ezHPC security architecture

High performance computing (HPC) within the Department of Defense (DoD) is vital to the execution of the research and development mission. However, users must access these resources using interfaces that are complicated, specialized, primitive, and opaque. ezHPC was developed to address this complexity. The ezHPC project is interesting in that it abstracts for the user many of the technical details and tools related to HPC within the DoD High Performance Computing Modernization Program (HPCMP) while providing a Web-based application that allows user access to HPC resources. Leveraging open-source, widely available technology, the ezHPC security model addresses the DoD security requirements for authentication, confidentiality, availability, and integrity. This paper discusses an architecture that employs end-to-end encryption, open-source technologies, message authentication codes, and authentication of users via the HPCMP-modified implementation of the Massachusetts Institute Of Technology Kerberos. This architecture provides ezHPC the flexibility to reduce the technology barrier to those unfamiliar with interactive use of HPC systems while providing significant capability to more advanced users. The subsequent abstraction of HPC resources constitutes a security model for any Web-enabled application programming interface.