cybersecurity for science
TRANSCRIPT
I love Cyberinfrastructure…
November 18th, 2014Cybersecurity for Science: SC14
HPC HTC
ScienceGateways
Big Data
DistributedEverything
Bleeding-edgeNetworks
I Hate the Perception of Cybersecurity…
November 18th, 2014Cybersecurity for Science: SC14
HPC HTC
ScienceGateways
Big Data
DistributedEverything
InternationalUser
Communities
Cybersecurity is an Enabler of Cyberinfrastructure and Science
November 18th, 2014Cybersecurity for Science: SC14
Trustworthy Science
Maintaining the trust of scientists and the public in the CI, data and science is critical.
Bias: Scientists have been managing the ultimate insider threat for a long time.
Cybersecurity deals with increasing threats to trustworthy computational science.
November 18th, 2014Cybersecurity for Science: SC14
Do no harm
CI represents some impressive cyber-
facilities.
Being used as a tool to do harm to others would be potentially very damaging
to CI’s reputation.
November 18th, 2014Cybersecurity for Science: SC14
Identity matters to Science…
Scott Koranda/LIGO - Oct’11
November 18th, 2014Cybersecurity for Science: SC14
Specific Concerns
Many science domains, communities, and projects will have
particular concerns.
The risks related to confidentiality, integrity, and
availability vary greatly.
November 18th, 2014Cybersecurity for Science: SC14
November 18th, 2014Cybersecurity for Science: SC14
Science / CyberinfrastructureScience / Cyberinfrastructure
Scientific CommunityScientific Community
Multiple Universities
and/or Research
Orgs
Multiple Universities
and/or Research
Orgs
Regional R&E and
Commercial Services
Regional R&E and
Commercial Services
Open Source and Scientific Software
Open Source and Scientific Software
R&E Networks
R&E Networks …Services,
Risks, Policies,
Requirements, Risks
Science pushes IT hard!
November 18th, 2014Cybersecurity for Science: SC14
HPC HTC
ScienceGateways
Big Data
DistributedEverything
Bleeding-edgeNetworks
Cybersecurity Historically
Firewalls, IDS, encryption, logs, passwords, etc.
November 18th, 2014Cybersecurity for Science: SC14
Contemporary Cybersecurity
Cybersecurity supports the
science mission by managing
risks to science.
November 18th, 2014Cybersecurity for Science: SC14
TrustedCI.org:Center for Trustworthy Scientific Cyberinfrastructure
Providing leadership and addressing cybersecurity challenges for the NSF community.
November 18th, 2014Cybersecurity for Science: SC14
We rely increasingly on our software stacks – both
the ones we write and others.
Open nature leads to large attack surfaces.
Software integrity is critical.
A joint effort: Morgridge Institute for
Research (lead)University of Illinois Urbana Champaign
University of Wisconsin – Madison
Indiana University
November 18th, 2014Cybersecurity for Science: SC14
Miron Livny, MIR
Jim Basney, UIUC
Bart Miller, UW
Von Welch, IU
https://continuousassurance.org/
XSIM: Extreme Scale Identity Management for Science
The Virtual Organization (VO) is critical to science.
XSIM model enables delegation of identity management from resource provider to VO.
Funded by DOE/ASCR
November 18th, 2014Cybersecurity for Science: SC14
Image credit: Ian Bird/CERN
Fighting “Identity Management in a closet”
Managing access to data, instruments, etc.
Authenticating collaborators/community is hard.
Effort drawn away from science.
Enabling use of campus identities.
November 18th, 2014Cybersecurity for Science: SC14
Cybersecurity is an enabler
Science and cyberinfrastructure are pushing IT to new heights.
Cybersecurity helps us manage the risks, maintain trust, build collaborations, and do the science most effectively.
November 18th, 2014Cybersecurity for Science: SC14
Thank you.
Von Welch
cacr.iu.edu
November 18th, 2014Cybersecurity for Science: SC14