Solving IT Security Problems with iRODS at NOAA's National Climatic Data Center

The NOAA DFC Interoperability initiative aims to deposit climate data records securely by utilizing iRODS data grids. The integration of iRODS systems between OOI and NCDC simplifies data ingestion, provided security requirements are met. The setup includes iRODS Secure Ingest in the DMZ landing zone, NCDC Cloud Pilot for cloud data management, and more. Security, authentication, and data management are key aspects of the iRODS implementation at NCDC.

• IT security
• iRODS
• NOAA
• data management
• climate data

svensson_d Follow

Uploaded on Sep 30, 2024 | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. Download presentation by click this link. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

Presentation Transcript

1. Solving IT Security Problems with iRODS Alan Hall NOAA s National Climatic Data Center September 30, 2024

2. NOAA DFC Interoperability Ocean Observatory Initiative is tasked with depositing climate data records in NOAA archive OOI has installed an iRODS data grid NOAA National Climatic Data Center has installed an iRODS data grid Federation of the two systems will simplify ingestion of climate data records Provided security requirements can be met DFC April 2013 NSF Review 5-5 1

3. iRODS Secure Ingest DMZ Landing Zone: Open for data delivery NCDC Internal Network ftp ftp1 ftp2 ftp3 Tape ingest1 DMZ Firewall HDSS ftp4 ftp5 ingest2 Disk Cache FTP Load Balance FTP PUSH/PULL NCDC External Firewall Anonymous FTP is: Not Secure Not a management tool (clean-up) Limited in scope to one-to-one relationship Pushes data into the NCDC archive FTP/FTPS iRODS External Providers DFC April 2013 NSF Review 5-4 2

4. iRODS Secure Ingest NCDC Internal Network DMZ Landing Zone: Open for data delivery ftp iRODS NCDC Grid iRODS DMZ ftp1 ftp2 Grid ftp3 Tape ingest1 /NCDC /Ingest DMZ Firewall HDSS /NR2 /NR3 ftp4 /DMZ /Archive /NR2 /NR3 /Archive ftp5 ingest2 /NR2 /NR3 Disk Cache FTP Load Balance FTP PUSH/PULL NCDC External Firewall iRODS is: Secure authentication Security via Obscurity (one to bind them) Uses a pull mechanism to move data into NCDC grid A virtual management tool (clean-up) Scope is entire grid FTP/FTPS iRODS External Providers DFC April 2013 NSF Review 5-4 3

5. NCDC Cloud Pilot NCDC Internal Network DMZ Landing Zone: Open for data delivery ftp iRODS NCDC Grid iRODS DMZ ftp1 ftp2 Grid ftp3 Tape ingest1 /NCDC /Ingest DMZ Firewall HDSS /NR2 /NR3 /DMZ /AWS-s3 /NR2 /Archive ftp4 ftp5 /Archive ingest2 /NR2 /NR3 Disk Cache /NR2 /NR3 FTP Load Balance FTP PUSH/PULL NCDC External Firewall Cloud made easy: Easy set up with iRODS Connection to cloud is from the DMZ (Secure) Can synchronize from either DMZ or NCDC Grids End to End Data Management FTP/ FTPS iRODS External Providers AWS S3 Initial copy to cloud resource Re-sync to cloud resource for failures Copy to Amazon Web Services (AWS) S3 DFC April 2013 NSF Review 5-4 4

6. National Science Foundation Cooperative Agreement: OCI-0940841