Second Scientific Software Security Innovation Institute (S3I2) Workshop October 26, 2011 Chicago, IL Randal ButlerVon Welch.

Slides:



Advertisements
Similar presentations
Definitions Innovation Reform Improvement Change.
Advertisements

Welcome to Site Management Amy Thompson. Agenda I.Foundation Introductions Setting the Session Agenda II.Site Management Principles III.Site Management.
Update on OCIs Cybersecurity Activities for CASC September 2011 Kevin Thompson.
Security Education and Awareness Workshop January 15-16, 2004 Baltimore, MD.
CYPRUS UNIVERSITY OF TECHNOLOGY Internal Evaluation Procedures at CUT Quality Assurance Seminar Organised by the Ministry of Education and Culture and.
Regional Concept of Transportation Operations: Portland, Oregon Pilot Project Jon Makler City of Portland & Metro (MPO) Talking Technology & Transportation.
Fit to Learn Using the Employability Skills Framework to improve your performance at College The Employability Skills Framework has been developed by business.
USDA Forest Service Research and Development Tribal Engagement Roadmap Consultation - January 10 to May 11, 2014 [DATE of PRSTN]
Case Studies in Identity Management for Scientific Collaboration 2014 Technology Exchange Jim Basney CILogon This material is.
1 Cyberinfrastructure Framework for 21st Century Science & Engineering (CF21) IRNC Kick-Off Workshop July 13,
How to Write Grants Version 2009.
Dr. Julian Lo Consulting Director ITIL v3 Expert
The Vision, Process, and Requirements for Creating EarthCube Presentation at Second EarthCube WebEx Aug 22, 2011.
Making partnership working effective Robin Douglas 2011.
Viewpoint Consulting – Committed to your success.
Federated Access to US CyberInfrastructure Jim Basney CILogon This material is based upon work supported by the National Science Foundation.
1 CCLI Proposal Writing Strategies Tim Fossum Program Director Division of Undergraduate Education National Science Foundation Vermont.
Be a Part of Something Great! Learning Communities at Wayne State.
Identity and Access Management IAM A Preview. 2 Goal To design and implement an identity and access management (IAM) middleware infrastructure that –
By Saurabh Sardesai October 2014.
Welcome to The Expert Community Forum 19 November 2007.
Lessons Learned for Strong Project Delivery & Reporting Sheelagh O’Reilly, Kristin Olsen IODPARC Independent Assessors for the Scottish Government IDF.
Australia’s Experience in Utilising Performance Information in Budget and Management Processes Mathew Fox Assistant Secretary, Budget Coordination Branch.
Minnesota’s Lighthouse High Schools Connecting Action and Research.
Information Assurance and Higher Education Clifton Poole National Defense University Carl Landwehr National Science Foundation Tiffany Olson Jones Symantec.
Best-Fit Evaluation Strategies: Are They Possible? John Carlo Bertot, John T. Snead, & Charles R. McClure Information Use Management and Policy Institute.
Internal Auditing and Outsourcing
Resiliency Rules: 7 Steps for Critical Infrastructure Protection.
Thomas Hacker Barb Fossum Matthew Lawrence Open Science Grid May 19, 2011.
Von Welch (PI) Susan Sons (HUBzero Engagement Lead) Hubbub September 2014 trustedci.org Cybersecurity for Cyberinfrastructure… and Science!
BCNET Security Policies Jens Haeusser Information Security Officer, UBC and Chair, Security Working Group, BCNET Internet2 Joint Techs Vancouver, BC July.
Overview of NIPP 2013: Partnering for Critical Infrastructure Security and Resilience October 2013 DRAFT.
The issue of scholarship in VET institutions delivering higher education Denise Stevens.
The Important Role of Ward Sisters / Charge Nurses in HSC Trusts Alan Corry Finn Executive Director of Nursing / Director of Primary Care & Older People’s.
Moving Toward Quantitative Evidence-based Science Policy: Science of Science Policy Developmental Efforts In Theory, Evaluation Methods, and Data Infrastructure.
Advancing Computational Science in Academic Institutions Organisers: Dan Katz – University of Chicago Gabrielle Allen – Louisiana State University Rob.
Terri Lewis Darlene Groomes Lou Adams Tom Jones Managing the Transition from WIA: Framing the “O” in WIOA 8 th Summit Conference San Diego, California.
