[Condor-users] Condor Security

["Baker D.J." <D.J.Baker@xxxxxxxxxxx>]

Hi,
  We have set up a fairy large Windows Condor pool, and now we would
like to introduce some form of security in the pool. At the moment there
is nothing stopping any user on the campus from installing condor on
their machine, joining the pool and submitting jobs into the pool. We
would like to be able to restrict access to the pool, and if possible
only allow access following a request from the user. 

The pool comprises machines from a large number of departments. I've
thought of implementing host based security, however this is complex to
set up due the diverse mix of machines. We hoped to be able to define a
list of machines with write permission -- worker nodes, and submission
machines, however as I say while this is possible it is very complicated
to implement.

Could someone please advise us regarding how best to secure our pool. If
possible we would like to be able to grant user/machine access as per
requests, and restrict access otherwise. How best can we implement such
a schema, please? Any advice would be welcomed.

Thank you -- David Baker.