements.
Traditional HPC systems run their simulation and analysis tasks across hundreds or thousands of compute nodes that work together. Many users' jobs can run simultaneously, and the user need not be present when the job is launched on the cluster. Basic cybersecurity, on the other hand, requires user authentication, access control, encryption of data at rest and in transit, audits of sensitive data and secure management of encryption keys and logs.
Traditional encryption tools protect the data directly, which makes the information unavailable to the user. If the user wants to work with the data, it cannot be encrypted. Today's approaches to encryption in HPC clusters require significant changes to the operational environment, and only partially solve the problem.
Researchers at LLNL figured out how to process protected data on HPC systems with a minimal impact on the existing environment. The solution can be managed locally, scales to very large data sets and is compatible with unencrypted processing, meaning both encrypted and unencrypted jobs can run on the cluster simultaneously. It also protects against leaks between information domains and can work across organizational boundaries with compatible systems.
Because the system can be used to protect HPC storage, transport and processing of sensitive data, the lab expects it will be useful across a wide range of industries. The solution could even be used by "mutually distrustful parties" collaborating on specific tasks, LLNL officials said, because it allows the users to perform a specific software process without revealing either party's input data.
LLNL said it has filed for patent protection and has a copyright on the prototype code. More information is available here.