Cybersecurity for Science


Published on

Keynote talk at ARCC Worlshop, Clemson. March 18th, 2015.

Published in: Science
1 Like
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Cybersecurity for Science

  1. 1. Cybersecurity for Science! Von Welch! Indiana University! Director, CACR ! PI and Director, CTSC! Advancing Research Computing on Campuses: Best Practices Workshop! Keynote" March 18th, 2015"
  2. 2. Center for Trustworthy Scientific Cyberinfrastructure"! ! Increase the NSF community’s understanding of cybersecurity for science, and advance its implementation.! ! ! Three-year project funded by NSF ACI.! !
  3. 3. Cybersecurity Historically!   Firewalls, IDS, encryption, logs, passwords, etc.! ! Not a language that inspires the science community" (or many others).!
  4. 4. Contemporary Cybersecurity!   Cybersecurity supports the organization’s mission by managing risks to science.!     For science projects, mission = science!    
  5. 5. Trustworthy Science!   Integrity of data and computation are critical to maintaining the trust of scientists and the public in CI.! ! Scientists have been managing the ultimate insider threat, Bias, for a long time.!
  6. 6. Do No Harm!   CI represents some impressive cyber- facilities.! ! Being used as a tool to harm others would be very damaging to one’s reputation.!    
  7. 7. Collaboration:" " Trust is key!
  8. 8. Identity Matters to Science…! Scott  Koranda/LIGO  -­‐  Oct’11  
  9. 9. Specific Concerns! Many science domains, communities, and projects have particular concerns.! ! The risks related to confidentiality, integrity, and availability vary greatly, and go by their own nomenclature.!
  10. 10. Cyberinfrastructure! Scientific Community" Multiple Universities and/or Research Orgs" Regional R&E and Commercial Services" Open Source and Scientific Software" R&E Networks," IRNCs," Science DMZs" …Services, Risks, Policies" Requirements, Risks"
  11. 11. Cyberinfrastructure   PCs/Mobile   HPC   HTC   HPSS   Instruments   Science   Data   Servers   Portals   Commodity          Unique   Satellite  Links   HPN   Science  DMZ  Cloud   Data   Subjects  
  12. 12. Putting  it  all   together…  
  13. 13. Cybersecurity for Science:" A Hybrid Approach! Foundation of baseline security practices.   Risk management tailored to science risks, CI and desired maturity levels.   All with sufficient guidance and examples so projects can implement without undo distraction from their science mission.! Risk Management For Science
  14. 14. So,  what  are   we  doing   about   the  weather?  
  15. 15. CTSC Activities! Engagements! LIGO, SciGAP, IceCube, Pegasus, CC-NIE peer reviews, DKIST, LTERNO, DataONE, SEAD, CyberGIS, HUBzero, Globus, LSST, OOI, NEON." Education and Training! Guide to Developing Cybersecurity Programs for NSF Science and Engineering Projects, Securing Commodity IT in Scientific CI Projects, Baseline Controls and Best Practices, Training for CI professionals." Leadership! Organized 2013, 2014 & 2015 Cybersecurity Summits for Large Facilities and CI, vulnerability awareness, Cybersecurity for Large Facilities Manual."
  16. 16. Match Making! We  match   projects  to   exisDng   cybersecurity   resources  and   technologies.  
  17. 17. Peer Reviews! CTSC-­‐coordinated  pair  of   CC-­‐NIE  awardees  in   2014,  another  pair   planned  for  2015.       Process  would  allow  for   scalability  to  more   projects  than  any  center   could  engage.   Image  credit:  Kevin  Thompson/NSF      
  18. 18. Cybersecurity Program Guide! Baseline  pracDces  and  risk  management,   tailored  for  science  projects  with  guidance   and  templates.  
  19. 19. Please Join Us!! ! 2015 NSF Cybersecurity Summit for ! Large Facilities and Cyberinfrastructure.! ! August 17-19, 2015. Arlington, VA! ! ! Details and CFP coming soon at!    
  21. 21. Cyber- security Research Personal Health Information State of Affairs today…!
  22. 22. Campus Cybersecurity for Science?!   Some  CoTS  campus  cybersecurity  services  can  be   useful  to  projects  –  e.g.  web  app  scanning.     Understanding  the  language  and  risks  of  science   takes  Dme  –  can  we  get  security  offices  that  Dme?     Support  science  with  federated  IdM  –  release   aUributes  to  Research  &  Scholarship  (R&S).      
  23. 23. In conclusion…! Cybersecurity  for  science  is  about  managing  risks   for  science  -­‐  it  takes  listening  and  translaDon.     CTSC  is  leading  the  NSF  community  in  increasing   its  understanding  of  cybersecurity  for  science,   and  advancing  its  implementaDon.  Let’s  figure   out  how  we  can  work  together.                                                                @trustedci