Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Introduction to Globus (GlobusWorld Tour - UMich)


Published on

Presented at the GlobusWorld Tour workshop at the University of Michigan, on July 22, 2019.

Published in: Data & Analytics
  • My personal experience with research paper writing services was highly positive. I sent a request to ⇒ ⇐ and found a writer within a few minutes. Because I had to move house and I literally didn’t have any time to sit on a computer for many hours every evening. Thankfully, the writer I chose followed my instructions to the letter. I know we can all write essays ourselves. For those in the same situation I was in, I recommend ⇒ ⇐.
    Are you sure you want to  Yes  No
    Your message goes here
  • Be the first to like this

Introduction to Globus (GlobusWorld Tour - UMich)

  1. 1. Introduction to Globus Brigitte Raumann University of Michigan July 22, 2019
  2. 2. GlobusWorld Tour Agenda Introduction to Globus (Monday) 13:15—13:30 registration 13:30—14:45 Introduction to Globus for New Users 14:45—15:00 beverage break 15:00—16:30 Introduction to Globus for System Administrators Developer workshop (Tuesday) 8:45—9:00 registration 9:00—10:30 Introduction to the Globus Platform 10:30—10:45 beverage break 10:45—11:30 Building Research Data Portals 11:30—12:15 Automating flows with the Globus CLI 12:15—13:30 lunch break 13:30—14:30 Working with instrument data 14:30—15:00 Automate – The Globus Vision 15:00—15:15 beverage break 15:15—16:00 Globus Integrations 16:00 Open discussion/hack session
  3. 3. Research data management today How do they... ...move? ...share? ...reproduce? Researchers manage data using a variety of – Locations – Storage platforms – Identities – Networks – IT expertise levels
  4. 4. Mission Globus lowers barriers to collaborative science and discovery by delivering easy, reliable, and secure research data movement, sharing, and synchronization.
  5. 5. 5 Research Computing HPC Desktop Workstations Mass Storage Instruments Personal Resources Public Cloud National Resources “I need to easily, securely, & reliably move or replicate my data between systems.”
  6. 6. …makes your storage system a Globus endpoint
  7. 7. IBM Spectrum Scale Current Planned Storage Connectors - In Progress
  8. 8. Globus Connect Personal • Installers do not require admin access • Zero configuration; auto updating • Handles NATs
  9. 9. Analysis store Next-Gen Sequencer MRI Advanced Light Source Personal system Remote visualization High-durability, low-cost store Light Sheet Microscope “I need to get data from a scientific instrument to my analysis system.” Cryo-EM
  10. 10. Instrument Data Distribution with Globus Facilities • Sequencing • Cryo-EM • Synchrotron radiation Automation • Back-up • Deletion • Sharing
  11. 11. Use(r)-appropriate interfaces 11 GET /endpoint/go%23ep1 PUT /endpoint/vas#my_endpt 200 OK X-Transfer-API-Version: 0.10 Content-Type: application/json … Globus service Web CLI Rest API
  12. 12. Public / private cloud stores External campus storage EC2 Project repositories, replication stores Public repositories “I need to easily and securely share my data with my colleagues at other institutions.”
  13. 13. The RUNX1 International Sequencing Consortium (RISC) Protected Hematologic Cancer Research Network
  14. 14. How Globus works Researcher initiates transfer request; or requested automatically by script, science gateway 1 Instrument Compute Facility Globus transfers files reliably, securely 2 Globus controls access to shared files on existing storage; no need to move files to cloud storage! 4 Researcher selects files to share, selects user or group, and sets access permissions 3 Collaborator logs in to Globus and accesses shared files; no local account required; download via Globus 5 Automating research workflows and ensuring those that need access to the data have it. 8 Personal Computer Transfer Share • Use a Web browser or platform services • Access any storage • Use an existing identity Build The Globus Command Line Interface, API sets, and Python SDK provide a platform… 6 … for building science gateways, portals and publication services. 7
  15. 15. Hybrid SaaS
  16. 16. Sharing User managed ”overlay” permissions stored on Globus service
  17. 17. Demo Identities • Linking • Consents Transfer • Activity monitor • Transfer options • File option Sharing • Groups Bookmarks HTTPS Collection creation Roles Console • Linking • Consents
  18. 18. Globus sustainability model • Free Tier • Standard Subscription – Shared endpoints – HTTPS support – Management console – Usage reporting – Priority support • Branded Web Site • Premium Storage Connectors • Alternate Identity Provider • High Assurance 19
  19. 19. Thank you to our subscribers…
  20. 20. …and to our sponsors. U.S. DEPARTMENT OF ENERGY
  21. 21. Support resources • Globus documentation: • Helpdesk and issue escalation: • Mailing Lists – • Customer engagement team • Globus professional services team – Assist with portal/gateway/app architecture and design – Develop custom applications that leverage the Globus platform – Advise on customized deployment and integration scenarios
  22. 22. • Access Control – Identities provided and managed by institution – Acts as identity broker only, does not access or store any institutional user credentials – Institution controls all access policies (at multiple levels) o who can access what data and with what permissions o who can share what data and with what permissions o all access policies can be changed or revoked at any time – Researchers can overlay sharing permissions • Data remain at institution, not hosted by Globus • Automated integrity checks of transferred data • High service availability • Monitoring • Encryption (all communications, optional data in transit) Globus security and compliance features
  23. 23. High Assurance features for PHI, CUI • Additional authentication assurance – Reauthentication after specified time period – Authenticates with the specific identity within session • Isolation of applications – Authentication context is per application, per session • Enforced encryption of data in transit • Local audit logging
  24. 24. Secure operations • Intrusion detection and prevention • Encryption • Logging • Secure remote access, access control • Uniform configuration management and change control • AWS best practices for securing operating environment: VPCs, security groups, IAM best practices • Comply with HIPAA, NIST SP800-171, NIST SP800-53
  25. 25. Globus on your Campus • Webinars • Programs – Helping you evangelize Globus within your institution. • Professional Services • Globus World Tour – Taking the show on the road. 26