Using Jazz  |  Getting Started  |  About the LCRC  |  Presentations  |  Status  |  FAQ  |  Search   |   Main Page  

Jazz Data Confidentiality

The Jazz Cluster network is an open research network. We cannot guarantee complete security for any data that resides on Jazz. It is up to the users to provide the security that they need and to understand that Jazz and its networks are open to many users and cannot be protected at a partitioned level.

The basic level of protection that can be provided is unix file level permissions and it is left to the users to do the correct thing with the permissions. For example, the default permissions are group and world readable. Users should change the directories which will hold sensitive data to remove the world readable/writable/executable bits and if they won't need to share data with another user, remove the group as well. If a users needs a group for their project, please send email to support@lcrc.anl.gov and provide a group name (that name must be 8 alpha chars or less) and a list of the usernames of desired members. Users should also ensure that their umasks are set to the proper setting so that newly created files and directories are protected as desired. The default setting is group and world readable, which a user wishing to protect their data from being read by others should not be using. If a user needs help determining the proper umask and setting it up as their default, they should send email to support@lcrc.anl.gov and someone will help them set up their environment as necessary.

It is up to the user to determine whether they need to encrypt their files while they are on disk. Jazz does not have the facilities to provide encrypted filesystems. That means the data has to be encrypted in the user's program before it is written out to disk or the user may choose to run an encryption program over the final files. If the user chooses to wait to run the encryption program over the completed files, they should understand that the data in the files will be vulnerable until that time. If a users wishes to encrypt the data and needs help with this, they should send email to support@lcrc.anl.gov.

Warning: Jazz administrators with root privledges can view all data on the system unless it is encrypted. It is only viewable on certain highly restricted machines and generally speaking, administrators only look at user data when requested to or if there is a suspected problem/security issue. However, it is the responsiblity of the user to encrypt the data if they wish to prevent the admins from viewing it.

Help Security/Privacy Notice Disclaimer