23
Rights Management for Rights Management for Shared Collections Shared Collections Storage Resource Broker Storage Resource Broker Reagan W. Moore Reagan W. Moore [email protected] http://www.sdsc.edu/srb http://www.sdsc.edu/srb

Rights Management for Shared Collections

Embed Size (px)

DESCRIPTION

Rights Management for Shared Collections. Storage Resource Broker. Reagan W. Moore [email protected] http://www.sdsc.edu/srb. Abstract. National and international collaborations create shared collections that span multiple administrative domains. Shared collection are built using: - PowerPoint PPT Presentation

Citation preview

Page 1: Rights Management for Shared Collections

Rights Management for Rights Management for Shared CollectionsShared Collections

Storage Resource BrokerStorage Resource Broker

Reagan W. MooreReagan W. Moore

[email protected]

http://www.sdsc.edu/srbhttp://www.sdsc.edu/srb

Page 2: Rights Management for Shared Collections

AbstractAbstract

• National and international collaborations create shared collections that span multiple administrative domains.

• Shared collection are built using:• Data virtualization, the management of collection

properties independently of the storage system. • Trust virtualization, the ability to assert authenticity and

authorization independently of the underlying storage resources.

• What rights management are implied in trust virtualization?

• How are data integrity challenges met?• How do you implement a “Deep Archive”?

Page 3: Rights Management for Shared Collections

State of the Art TechnologyState of the Art Technology

• Grid - workflow virtualization• Manage execution of jobs (processes)

independently of compute servers

• Data grid - data virtualization• Manage properties of a shared collection

independently of storage systems

• Semantic grid - information virtualization• Reason across inferred attributes derived from

multiple collections.

Page 4: Rights Management for Shared Collections

Shared CollectionsShared Collections

• Purpose of SRB data grid is to enable the creation of a shared collection between two or more institutions• Register digital entity into the shared collection• Assign owner, access controls• Assign descriptive, provenance metadata• Manage audit trails, versions, replicas, backups• Manage location mapping, containers, checksums• Manage verification, synchronization• Manage federation with other shared collections• Manage interactions with storage systems• Manage interactions with APIs

Page 5: Rights Management for Shared Collections

Trust VirtualizationTrust Virtualization

• Collection owns the data that is registered into the data grid• Data grid is a set of servers, installed at each

storage repository• Servers are installed under a SRB ID created

for the shared collection• All accesses to the data stored under the SRB

ID are through the data grid• Authentication and authorization are controlled

by the data grid, independently of the remote storage system

Page 6: Rights Management for Shared Collections

Rights ManagementRights Management

• Shared collection approach• Manage authentication of all users who will have

privileges beyond that of public “read”• Map users to groups• Provide access controls on users and groups

• Virtual Organization Management approach (VOM)• Authenticate users, and provide certificate asserting

membership in a group• Manage access controls on groups• Provide rules for access based on membership in a

group

Page 7: Rights Management for Shared Collections

Authentication / AuthorizationAuthentication / Authorization

• Collection owned data• At each remote storage system, an account ID is

created under which the data grid stores files

• User authenticates to the data grid• Data grid checks access controls• Data grid server authenticates to a remote

data grid server• Remote data grid server authenticates to the

remote storage repository• SRB servers return the data to the client

Page 8: Rights Management for Shared Collections

Authentication MechanismsAuthentication Mechanisms

• Grid Security Infrastructure• PKI certificates

• Challenge-response mechanism• No passwords sent over network

• Ticket• Valid for specified time period or number of

accesses

• Generic Security Service API• Authentication of server to remote storage

Page 9: Rights Management for Shared Collections

Trust ImplementationTrust Implementation

• For authentication to work across multiple administrative domains• Require collection-managed names for users

• For authorization to work across multiple administrative domains• Require collection-managed names for files

• Result is that access controls remain invariant. They do not change as data is moved to different storage systems under shared collection control

Page 10: Rights Management for Shared Collections

Network DevicesNetwork Devices

• Access to data must handle security requirements of network devices• Firewalls - typically requires access be

initiated from within a firewall• Network routers - location of data may change

based on load leveling • Private virtual network - location of data not

known explicitly known

• Handled by creating network transport protocols to meet requirements of each network device

Page 11: Rights Management for Shared Collections

SRBserver1

SRB agent

SRBserver2

Parallel mode Data Transfer – Server InitiatedParallel mode Data Transfer – Server Initiated

MCAT

Sput -m

SRB agent

1

2

3

4

5

6

srbObjPut+ socket addr , port and cookie

1.Logical-to-Physical mapping2. Identification of Replicas3.Access & Audit Control