MD Digital Government Summit, June 26, Maryland Project Management Oversight & System Development Life Cycle (SDLC) Robert Krauss MD Digital Government.
Funding your Dreams Cathy Manduca Director, Science Education Resource Center Iowa State University, 2005.
UNNExT Capacity Building Workshop on Single Window Planning and Implementation Module 1 – Introduction to the workshop UNNExT Capacity Building Workshop.
Workforce sustainability in regional and rural networks NGO Regional Quarterly Forums, August/September 2010 round.
National Science Foundation Directorate for Computer & Information Science & Engineering (CISE) Trustworthy Computing and Transition to Practice Secure.
Federated Access to US CyberInfrastructure Jim Basney CILogon This material is based upon work supported by the National Science.
Russ Hobby Program Manager Internet2 Cyberinfrastructure Architect UC Davis.
Towards a Virtual Institute for Research into eGovernment Prof. Zahir Irani & Dr Tony Elliman Information Systems Evaluation and Integration Group School.
FLAGSHIP STRATEGY 1 STUDENT LEARNING. Student Learning: A New Approach Victorian Essential Learning Standards Curriculum Planning Guidelines Principles.
1 Conservation and Development Network A Smithsonian Institution and the World Bank collaborative effort within the Global Tiger Initiative Smithsonian.
EDUCAUSE LIVE EDUCAUSE/Internet2 Computer and Network Security Task Force Update Jack Suess January 21, 2004.
08/05/06 Slide # -1 CCI Workshop Snowmass, CO CCI Roadmap Discussion Jim Bottum and Patrick Dreher Building the Campus Cyberinfrastructure Roadmap Campus.
HPC Centres and Strategies for Advancing Computational Science in Academic Institutions Organisers: Dan Katz – University of Chicago Gabrielle Allen –
Cyberinfrastructure What is it? Russ Hobby Internet2 Joint Techs, 18 July 2007.
Slide 1 Science meets cybersecurity Trustworthy Computational Science Von Welch Director, CACR Indiana University 2015 Campus Cyberinfrastructure PI Workshop.
Materials Innovation Platforms (MIP): A New NSF Mid-scale Instrumentation and User Program to Accelerate The Discovery of New Materials MRSEC Director’s.
Leveraging the InCommon Federation to access the NSF TeraGrid Jim Basney Senior Research Scientist National Center for Supercomputing Applications University.
Climate Services: The Pacific Climate Information System (PaCIS) Approach Eileen L. Shea NOAA IDEA Center 31 st Climate Diagnostics.
Water Plan Update 2013 Wrap-Up Session Pre-work Survey Recap March 26, 2014.
Kathy Corbiere Service Delivery and Performance Commission
Cyberinfrastructure: Many Things to Many People Russ Hobby Program Manager Internet2.
2005 GRIDS Community Workshop1 Learning From Cyberinfrastructure Initiatives Grid Research Integration Development & Support
1 CREATING AND MANAGING CERT. 2 Internet Wonderful and Terrible “The wonderful thing about the Internet is that you’re connected to everyone else. The.
GEO Implementation Boards Considerations and Lessons Learned (Document 8) Max Craglia (EC) Co-chair of the Infrastructure Implementation Board (IIB) On.
Identity Management in Open Science Grid Identity Management in Open Science Grid Challenges, Needs, and Future Directions Mine Altunay, James Basney,
Data Infrastructure Building Blocks (DIBBS) NSF Solicitation Webinar -- March 3, 2016 Amy Walton, Program Director Advanced Cyberinfrastructure.
Financial Services Sector Coordinating Council (FSSCC) 2011 KEY FSSCC INITIATIVES 2011 Key FSSCC Initiatives Project Name: Project Description: All-Hazards.
BUSINESS STRATEGY AND PLAN 2010 Emerging Energy Solutions 1.
TeraGrid’s Process for Meeting User Needs. Jay Boisseau, Texas Advanced Computing Center Dennis Gannon, Indiana University Ralph Roskies, University of.
EIAScreening6(Gajaseni, 2007)1 II. Scoping. EIAScreening6(Gajaseni, 2007)2 Scoping Definition: is a process of interaction between the interested public,
Co-ordination & Harmonisation of Advanced e-Infrastructures for Research and Education Data Sharing Grant.
TSMO Program Plan Development
MODULE 11: Creating a TSMO Program Plan
Presentation transcript:

