IAI to Continue Development of a Secure and Lightweight Computing Environment for HPC Systems for the US Department of Energy

High Performance Computing (HPC) centers and resources for large-scale computing applications are designed to provide easy access to users over a worldwide network. The increased accessibility, via remote login to increasing numbers of HPC users and projects, presents a security challenge. A desired solution would securely manage HPC systems and protect stored data that is export-controlled and/or related to national security. To address this need, IAI is developing a Secure and Lightweight Computing Environment (SELECT) software tool to protect HPC systems from tampering and data leakage. The key innovation is integrating both coarse-grained security and fine-grained security with low overhead. This approach provides real-time tampering and data leakage detection, regardless of its source, whether outsider attacks, insider attacks, or even user mis-configurations. SELECT is designed to be a holistic security solution, protecting the most crucial and vulnerable HPC components, including interface programs on the login/services node, user programs that perform computing tasks on computing nodes, and file systems. SELECT is highly portable, and can be executed without modifying the underlying operating system. The design philosophy and capabilities of SELECT can be extended to more general computer systems, such as cloud computing or distributed computing systems.