Peer-to-peer

Request

Connect to client

Data transfer

R

Server behind firewallServer behind firewall

Page 12: Rights Management for Shared Collections

SRBserver1

SRB agent

SRBserver2

Parallel mode Data Transfer – Client InitiatedParallel mode Data Transfer – Client Initiated

MCAT

Sput -M

SRB agent

1

4

2

3

6

7srbObjPut

1.Logical-to-Physical mapping2. Identification of Replicas3.Access & Audit Control

Return socket addr.,

port and cookie

Connect to server

Data transfer

R

5

5

Client behind firewallClient behind firewall

Page 13: Rights Management for Shared Collections

HIPAA Patient ConfidentialityHIPAA Patient Confidentiality

• Access controls on data• Access controls on metadata• Access controls on storage systems• Audit trails• End-to-end encryption (manage keys)• Localization of data to specific storage

• Access controls do not change when data is moved to another storage system under data grid control

Page 14: Rights Management for Shared Collections

Logical Name SpacesLogical Name Spaces

Storage Repository

• Storage location

• User name

• File name

• File context (creation date,…)

• Access constraints

Data Access Methods (C library, Unix, Web Browser)

Data access directly between

application and storage

repository using names

required by the local

repository

Page 15: Rights Management for Shared Collections

Logical Name SpacesLogical Name Spaces

Storage Repository

• Storage location

• User name

• File name

• File context (creation date,…)

• Access constraints

Data Grid

• Logical resource name space

• Logical user name space

• Logical file name space

• Logical context (metadata)

• Control/consistency constraints

Data Collection

Data Access Methods (C library, Unix, Web Browser)

Data is organized as a shared collection

Page 16: Rights Management for Shared Collections

Logical Resource NamesLogical Resource Names

• Logical resource name represents multiple physical resources

• Writing to a logical resource name can result in:• Replication - write completes when each physical

resource has a copy• Load leveling - write completes when the next physical

resource in the list has a copy• Fault tolerance - write completes when “k” of “n”

resources have a copy• Single copy - write is done to first disk at same IP

address, then disk anywhere, then tape

Page 17: Rights Management for Shared Collections

Federation Between Data GridsFederation Between Data Grids

Data Grid

• Logical resource name space

• Logical user name space

• Logical file name space

• Logical context (metadata)

• Control/consistency constraints

Data Collection B

Data Access Methods (Web Browser, DSpace, OAI-PMH)

Data Grid

• Logical resource name space

• Logical user name space

• Logical file name space

• Logical context (metadata)

• Control/consistency constraints

Data Collection A

Access controls and consistency constraints on cross registration of digital entities

Page 18: Rights Management for Shared Collections

Authentication across ZonesAuthentication across Zones

• Follow Shibboleth model

• A user is assigned a “home” zone• User identity is

Home-zone:Domain:User-ID

• All authentications are done by the “home” zone

Page 19: Rights Management for Shared Collections

User AuthenticationUser Authentication

Z1:D1:U1Z1:D1:U1

Z2Z2 Z1Z1

ConnectConnect

Challenge/ResponseChallenge/Response

Validation of Validation of

Challenge ResponseChallenge Response

Page 20: Rights Management for Shared Collections

User AuthenticationUser Authentication

Z1:D1:U1Z1:D1:U1

Z2Z2

Z1Z1

ConnectConnect

Challenge/ResponseChallenge/Response

Validation of Validation of

Challenge ResponseChallenge Response

Z3Z3ForwardForward

Page 21: Rights Management for Shared Collections

Deep ArchiveDeep Archive

Z2Z2 Z1Z1Z3Z3

Z2:D2:U2Z2:D2:U2

RegisterRegister

Z3:D3:U3Z3:D3:U3

RegisterRegister

PullPull PullPull

FirewallFirewall

Server initiated I/OServer initiated I/O

DeepDeep

ArchiveArchive

StagingStaging

ZoneZone

Remote ZoneRemote Zone

No access byNo access by

Remote zonesRemote zones

PVNPVN

Page 22: Rights Management for Shared Collections

NARA Persistent ArchiveNARA Persistent Archive

NARA U Md SDSC

MCAT MCAT MCAT

Original data at NARA, data replicated to U Md

Replicated copyat U Md for improvedaccess, load balancingand disaster recovery

Deep archive atSDSC, no user access, datapulled from NARA

Demonstrate preservation environment • Authenticity• Integrity• Management of technology evolution• Mitigation of risk of data loss

• Replication of data• Federation of catalogs

• Management of preservation metadata• Scalability

• Types of data collections• Size of data collections

Federation of Three Independent Data Grids

Page 23: Rights Management for Shared Collections

For more Information on For more Information on

Storage Resource Broker Data GridStorage Resource Broker Data Grid

Reagan W. MooreReagan W. Moore

[email protected]

http://www.sdsc.edu/srb/http://www.sdsc.edu/srb/