HPC with Enhanced User Separation
Andrew Prout
Albert Reuther
Michael Houle
Peter Michaleas
Hayden Jananthan
Lauren Milechin
Jeremy Kepner

Abstract
HPC systems used for research run a wide variety of software and workflows. This software is often written or modified by users to meet the needs of their research projects, and rarely is built with security in mind. In this paper we explore several of the key techniques that MIT Lincoln Laboratory Supercomputing Center has deployed on its systems to manage the security implications of these workflows by providing enforced separation for processes, filesystem access, network traffic, and accelerators to make every user feel like they are running on a personal HPC.
View on arXivComments on this paper