Peisert starts with the question of whether there is any difference between high-performance computing and the traditional computational environment in terms of security. Apparently, there are no profound differences, aside from speed and volume, because the majority of high-performance computing environments use the well-known and traditional technology stack, for example Unix operating systems. However, some of them use very specific hardware and software components.
The author defines four categories as subjects to analyze for differences in the security of high-performance computing: (1) the goal of optimization, (2) distinctive modes of operation, (3) specificity of software stacks, and (4) the regularity of operation scheduling.
The author analyzes the dichotomy between the aims of high-performance computing and the requirements for higher security. Stakeholders are reluctant to add any overhead in the computational process required by security. For that reason, several techniques that work well in a traditional computing environment cannot be used: for example, deep-packet inspecting. However, the Science DMZ (demilitarized zone) is a good solution that is raised as an example. The author proposes that the specificity of high-performance computing should be exploited to influence the adoption of security mechanisms. For example, high-performance computing typically carries out mathematical calculations. Although diverse, the behavior patterns of users and programs are similar. This fact provides the opportunity to use machine learning and pattern recognition techniques to detect anomalies. In the future, it is anticipated that the techniques and mode of operation for high-performance computing will change; nevertheless, security technologies will offer new solutions to control potential problems.
The article is interesting as it systematically overviews the distinctive features of high-performance computing, especially security aspects, highlighting the differences in problem solutions and varying attitudes of stakeholders in opposition to traditional solutions. It is worth reading for security experts and computational professionals involved in processing high volumes of data.