Organizational and Security Aspects

By Lisa Vaas  |  Posted 2005-10-05 Print this article Print

of Grid Computing"> Another issue to watch out for is the social engineering aspects of grid. Gentzsch said hes witnessed situations where theres no real preliminary agreement on how to share the resources that get strung together in the grid.
One day youve got your own resources that you can touch and control, and then the next day youve got to share them with heathens from other departments. Or worse, they move away to a place where you cant see or touch them anymore.
How do you handle that? Get policies up front that everybody can agree on, he said. For example, when he was working with a grid that combined resources from the Army, Air Force and Navy research labs, department chiefs met every Monday afternoon and agreed on how to use resources over the coming week. Then of course theres always security. As Gentzsch said, weve got more and better encryption and other types of security than ever, but theres still a concern from users that resources, data and applications arent secure enough. Especially in a regulated environment, when youre talking about patient data and patient records and about combining that with life science data or genome research, thats a highly sensitive area. Beyond HIPAA (Health Insurance Portability and Accountability Act) issues, legal issues arise in countries such as Poland and France, where companies arent allowed to share financial data with anyone from outside the country. What are the implications for grid in such a situation? Nobody at the panel even knew. Bremmer, for his part, is looking at different types of grids to address the security and privacy issues. The institute has its own firewall, as does the hospital with which its associated, and work is ongoing to figure out how to bridge the two. That doesnt have to do with technology, however, as much as it does with figuring out who can access what. "Thats a real issue, and its why, when youre [breaking down information silos], start with small types of projects," he said. "Its important when you have the backing of IT that they can look at it, they can see how its operating in this environment, and they can see that its not causing security leaks. Theyre more comfortable, and theyll help you fight these battles." Another thing to keep in mind is that theres flexibility in how grid is architected. You can put information in areas that you would have secured anyway, even without grid. If data is sensitive, you keep it behind firewalls, and you identify which machines have access to it. If its that type of application, it might stay inside a firewall, or it may stay on a prescribed set of machines. Beyond that, as Gentzsch pointed out, there are different applications that fit different grids. "Grid can exist on peoples laptops for very specific types of things," he said. "Dont use proprietary or private data for only pre-research data. For more stuff that needs privacy, you build a very secure node in your grid for which special people are authenticated and authorized. "There are these nodes today. Theres a very secure operating systems, like Trusted Solaris, where you can define different levels of security with different access keys for specific people. You put your data into one of those containers, and the whole thing is very safe." Of course, it always boils down to this: Start small. Define business performance issues and workload issues. Figure out which problem area to target. Profile workload patterns to establish cause and effect of pain points. Then, set up a prototype, and figure out how youll measure success. Is it a lot of work? Oh, yes. The dogs bark, but the caravan moves on. Check out eWEEK.coms for the latest database news, reviews and analysis.

Lisa Vaas is News Editor/Operations for and also serves as editor of the Database topic center. Since 1995, she has also been a Webcast news show anchorperson and a reporter covering the IT industry. She has focused on customer relationship management technology, IT salaries and careers, effects of the H1-B visa on the technology workforce, wireless technology, security, and, most recently, databases and the technologies that touch upon them. Her articles have appeared in eWEEK's print edition, on, and in the startup IT magazine PC Connection. Prior to becoming a journalist, Vaas experienced an array of eye-opening careers, including driving a cab in Boston, photographing cranky babies in shopping malls, selling cameras, typography and computer training. She stopped a hair short of finishing an M.A. in English at the University of Massachusetts in Boston. She earned a B.S. in Communications from Emerson College. She runs two open-mic reading series in Boston and currently keeps bees in her home in Mashpee, Mass.

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel