skip to main content
OSTI.GOV title logo U.S. Department of Energy
Office of Scientific and Technical Information

Title: Secure Enclaves: An Isolation-centric Approach for Creating Secure High Performance Computing Environments

Abstract

High performance computing environments are often used for a wide variety of workloads ranging from simulation, data transformation and analysis, and complex workflows to name just a few. These systems may process data at various security levels but in so doing are often enclaved at the highest security posture. This approach places significant restrictions on the users of the system even when processing data at a lower security level and exposes data at higher levels of confidentiality to a much broader population than otherwise necessary. The traditional approach of isolation, while effective in establishing security enclaves poses significant challenges for the use of shared infrastructure in HPC environments. This report details current state-of-the-art in virtualization, reconfigurable network enclaving via Software Defined Networking (SDN), and storage architectures and bridging techniques for creating secure enclaves in HPC environments.

Authors:
 [1];  [2];  [2];  [2];  [2];  [2];  [1];  [1];  [2];  [2]
  1. Tennessee Technological Univ., Cookeville, TN (United States)
  2. Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States)
Publication Date:
Research Org.:
Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States)
Sponsoring Org.:
USDOE
OSTI Identifier:
1341562
Report Number(s):
ORNL/TM-2016/710
453040358
DOE Contract Number:  
AC05-00OR22725
Resource Type:
Technical Report
Country of Publication:
United States
Language:
English
Subject:
97 MATHEMATICS AND COMPUTING

Citation Formats

Aderholdt, Ferrol, Caldwell, Blake A., Hicks, Susan Elaine, Koch, Scott M., Naughton, III, Thomas J., Pelfrey, Daniel S., Pogge, James R, Scott, Stephen L, Shipman, Galen M., and Sorrillo, Lawrence. Secure Enclaves: An Isolation-centric Approach for Creating Secure High Performance Computing Environments. United States: N. p., 2017. Web. doi:10.2172/1341562.
Aderholdt, Ferrol, Caldwell, Blake A., Hicks, Susan Elaine, Koch, Scott M., Naughton, III, Thomas J., Pelfrey, Daniel S., Pogge, James R, Scott, Stephen L, Shipman, Galen M., & Sorrillo, Lawrence. Secure Enclaves: An Isolation-centric Approach for Creating Secure High Performance Computing Environments. United States. doi:10.2172/1341562.
Aderholdt, Ferrol, Caldwell, Blake A., Hicks, Susan Elaine, Koch, Scott M., Naughton, III, Thomas J., Pelfrey, Daniel S., Pogge, James R, Scott, Stephen L, Shipman, Galen M., and Sorrillo, Lawrence. Sun . "Secure Enclaves: An Isolation-centric Approach for Creating Secure High Performance Computing Environments". United States. doi:10.2172/1341562. https://www.osti.gov/servlets/purl/1341562.
@article{osti_1341562,
title = {Secure Enclaves: An Isolation-centric Approach for Creating Secure High Performance Computing Environments},
author = {Aderholdt, Ferrol and Caldwell, Blake A. and Hicks, Susan Elaine and Koch, Scott M. and Naughton, III, Thomas J. and Pelfrey, Daniel S. and Pogge, James R and Scott, Stephen L and Shipman, Galen M. and Sorrillo, Lawrence},
abstractNote = {High performance computing environments are often used for a wide variety of workloads ranging from simulation, data transformation and analysis, and complex workflows to name just a few. These systems may process data at various security levels but in so doing are often enclaved at the highest security posture. This approach places significant restrictions on the users of the system even when processing data at a lower security level and exposes data at higher levels of confidentiality to a much broader population than otherwise necessary. The traditional approach of isolation, while effective in establishing security enclaves poses significant challenges for the use of shared infrastructure in HPC environments. This report details current state-of-the-art in virtualization, reconfigurable network enclaving via Software Defined Networking (SDN), and storage architectures and bridging techniques for creating secure enclaves in HPC environments.},
doi = {10.2172/1341562},
journal = {},
number = ,
volume = ,
place = {United States},
year = {2017},
month = {1}
}

Technical Report:

Save / Share: