Successfully reported this slideshow.

Introduction to Globus (GlobusWorld Tour West)



Loading in …3
1 of 13
1 of 13

More Related Content

Introduction to Globus (GlobusWorld Tour West)

  1. 1. Globus – Beyond File Transfer A Globus introduction and more Greg Nawrocki September 15, 2021
  2. 2. 2 Globus delivers… Fast and reliable data transfer, sharing, and platform services… …directly from your own storage systems… ...via software-as-a-service using existing identities with the overarching goal of...
  3. 3. 3 Research Computing HPC Desktop Workstations Mass Storage Instruments Personal Resources Public Cloud National Resources Unifying access to data across tiers
  4. 4. Globus SaaS / PaaS: Research data lifecycle Researcher initiates transfer request; or requested automatically by script, science gateway 1 Instrument Compute Facility Globus transfers files reliably, securely 2 Globus controls access to shared files on existing storage; no need to move files to cloud storage! 4 Researcher selects files to share, selects user or group, and sets access permissions 3 Collaborator logs in to Globus and accesses shared files; no local account required; download via Globus 5 Streamlining research workflows and ensuring those that need access to the data have it. 8 Personal Computer Transfer Share • Use a Web browser or platform services • Access any storage • Use an existing identity Build The Globus Command Line Interface, API sets, Python SDK and Action Providers give you a platform… 6 … for building science gateways, portals and automations. 7 Search Automate
  5. 5. Globus core security features • Access Control – Identities provided and managed by institution – Globus is identity broker; no access to/storage of user credentials – Fine grained access control • Data remain at institutions, not stored by Globus • Data does not flow through the Globus Service but directly between Endpoints and their Collections • Integrity checks of transferred data • High availability and redundancy • Encryption of user files and Globus control data
  6. 6. Hybrid SaaS – Transfer – Mapped Collections
  7. 7. Hybrid SaaS – Sharing – Guest Collections
  8. 8. Endpoints, Collections and Globus Connect • Globus Connect Server – Multi user Linux Systems – • Globus Connect Personal – Personal Workstations and Laptops – – OS specific instructions o
  9. 9. Demo time! Authentication Transfer Sharing Transfer Details The Activity Monitor Groups Roles HTTPS Downloads Globus Connect Personal
  10. 10. Manage Protected Data 10 Higher assurance levels for HIPAA and other regulated data • Support for protected data such as health related information • Share data with collaborators while meeting compliance requirements • Includes BAA option
  11. 11. Globus for high assurance data management • Restricted data handling – PII (Personally identifiable information) – CUI (Controlled Unclassified Information) – PHI (Protected Health Information) • University of Chicago security controls – NIST SP 800-53 – Superset of NIST SP 800-171 • Business Associate Agreements (BAA) will be between University of Chicago and our subscribers – University of Chicago has a BAA with Amazon
  12. 12. High Assurance features • Additional authentication assurance – Per storage gateway policy on frequency of authentication with specific identity for access to data (timeout) – Ensure that user authenticates with the specific identity that gives them access within session (decoupling linked identities) • Session/device isolation – Authentication context is per application, per session (~browser session) • Enforces encryption of all user data in transit • Audit logging
  13. 13. Support resources • Globus documentation: • YouTube channel: • Helpdesk and issue escalation: • Mailing Lists – • Customer engagement team – GlobusWorld Tours – Office Hours