Second Scientific Software Security Innovation Institute (S3I2) Workshop October 26, 2011 Chicago, IL Randal ButlerVon Welch

Welcome 10/26/11http://security.ncsa.illinois.edu/s3i2/2

Thanks Deanna Spivey for logistics This material is based on work support by the National Science Foundation under grant number Any opinions, findings, and conclusions or recommendations expressed in this materials are those of the author(s) and do not necessarily reflect the views of the National Science Foundation. 10/26/11http://security.ncsa.illinois.edu/s3i2/3

Introductions Introduction of Projects and Representatives 10/26/11http://security.ncsa.illinois.edu/s3i2/4

WORKSHOP GOALS 10/26/11http://security.ncsa.illinois.edu/s3i2/5

Workshop Goals Extend our understanding of needs of MREFC and large NSF Projects. Refine outcome from first workshop with broader community input. Vet concepts for a trusted cyberinfrastructure institute. Extended first workshop report with results. 10/26/11http://security.ncsa.illinois.edu/s3i2/6

Morning Agenda 9:00 Welcome and introductions (Butler, Welch) 9:15 Workshop Goals – why are we here 9:30 Recap of first workshop (Butler) 10:15 Break 10:30 LIGO experiences (Koranda) 11:15 Vision for the Institute and workshop goals (Welch) Noon Lunch 10/26/11http://security.ncsa.illinois.edu/s3i2/7

Afternoon Agenda Noon Lunch 12:30 Discussion 2:00 Checkpoint and phone check-in 2:30 Break 2:45 Continue discussion 3:45 Wrap up and Summarize 4:40 Phone check-in 4:55 Adjourn 10/26/11http://security.ncsa.illinois.edu/s3i2/8

Recap of First Workshop 10/26/11http://security.ncsa.illinois.edu/s3i2/9

First Workshop Process Survey circulated prior to workshop regarding cybersecurity needs. One day workshop in Arlington 10/26/11http://security.ncsa.illinois.edu/s3i2/10

Report URL 10/26/11http://security.ncsa.illinois.edu/s3i2/11

First Workshop Representation Blue Waters Data Conservancy DataONE EGI FutureGrid GENI Globus GroupScope I-Chass Internet2 LIGO LTER nanoHub, HUBzero NEES NSF OSG SESF TeraGrid 10/26/11http://security.ncsa.illinois.edu/s3i2/12

Sixteen Recommendations Thirteen Dos and three Don’ts 10/26/11http://security.ncsa.illinois.edu/s3i2/13

Intellectual Leadership 1.A security-focused S2I2 should provide NSF and the NSF research community with security leadership and guidance. 2.A security-focused S2I2 should provide documentation, training, recommendations, and consulting to NSF cyberinfrastructure projects both on software security and security software. 10/26/11http://security.ncsa.illinois.edu/s3i2/14

Short-term Software Support 3.A security-focused S2I2 should provide short- term support for orphaned security software deemed critical to NSF cyberinfrastructure projects. 10/26/11http://security.ncsa.illinois.edu/s3i2/15

Assessment 4.A security-focused S2I2 should perform independent software security assessments. 5.A security-focused S2I2 should support security design reviews of MREFC projects or smaller CI development and integration efforts. 6.The institute should independently highlight/rank security software that NSF CI relies upon. 7.The institute should provide a security auditing service that includes vulnerability analysis and overall security assessment that validates security functions within a CI. 10/26/11http://security.ncsa.illinois.edu/s3i2/16

Should nots… 8.The institute should not develop software. 9.The institute should not do software integration. 10.The institute should not provide operational security services or replicate existing services. 10/26/11http://security.ncsa.illinois.edu/s3i2/17

Governance 11.The institute should be governed in an open fashion that provides venues for stakeholders to discuss priorities and influence the institute’s activities. 12.The institute should be a synthesis point for expertise but not necessarily own all the expertise in-house. 10/26/11http://security.ncsa.illinois.edu/s3i2/18

Relationships 13.The institute should coordinate its efforts and seek support across federal agencies including DHS, DOE, DARPA, and NIH. 14.The institute should have well defined relationships with the CMU Software Engineering Institute, InCommon, Internet2, REN-ISAC, and the XD TAIS. 10/26/11http://security.ncsa.illinois.edu/s3i2/19

Sustainability and Metrics 15.Funding in addition to funds supplied by NSF for a security-focused software institute should be aggressively pursued. 16.The institute must document how it would gauge its own success. 10/26/11http://security.ncsa.illinois.edu/s3i2/20

Break 10/26/11http://security.ncsa.illinois.edu/s3i2/21

LIGO EXPERIENCES 10/26/11http://security.ncsa.illinois.edu/s3i2/22

VISION 10/26/11http://security.ncsa.illinois.edu/s3i2/23

NSF CI NSF CI is tens of projects, across dozens of sites, with hundreds of implementers and tens of thousands of users. This is a significant IT effort! But cybersecurity today across this effort is haphazard. 10/26/11http://security.ncsa.illinois.edu/s3i2/24

Vision 1.Cybersecurity of NSF CI should not be limited by lack of available expertise. – All projects have access to knowledge about available cybersecurity R&D, technologies, best practices, policies, procedures, etc. – Lessons learned and successes flow freely between projects. 2.Community constantly advances state of the art in cybersecurity practice, drawing from own experiences and advancements of others. 10/26/11http://security.ncsa.illinois.edu/s3i2/25

