[slurm-users] work with sensitive data
Hermann Schwärzler
hermann.schwaerzler at uibk.ac.at
Wed Dec 15 09:29:19 UTC 2021
Hi Michał,
hi everyone,
we are having similar issues looming at the horizon (sensitive medical
and human genetic data). :-)
We are currently looking into telling our users to use EncFS
(https://en.wikipedia.org/wiki/EncFS) for this. As it is a filesystem in
user-space unprivileged users can use it freely and as there are
implementations available for Windows and OSX as well they have the
possibility to transfer data in its encrypted form to and from the cluster.
We do not have a "turn-key" solution, yet.
One of the open problems is a way to provide the password for mounting
the encrypted directory inside a slurm-job. But this should be solvable.
Regards,
Hermann
On 12/14/21 9:22 PM, Michał Kadlof wrote:
> Hi,
>
> some of my users work with "sensitive data". Currently we use standard
> unix groups with ACLs to limit access but I wonder if there is any way
> to keep data encrypted (for example with gpg) and decrypt them "on the
> fly" in Slurm job and then encrypt the results again after the job is
> finished.
>
> We store users homes on lustre shared filesystem if it matter...
>
> Are there any recommendations, guides or "best practices" how to keep
> such data safe?
>
More information about the slurm-users
mailing list