PIGA-HIPS: Protection of a Shared HPC Cluster
Protecting a shared High Performance Computing cluster is still an open research problem. Existing solutions deal with sand-boxing and Discretionary Access Control for controlling remote connections. Guaranteeing security properties for a shared cluster is complex since users demand an environment at the same time efficient and preventing confidentiality and integrity violations. This paper proposes two different approaches for protecting remote interactive accesses against malicious operations. Those two approaches leverage the SELinux protection. The authors have been successfully implemented using standard MAC from SELinux, and guarantee supplementary security properties thanks to their PIGA HIPS.