About Run-As Security

The run-as feature provides a means for work executed on 3DOrchestrate Stations to run in the security context of the job submitter. If this feature is not used, work performed on stations is run in the single security context of the user that started the 3DOrchestrate Station program.

The term security context refers to operating-system-level security information about a particular user. For example, the user's identification (username) and the associated permissions to system resources such as files, network resources, etc. When any program is started, the operating system associates the program (process) with the security context of a particular user—usually the user that started it. The process can access only the resources for which the user is authorized. For example, the process would only be able to access files for which the user has appropriate file permissions.

Enabling run-as security prevents jobs from accessing any resource to which the original job submitter does not have valid operating-system-level permissions. In particular, the job cannot access files, including other users' in-progress work on the same station, if the submitter does not have permission to access them. From the point of view of the operating system, the process is run with the job submitter's security context and, therefore, has only that user's resource permissions.

When run-as security is enabled, 3DOrchestrate Stations examine each incoming work item request. The work item contains the job submitter's credentials in encrypted form. The job submitter's credentials are authenticated against the security domain (realm) configured by the system administrator. If the job submitter’s credentials do not authenticate, the work request is rejected. When the job submitter’s credentials are authenticated, a new process is started using those credentials. This secondary process is known as a substation, and it will perform the requested work on behalf of the job.

The substation process performs the work required for the job including any access to system resources (such as files). If the job attempts to access files for which the submitter does not have proper operating system permissions, the file access is denied by the operating system. All temporary files created as part of running the job will be protected. Only the job submitter has read or write access to the work-in-progress files. Thus, different users’ jobs will not be able to access the files of other users on the same station.

In LSF DRM mode, the 3DOrchestrate Distribution Server starts a substation process to run the LSF bsub command.

Note:

The exception to run-as security occurs when the Abaqus simulation solvers or the physics results visualization engine are used for remote execution on a station. In this case, temporary files created on a shared drive are readable by all users even in run-as mode.