Dave Dykstra
YOU?
Author Swipe
View article: Fermilab's Transition to Token Authentication
Fermilab's Transition to Token Authentication Open
Fermilab is the first High Energy Physics institution to transition from X.509 user certificates to authentication tokens in production systems. All the experiments that Fermilab hosts are now using JSON Web Token (JWT) access tokens in th…
View article: Fermilab's Transition to Token Authentication
Fermilab's Transition to Token Authentication Open
Fermilab is the first High Energy Physics institution to transition from X.509 user certificates to authentication tokens in production systems. All the experiments that Fermilab hosts are now using JSON Web Token (JWT) access tokens in th…
View article: WLCG transition from X.509 to Tokens: Progress and Outlook
WLCG transition from X.509 to Tokens: Progress and Outlook Open
Since 2017, the Worldwide LHC Computing Grid (WLCG) has been working towards enabling token-based authentication and authorization throughout its entire middleware stack. Taking guidance from the WLCG Token Transition Timeline, published i…
View article: CMS Token Transition
CMS Token Transition Open
Within the LHC community, a momentous transition has been occurring in authorization. For nearly 20 years, services within the Worldwide LHC Computing Grid (WLCG) have been authorized based on mapping an identity, derived from an X.509 cre…
View article: Fermilab’s Transition to Token Authentication
Fermilab’s Transition to Token Authentication Open
Fermilab is the first High Energy Physics institution to transition from X.509 user certificates to authentication tokens in production systems. All the experiments that Fermilab hosts are now using JSON Web Token (JWT) access tokens in th…
View article: A Managed Tokens Service for Securely Keeping and Distributing Grid Tokens
A Managed Tokens Service for Securely Keeping and Distributing Grid Tokens Open
Fermilab is transitioning authentication and authorization for grid operations to using bearer tokens based on the WLCG Common JWT (JSON Web Token) Profile. One of the functionalities that Fermilab experimenters rely on is the ability to a…
View article: WLCG Transition from X.509 to Tokens. Status, Plans, and Timeline
WLCG Transition from X.509 to Tokens. Status, Plans, and Timeline Open
Since 2017, the Worldwide LHC Computing Grid (WLCG) has been working towards enabling token-based authentication and authorization throughout its entire middleware stack. Following the initial publication of the WLCG Token Schema v1.0 in 2…
View article: Apptainer Without Setuid
Apptainer Without Setuid Open
Apptainer (formerly known as Singularity) since its beginning implemented many of its container features with the assistance of a setuidroot program. It still supports that mode, but as of version 1.1.0 it no longer uses setuid by default.…
View article: Apptainer Without Setuid
Apptainer Without Setuid Open
Apptainer (formerly known as Singularity) since its beginning implemented many of its container features with the assistance of a setuid-root program. It still supports that mode, but as of version 1.1.0 it no longer uses setuid by default…
View article: The FabrIc for Frontier Experiments Project at Fermilab: Computing for Experiments
The FabrIc for Frontier Experiments Project at Fermilab: Computing for Experiments Open
The FabrIc for Frontier Experiments (FIFE) project is a major initiative within the Fermilab Scientific Computing Division designed to steer the computing model for non-LHC experiments at Fermilab. The FIFE project enables close collaborat…
View article: Advances in Grid Computing for the FabrIc for Frontier Experiments Project at Fermialb
Advances in Grid Computing for the FabrIc for Frontier Experiments Project at Fermialb Open
The FabrIc for Frontier Experiments (FIFE) project is a major initiative within the Fermilab Scientic Computing Division charged with leading the computing model for Fermilab experiments. Work within the FIFE project creates close collabor…
View article: HEP Software Foundation Community White Paper Working Group – Conditions Data
HEP Software Foundation Community White Paper Working Group – Conditions Data Open
To produce the best physics results, high energy physics experiments require access to calibration and other non-event data during event data processing. These conditions data are typically stored in databases that provide versioning funct…
View article: Secure Command Line Solution for Token-based Authentication
Secure Command Line Solution for Token-based Authentication Open
The WLCG is modernizing its security infrastructure, replacing X.509 client authentication with the newer industry standard of JSON Web Tokens (JWTs) obtained through the Open ID Connect (OIDC) protocol. There is a wide variety of software…
View article: WLCG Token Usage and Discovery
WLCG Token Usage and Discovery Open
Since 2017, the Worldwide LHC Computing Grid (WLCG) has been working towards enabling token based authentication and authorisation throughout its entire middleware stack. Following the publication of the WLCG Common JSON Web Token (JWT) Sc…
View article: WLCG Web Proxy Auto Discovery for Dynamically Created Web Proxies
WLCG Web Proxy Auto Discovery for Dynamically Created Web Proxies Open