The Challenge Cybersecurity expertise is not readily available to all projects. Big projects might be able to budget a cybersecurity person. – But there is not enough talent to be on all proposal teams. Small projects do their best. It’s scary to use something you don’t control. Tighter project planning, less discretionary funding limits flexibility. 10/26/11http://security.ncsa.illinois.edu/s3i2/26

Project cybersecurity needs Peak at project inception – Understanding needs, solutions – Typically first challenge to collaboration But occur cradle to grave – Changes in technology – Changes in community needs – Deployment and interaction with operations – Predictable and not Are not “one size fits all” – Different needs, cultures, collaborations, technologies 10/26/11http://security.ncsa.illinois.edu/s3i2/27

Range of needs Understanding trust requirements – Own needs, risk analysis and tolerance – Needs of collaborators, deployers, sites, etc. Choosing technologies – What works? What is interoperable? – What’s secure enough? What’s “enough”? SW development advice Independent assessment 10/26/11http://security.ncsa.illinois.edu/s3i2/28

Range of needs Understanding operational requirements – Authentication, logging, incident response, etc. Understanding changes, new options Helping with fires – Incidents, unexpected changes 10/26/11http://security.ncsa.illinois.edu/s3i2/29

What could be done to help? 10/26/11http://security.ncsa.illinois.edu/s3i2/30

Our History 10+ years of engaging CI projects on cybersecurity – LIGO, OOI, DataOne, TeraGrid/XSEDE, OSG, FutureGrid, iPlant, Globus, DES, IRNC, … – Working to understand need of operations. Advancing identity management Numerous workshops to build consensus. Bridging between communities – Internet2/InCommon, EGI, IGTF, DOE Roadmaps, papers, best practices 10/26/11http://security.ncsa.illinois.edu/s3i2/31

Small cybersecurity efforts CILogon, Bedrock – identity focused MIST – code review Secure Science Gateways – portal focus ISACs, CERT, etc. – targeted at security professionals Commercial consulting companies 10/26/11http://security.ncsa.illinois.edu/s3i2/32

What has been shown to work One-on-one with projects providing cybersecurity expertise. Helping determine needs and risks, explaining options. Evaluation/guidance of software, technologies. Creating a local expert within each project who becomes part of the larger community. Cradle-to-grave, planned and unplanned. 10/26/11http://security.ncsa.illinois.edu/s3i2/33

What has been shown to work Cross-cutting activities. Workforce development, training and documentation. – Development of new cybersecurity staff – Education on basics, trustworthy development, etc. Evaluating when external activities are ready to have an impact on the community. Establishing liaisons. Workshops to build community consensus. Documenting best practices, lessons learned. 10/26/11http://security.ncsa.illinois.edu/s3i2/34

Should not Make decisions, write policies, write plans for projects – Is a partnership, not an outsourcing – Inform, educate, provide examples, suggestions, etc. Develop, support, integrate software – Should interface with other appropriate CI projects/SI2 institutes Dictate a solution or level of security across the community 10/26/11http://security.ncsa.illinois.edu/s3i2/35

Primary Customers 1.CI Science projects – Understanding needs and options. – Help make informed decisions. 2.CI developers (SI2 projects) – Produce trustworthy CI with trustworthy design and coding. – Understand needs of cybersecurity in operational context. 10/26/11http://security.ncsa.illinois.edu/s3i2/36

Key Relationships Cybersecurity Projects: MIST, Bedrock, Gateway Security, REN-ISAC, Cybersecurity Summit – Make appropriate connections with customers Operational security at sites, facilities – Liaison to understand needs Cybersecurity R&D – Provide feedback, help transition to production Campus bridging – Campuses, Internet2, Educause Other agencies, countries/continents 10/26/11http://security.ncsa.illinois.edu/s3i2/37

Musts Technology independent, responsive to communities not any agenda. Transparent, all activities must result in public results. Be predictable, projects must know they can rely on services. Be flexible, able to address unexpected emergencies, quick needs. Be reviewable, clearly demonstrate value. 10/26/11http://security.ncsa.illinois.edu/s3i2/38

Metrics of Success Need to demonstrate customer satisfaction and good value. – In commercial space, it’s simple – people pay or they don’t. We need similar demonstration of value from customers if this is going to demonstrate merit. Food for discussion: Can it be a “totally free lunch” and have its worth judged? 10/26/11http://security.ncsa.illinois.edu/s3i2/39

DISCUSSION 10/26/11http://security.ncsa.illinois.edu/s3i2/40

Questions to Spur Discussion What are/were your needs and how would they fit into this vision? What would you add to first workshop recommendations? 10/26/11http://security.ncsa.illinois.edu/s3i2/41

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.