Secure HPC: UMG Big Data Workshop
On June 27th, 2023, the Radiology Department at UMG organized a workshop on Big Data, focussing on the complex analysis and processing of medical data. A particular focus was on security and privacy measures. These were exemplified by the Secure HPC framework of KISSKI. The ultimate goal of the workflow within this framework is to establish unassailable data sovereignty for users, in line with KISSKI’s overarching objectives. During the workshop, attendees got an overview of the different steps, as depicted in the following scheme:
The sensitive data along with the container and the batch script are encrypted on the user’s local machine (1). After encrypting, the components can safely be uploaded into the shared file system of the HPC system (2). The job is submitted (3), and the resource manager will allocate the required resources and start the job (4). Next, the authenticity of the user request is verified (5) and the batch script decrypted (6). Using the provided token for the key management system (KMS) the keys are retrieved (7) and used to decrypt the data and container on the isolated, secure node (8).
Despite its complexity, this workflow has been implemented in a way that it can be started via a terminal with a command line, the rest is automated end-to-end.
It was noted during the workshop that the Secure HPC adheres to the ISO 27001 certification, which is also implemented by other NHR centers, and furthermore, it is part of KISSKI. Attendees were commited and posed relevant questions, reflecting their eagerness to implement secure HPC workflows within their own scientific domains.