The WLCG Web Proxy Auto Discovery (WPAD) service provides a convenient mechanism for jobs running anywhere on the WLCG to dynamically discover web proxy cache servers that are nearby. The web proxy caches are general purpose for a number o…
View article: A fully unprivileged CernVM-FS
A fully unprivileged CernVM-FS Open
The CernVM File System provides the software and container distribution backbone for most High Energy and Nuclear Physics experiments. It is implemented as a file system in user-space (Fuse) module, which permits its execution without any …
View article: Web Proxy Auto Discovery for Dynamically Created Web Proxies
Web Proxy Auto Discovery for Dynamically Created Web Proxies Open
The WLCG Web Proxy Auto Discovery (WPAD) service provides a convenient mechanism for jobs running anywhere on the WLCG to dynamically discover web proxy cache servers that are nearby. The web proxy caches are general purpose for a number o…
View article: Distributing User Code with the CernVM FileSystem
Distributing User Code with the CernVM FileSystem Open
The CernVM FileSystem (CVMFS) is widely used in High Throughput Computing to efficiently distributed experiment code. However, the standard CVMFS publishing tools are designed for a small group of people from each experiment to maintain co…
View article: Distributing User Code with the CernVM FileSystem
Distributing User Code with the CernVM FileSystem Open
The CernVM FileSystem (CVMFS) is widely used in High Throughput Computing to efficiently distributed experiment code. However, the standard CVMFS publishing tools are designed for a small group of people from each experiment to maintain co…
View article: Advances and enhancements in the FabrIc for Frontier Experiments project at Fermilab
Advances and enhancements in the FabrIc for Frontier Experiments project at Fermilab Open
\nThe FabrIc for Frontier Experiments (FIFE) project within the Fermilab Scientific Computing Division is charged with integrating offline computing components into a common computing stack for the non-LHC Fermilab experiments, supporting …
View article: A roadmap for HEP software and computing R&D for the 2020s
A roadmap for HEP software and computing R&D for the 2020s Open
View article: HEP Software Foundation Community White Paper Working Group -- Conditions Data
HEP Software Foundation Community White Paper Working Group -- Conditions Data Open
To produce the best physics results, high energy physics experiments require access to calibration and other non-event data during event data processing. These conditions data are typically stored in databases that provide versioning funct…
View article: arXiv : HEP Software Foundation Community White Paper Working Group – Conditions Data
arXiv : HEP Software Foundation Community White Paper Working Group – Conditions Data Open
To produce the best physics results, high energy physics experiments require access to calibration and other non-event data during event data processing. These conditions data are typically stored in databases that provide versioning funct…
View article: The Open High Throughput Computing Content Delivery Network
The Open High Throughput Computing Content Delivery Network Open
LHC experiments make extensive use of web proxy caches, especially for software distribution via the CernVM File System and for conditions data via the Frontier Distributed Database Caching system. Since many jobs read the same data, cache…
View article: Advances and enhancements in the FabrIc for Frontier Experiments project at Fermilab
Advances and enhancements in the FabrIc for Frontier Experiments project at Fermilab Open
The FabrIc for Frontier Experiments (FIFE) project within the Fermilab Scientific Computing Division is charged with integrating offline computing components into a common computing stack for the non-LHC Fermilab experiments, supporting ex…
View article: Understanding the evolution of conditions data access through Frontier for the ATLAS Experiment
Understanding the evolution of conditions data access through Frontier for the ATLAS Experiment Open
The ATLAS Distributed Computing system uses the Frontier system to access the Conditions, Trigger, and Geometry database data stored in the Oracle Offline Database at CERN by means of the HTTP protocol. All ATLAS computing sites use Squid …
View article: A Conditions Data Management System for HEP Experiments
A Conditions Data Management System for HEP Experiments Open
Conditions data infrastructure for both ATLAS and CMS have to deal with the management of several Terabytes of data. Distributed computing access to this data requires particular care and attention to manage request-rates of up to several …
View article: Web Proxy Auto Discovery for the WLCG
Web Proxy Auto Discovery for the WLCG Open
All four of the LHC experiments depend on web proxies (that is, squids) at each grid site to support software distribution by the CernVM FileSystem (CVMFS). CMS and ATLAS also use web proxies for conditions data distributed through the Fro…
View article: Experience in using commercial clouds in CMS
Experience in using commercial clouds in CMS Open
Historically high energy physics computing has been performed on large purpose-built computing systems. In the beginning there were single site computing facilities, which evolved into the Worldwide LHC Computing Grid (WLCG) used today. Th…