cybersecurity for science
Post on 03-Aug-2015
137 Views
Preview:
TRANSCRIPT
Cybersecurity for Science!
Von Welch!Indiana University!
Director, CACR !PI and Director, CTSC!
Advancing Research Computing on Campuses: Best Practices Workshop!Keynote"
March 18th, 2015"
Center for Trustworthy Scientific Cyberinfrastructure"
TrustedCI.org!!
Increase the NSF community’s understanding of cybersecurity for science, and advance its implementation.!
!!
Three-year project funded by NSF ACI.!!
Cybersecurity Historically!
Firewalls, IDS,
encryption, logs, passwords, etc.!
!Not a language that inspires the
science community "
(or many others).!
Contemporary Cybersecurity!
Cybersecurity supports the
organization’s mission by
managing risks to science.!
For science projects, mission = science!
Trustworthy Science!
Integrity of data and
computation are critical to maintaining the trust of scientists
and the public in CI.!!
Scientists have been managing the ultimate insider threat, Bias,
for a long time.!
Do No Harm!
CI represents some impressive cyber-
facilities.!!
Being used as a tool to harm others would be
very damaging to one’s reputation.!
Collaboration:""
Trust is key!
Identity Matters to Science…!
Scott Koranda/LIGO -‐ Oct’11
Specific Concerns!
Many science domains, communities, and
projects have particular concerns.!
!The risks related to
confidentiality, integrity, and availability vary
greatly, and go by their own nomenclature.!
Cyberinfrastructure!
Scientific Community"
Multiple Universities
and/or Research
Orgs"
Regional R&E and
Commercial Services"
Open Source and Scientific
Software"
R&E Networks,"
IRNCs,"Science DMZs"
… Services, Risks, Policies"
Requirements, Risks"
Cyberinfrastructure
PCs/Mobile
HPC
HTC
HPSS
Instruments
Science Data
Servers
Portals
Commodity Unique
Satellite Links
HPN
Science DMZ Cloud
Data Subjects
Putting it all together…
Cybersecurity for Science:"A Hybrid Approach!
Foundation of baseline security practices.
Risk management tailored to science risks, CI and desired maturity levels.
All with sufficient guidance and examples so projects can implement without undo distraction from their science mission.!
Risk Management For Science
So, what are we doing about
the weather?
CTSC Activities!
Engagements!LIGO, SciGAP, IceCube, Pegasus, CC-NIE peer reviews, DKIST, LTERNO, DataONE, SEAD, CyberGIS, HUBzero, Globus, LSST, OOI, NEON."
Education and Training!Guide to Developing Cybersecurity Programs for NSF Science and Engineering Projects, Securing Commodity IT in Scientific CI Projects, Baseline Controls and Best Practices, Training for CI professionals."
Leadership!Organized 2013, 2014 & 2015 Cybersecurity Summits for Large Facilities and CI, vulnerability awareness, Cybersecurity for Large Facilities Manual."
Match Making!
We match projects to exisDng
cybersecurity resources and technologies.
Peer Reviews!
CTSC-‐coordinated pair of CC-‐NIE awardees in 2014, another pair planned for 2015. Process would allow for scalability to more projects than any center could engage.
Image credit: Kevin Thompson/NSF
Cybersecurity Program Guide!
Baseline pracDces and risk management, tailored for science projects with guidance and templates.
Please Join Us!!
!2015 NSF Cybersecurity Summit for !
Large Facilities and Cyberinfrastructure.!!
August 17-19, 2015. Arlington, VA!!!
Details and CFP coming soon at trustedci.org!
CAMPUS CYBERSECURITY FOR RESEARCH?!
Cyber- security
Research
Personal Health Information
State of Affairs today…!
Campus Cybersecurity for Science?!
Some CoTS campus cybersecurity services can be useful to projects – e.g. web app scanning. Understanding the language and risks of science takes Dme – can we get security offices that Dme? Support science with federated IdM – release aUributes to Research & Scholarship (R&S).
In conclusion…!
Cybersecurity for science is about managing risks for science -‐ it takes listening and translaDon. CTSC is leading the NSF community in increasing its understanding of cybersecurity for science, and advancing its implementaDon. Let’s figure out how we can work together.
trustedci.org @trustedci
top related