IBM HPSS 3.2.5. Duplicate File Pol icy, 3.2.6. Charging Policy, 3.2.7. Security, 3.2.7.1. Cross Realm Acce ss

3.2.5. Duplicate File Pol icy

The policy on duplicating user data files impacts the amount of data stored and the amount of data

moved. If all user files are duplicated, the system will require twice as much tape storage. If users

perform their own duplication of files, the system may consume a smaller amount of storage space.

Users can be given control over duplication of their files by allowing them a choice between

hierarchies which provide duplication and hierarchies which do not.

3.2.6. Charging Policy

HPSS does not charge users for the use of storage system resources. Instead, it collects information

that a site can use to implement a charging policy.

3.2.7. Security

Authentication and authorization between HPSS servers is done through use of either UNIX or

Kerberos security tools for authentication and either UNIX or LDAP for authorizati on services. By

default, servers are authenticated using the Kerberos authentication service, and authorization

information is obtained from the UNIX authorization service. The default protection level passes

authentication tokens on the first remote procedure call to a server. The authentication service,

authorization service, and protection level for each server can be configured to rai se or lower the

security of the system. Two cautions should be noted: (1) raising the protection level to packet

integrity or packet privacy will require additional processing for each RPC, and (2) lowering the

authentication service to none effectively removes the HPSS authentication and authoriza tion

mechanisms. Lowering the authentication service level should only be done in a trusted environment.

Each HPSS server authorizes and enforces access to its interfaces through access control lists stored

in the AUTHZACL table. To modify server state, control access is required. Generally, this is only

given to the Kerberos principal associated with the HPSS system administrative component.

Additional Kerberos principals can be allowed or denied access by settin g permissions appropriately.

See Section 2.1: HPSS Server Security ACLs of the HPSS Management Guide for more information.

Security auditing in each server may be configured to record all, none, or some security events. Some

sites may choose to log every client connection; every bitfile creation, deletion, and open; and every

file management operation. Other sites may choose to log only errors. See the security information

fields in the general server configuration (Section 5.2: Server Configuration of the HPSS

Management Guide) for more details.

User access to HPSS interfaces depends on the interface being used. Access through the native Client

API uses the UNIX or Kerberos authentication services and UNIX or LDAP authorization services

described above. FTP or Parallel FTP access may utilize the HPSS password file, a configurable

password file, or the Kerberos credentials. Additional FTP access is available using Ident, or

Kerberos GSS credentials. Refer to the FTP section of the HPSS User’s Guide for additional details.

3.2.7.1. Cross Realm Acce ss

Kerberos provides facilities for secure communication between multiple Kerberos Realms (domains)

referred to as Trusted “Cross Realm” access. These features use the Kerb eros facilities to provide a

trusted environment between cooperating locations. HPSS uses the Kerberos Cross Realm feature s

for authentication. The procedures for inter-connecting Kerberos Realms are out lined in Section

1.5.3: Cross Realm Cookbook of the HPSS Management Guide. The HPSS Parallel FTP program can

utilize the Kerberos and HPSS Cross Realm access features.

The Generic Security Service (GSS) FTP, available from the Massachusetts Institute of Technology,

and the HPSS Parallel FTP applications can take advantage of the Cross Realm access feat ures for

HPSS Installation Guide July 2008