Trusted CI Experiences in Cybersecurity and Service to Open Science

Adams, Andrew; Avila, Kay; Basney, Jim; Brunson, Dana; Cowles, Robert; Dopheide, Jeannette; Fleury, Terry; Heymann, Elisa; Hudson, Florence; Jackson, Craig; Kiser, Ryan; Krenz, Mark; Marsteller, Jim; Miller, Barton P.; Peisert, Sean; Russell, Scott M.; Sons, Susan; Welch, Von; Zage, John

doi:10.1145/3332186.3340601

Cited by 6 publications

(4 citation statements)

References 3 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Cyberattacks of all kinds are on the rise [37,38]. Higher education institutions [39] and NSF major research facilities tend to have significant cyber security risks [40]. Additionally, information on cyberattacks and research-related risks in general, particularly in higher education, is severely lacking [39,41].…”

Section: Evaluating the Probability And Prevalence Of Research Data T...mentioning

confidence: 99%

Cybersecurity in a Large-Scale Research Facility—One Institution’s Approach

Butcher,

Brigham,

Berhalter

et al. 2023

JCP

View full text Add to dashboard Cite

A cybersecurity approach for a large-scale user facility is presented—utilizing the National High Magnetic Field Laboratory (NHMFL) at Florida State University (FSU) as an example. The NHMFL provides access to the highest magnetic fields for scientific research teams from a range of disciplines. The unique challenges of cybersecurity at a widely accessible user facility are showcased, and relevant cybersecurity frameworks for the complex needs of a user facility with industrial-style equipment and hazards are discussed, along with the approach for risk identification and management, which determine cybersecurity requirements and priorities. Essential differences between information technology and research technology are identified, along with unique requirements and constraints. The need to plan for the introduction of new technology and manage legacy technologies with long usage lifecycles is identified in the context of implementing cybersecurity controls rooted in pragmatic decisions to avoid hindering research activities while enabling secure practices, which includes FAIR (findable, accessible, interoperable, and reusable) and open data management principles. The NHMFL’s approach to FAIR data management is presented. Critical success factors include obtaining resources to implement and maintain necessary security protocols, interdisciplinary and diverse skill sets, phased implementation, and shared allocation of NHMFL and FSU responsibilities.

show abstract

Section: Evaluating the Probability And Prevalence Of Research Data T...mentioning

confidence: 99%

Cybersecurity in a Large-Scale Research Facility—One Institution’s Approach

Butcher,

Brigham,

Berhalter

et al. 2023

JCP

View full text Add to dashboard Cite

show abstract

“…However, a central goal of the AoT project was to provide open data about the city for use by students, scientists, businesses, the city, and the general public. Thus we collaborated with Trusted CI, the NSF Cybersecurity Center of Excellence [26] to develop privacy and governance policies. With drafts in hand, we convened experts from academia, industry and government privacy law, and privacy advocacy groups including the Electronic Frontier Foundation (EFF) and American Civil Liberties Union (ACLU) to review and improve the policies.…”

Section: Ethics Privacy and Policymentioning

confidence: 99%

“…Journal of Social Computing, September 2020, 1(1):[14][15][16][17][18][19][20][21][22][23][24][25][26][27] …”

mentioning

confidence: 99%

Measuring Cities with Software-Defined Sensors

et al. 2020

View full text Add to dashboard Cite

“…While the code is open‐source and viewable by everyone, few people have the time to completely review it. Thus, we engaged with the NSF‐funded Trusted CI Cybersecurity Center of Excellence to perform a security audit of the platform 5 . Trusted CI examined OnDemand in detail and provided the following summary: they “(1) discovered several implementation issues (bugs) that could affect the proper operation of Open OnDemand; (2) No major issues were found in a comprehensive evaluation of the architecture and critical resources in Open OnDemand, and analysis of potential code weaknesses in critical components; and (3) They found a potential vulnerability, dormant based on current configuration, and launch settings.” These findings provided us with some confidence in the security of the platform, as well as some issues to focus our efforts on resolving.…”

Section: Lessons Learnedmentioning

confidence: 99%

Open OnDemand: State of the platform, project, and the future

Chalker

Franz

Rodgers

et al. 2020

Concurrency and Computation

View full text Add to dashboard Cite

High performance computing (HPC) has led to remarkable advances in science and engineering and has become an indispensable tool for research. Unfortunately, HPC use and adoption by many researchers is often hindered by the complex way these resources are accessed. Indeed, while the web has become the dominant access mechanism for remote computing services in virtually every computing area, HPC is a notable exception. Open OnDemand is an open source project negating this trend by providing web-based access to HPC resources (https://openondemand.org). This article describes the challenges to adoption and other lessons learned over the 3-year project that may be relevant to other science gateway projects. We end with a description of future plans the project team has during the Open OnDemand 2.0 project including specific developments in machine learning and GPU monitoring.

show abstract

Trusted CI Experiences in Cybersecurity and Service to Open Science

Cited by 6 publications

References 3 publications

Cybersecurity in a Large-Scale Research Facility—One Institution’s Approach

Cybersecurity in a Large-Scale Research Facility—One Institution’s Approach

Measuring Cities with Software-Defined Sensors

Open OnDemand: State of the platform, project, and the future

Contact Info

Product

Resources

About