Since 2018, software developer Trevor Smith has been putting his education and computing skills to good use supporting the Laboratory’s high performance computing (HPC) environment. As part of the Systems Software and Security Group within the Livermore Computing (LC) Division, Smith helps develop, deploy, and manage systems software that enables effective and secure use of computing resources. “I’m a problem solver,” says Smith. “I like tough technical issues and discovering the best solutions I can. LC provides me with challenging and meaningful problems to solve and gives me the chance to support users who are conducting amazing scientific research.”
The Laboratory is home to some of the world’s most advanced computing systems, and Smith’s group has the hard job of managing how users access those resources. He says, “We need to provide secure access to a wide variety of users around the country and the world. Our extensive user base means that not everyone can access our services in the same way.” Part of the challenge for LC developers is devising improved methods for users to both conveniently and securely access the Laboratory’s computing resources.
As an example, RSA SecurID tokens—which perform two-factor authentication for a user to connect to a network resource—are utilized extensively at Lawrence Livermore but not at partner laboratories Los Alamos and Sandia. To eliminate the need to ship tokens to remote users and avoid users having yet another authentication device to manage, the LC team is working on a project called LC OAuth. The authentication mechanism allows remote users at the three laboratories to utilize their existing local hardware to access LC’s web services. Smith says, “Our goal is that LC OAuth and other related changes will provide scientists across DOE with improved access to HPC resources, enabling them to better accomplish the incredible work they do.”
Smith’s passion for computer security harkens back to time he spent in Italy. “I had the great opportunity to live in Italy for two years from 2013 to 2015. “During that time, I had a roommate from Australia who was very interested in computers and cyber security. He recounted stories of various exploits, and I found myself fascinated by the topic,” he says. “I had always enjoyed working with computers and decided shortly after those conversations that I wanted to learn more about how they worked and then how to attack and defend those networks in the digital world. When I returned to college, I switched my major from mathematics to Computer Science with an emphasis in Computer Security and have enjoyed nearly every related topic I’ve encountered since.”
Since earning his degree from Brigham Young University, Smith has applied his technical know-how to various tasks and projects at the Laboratory. “My work varies from day to day,” he says. “The top priority is always to address perceived errors in the systems, for example, if users can’t login or web services are unreachable. I also perform operational tasks such as updating services software and rotating service keys, when needed.” When these action items are complete, Smith focuses on development work needed for special projects like LC OAuth. He states, “I’ve never had two days look exactly alike.”
According to Smith, one of his most significant projects has been the deployment of a new F5 Web Application Firewall. Smith, who is the primary administrator for the F5, says, “Configuring and deploying a new firewall is always a challenge, and it needs to be done carefully and correctly otherwise people who should have access to services won’t have them, and others that shouldn’t have access might gain it.” Smith is also leading development of the new LC Identity Management (IdM) system. “Part of providing access to users is determining and approving who is allowed where,” says Smith. “LC IdM will be clearer and more user friendly for both users and the LC staff who manage all the user accounts.” Together with LC OAuth, these two upgrades will provide more modern, robust, and flexible interfaces for LC users at DOE laboratories.
Over the past year, Smith also served as a mentor to four new team members, helping them become familiar with their roles and responsibilities in the group and grow their skill sets to meet the needs of the division. He started by having weekly meetings to explore each of the systems the team manages. Smith says, “Once we had made it through the overview of each of the systems, we began walking through each one in more depth. Often the topic would be chosen in response to an event that had occurred in the past week. The meetings have given everyone the chance to ask further questions on a topic that couldn’t be addressed while trying to sort out the issue.” Each of the new hires is also involved in ongoing projects, including LC IdM and others that support an improved system logging infrastructure and authentication protocols.
Smith continues to embrace his own growth opportunities as well through collaborations with colleagues. “You need a significant breadth and depth of knowledge to be successful as a member of the team that manages, among many other systems, one of the primary authentication mechanisms of the Laboratory. We always have exciting problems to work through, and I’ve had the good fortune to join the team at a time of change, where I have a lot of input into the designs and implementation of many of the new solutions we are working to deploy.”
For Smith, his efforts at the Laboratory are fulfilling: “The team I work with is amazing. Overall, Livermore Computing has been everything I could have hope for and more. Everyone is extremely knowledgeable about their fields and always willing to help me learn as we all work to further the mission.”
—Caryn Meissner, LLNL