Monday, May 6, 2019

CCoE Webinar May 20th at 11am ET: Deployable Internet Routing Security

Amir Herzberg is presenting the talk "Deployable Internet Routing Security" on Monday May 20th at 11am (Eastern).

Note: we moved the webinar up one week to avoid the Memorial Day holiday.

Please register here. Check spam/junk folder for registration confirmation email.
Internet routing is woefully insecure - in spite of many attacks and extensive awareness and efforts. But, finally, there is progress - and even some deployable defenses, based on free open-source software - including some that we develop in a CICI NSF project, whose goal is to get Internet Routing Security deployed in educational and research networks. These tools may help against different attacks - including Denial of Service, a significant problem for campuses and for scientific collaboration.

In this webinar, we will explain the challenges of Internet Routing Security, and the main tools - already deployable, in-progress, and briefly mention some less likely to be deployed. We will also discuss our directions, which include development of tools as well as pilot deployment with UConn and Connecticut Education Network. We hope this may help some of you to make progress in improving the security and reliability of networks, and establish cooperation with us as we proceeds with our project. 
Speaker bio:

Amir Herzberg's is the Comcast professor for Cybersecurity Innovation in the department of Computer Science and Engineering, University of Connecticut. His research areas include: network security (esp. routing/DNS/transport, Denial-of-Service, Web), privacy and anonymity, applied cryptography, usable security, security for cyber-physical systems and social, economic and legal aspects of security.

Dr. Herzberg earned his Ph.D. in Computer Science in 1991 from the Technion in Israel.  From 1991 to 1995, he worked at the IBM T.J. Watson Research Center, where he was a research staff member and the manager of the Network Security research group.  From 1996 to 2000, Dr. Herzberg was the Manager of E-Business and Security Technologies at the IBM Haifa Research Lab.  From 2002 to 2017, he was a professor in Bar Ilan University (Israel).

Dr. Herzberg is the author of more than 150 research papers, five book chapters, and 24 patents. Dr. Herzberg has served on technical program committees of over 50 conferences, delivered keynote and plenary addresses at ten conferences,  organized multiple professional events, and has been TPC chair of IEEE CNS’19, editor of PoPETS (2014-) and ACM TISSEC (2011-14), and area chair of CNS (2013-17). Dr. Herzberg is recipient of the Internet Society's Applied Networking Research award, 2017.

Presentations are recorded and include time for questions with the audience.

Join Trusted CI's announcements mailing list for information about upcoming events. To submit topics or requests to present, see our call for presentations. Archived presentations are available on our site under "Past Events."

Thursday, April 25, 2019

Trusted CI Announces Six Inaugural Fellows

Trusted CI, the NSF Cybersecurity Center of Excellence, is excited to announce the inaugural cohort of Trusted CI Open Science Cybersecurity Fellows. Six individuals with professional interests in cybersecurity have been selected from a nationally competitive pool and designated the first Trusted CI Fellows.  During the year of their Fellowship, they will receive recognition and cybersecurity professional development including training and travel funding to cybersecurity related events.

The 2019 Trusted CI Open Science Cybersecurity Fellows are:


Shafaq Chaudhry, Assistant director of graduate and research IT at the University of Central Florida. Shafaq's research interests include public safety communications, wireless networks and Software-Defined Networking. She is the Central Florida coordinator for Aspirations in Computing (AiC) program of National Center for Women & Information Technology (NCWIT) and the president of the Women in EECS group at UCF. Shafaq has been serving on the reviewer committee for the Grace Hopper Celebration conference since 2017.




Matias Carrasco Kind, Senior research and data scientist at the National Center for Supercomputing Applications. Matias is an expert in scientific cloud computing and scientific platforms.His interests in astrophysics are in cosmology, extragalactic astronomy, machine and deep learning, especially in large scale structures, galaxy formation and evolution, and photometric redshift estimation. He is also interested in data-intensive science, data visualization, image processing, web applications, scientific platforms, software engineering and architecture, and cyberinfrastructure in general.




Gabriella Perez, Research technology compliance specialist at the University of Iowa. Gabriella has served as the University of Iowa’s Research Technology Compliance Specialist since the position was created in May 2017. She is the primary campus point-of-contact for technology compliance questions among researchers and the campus OneIT network of technical specialists who utilize the campus computing cluster. She serves as a cybersecurity and compliance liaison with the Division of Sponsored Programs, the Human Subjects Office, and the UI Libraries.








Aunshul Rege, Associate Professor with the Department of Criminal Justice at Temple University. Anushul has been researching proactive cybersecurity in the context of cybercrimes against critical infrastructures for over 10 years. Specifically, her research examines adversarial and defender behavior, decision-making, adaptations, modus operandi, and group dynamics. Aunshul is also passionate about educating the next generation workforce across the social and hard sciences about the relevance of the human factor in cybersecurity through experiential learning.








Chrysafis Vogiatzis, Assistant professor at North Carolina A&T State University. Chrysafis' current research interests lie in network optimization and combinatorial optimization, along with their vast applications in modern socio-technical and biological systems. One of the main axes of his research is focusing on the study of centrality metrics in biological, social, and infrastructure networks, in order to identify groups and persons of interest.








S. Jay Yang, Professor at the Rochester Institute of Technology. Jay is currently a Professor and the Department Head for the Department of Computer Engineering at Rochester Institute of Technology and also serves as the Director of Global Outreach in the Center of Cybersecurity at RIT. His research group has developed several pioneering machine learning, attack modeling, and simulation systems to provide predictive analytics and anticipatory cyber defense. His earlier works included FuSIA, VTAC, ViSAw, F-VLMM, and attack obfuscation modeling.



The Fellows will receive training consisting of a Virtual Institute, providing 20 hours of basic cybersecurity training over six months. The training will be delivered by Trusted CI staff and invited speakers. The Virtual Institute will be presented as a weekly series via Zoom and recorded to be publicly available for later online viewing. Travel support is budgeted (during their first year only) to cover fellows’ attendance at the NSF Cybersecurity Summit, PEARC, and one professional development opportunity agreed to with Trusted CI. The Fellows will be added to an email list to discuss any challenges they encounter that will receive prioritized attention from Trusted CI staff. Trusted CI will recognize the Fellows on its website and social media. Fellowships are funded for one year, after which the Trusted CI Fellows will be encouraged to continue participating in Trusted CI activities in the years following their fellowship year. After their training in the Virtual Institute, Fellows, with assistance from the Trusted CI team, are expected to help their science community with cybersecurity and make them aware of Trusted CI for complex needs. By the end of the year, they will be expected to present or write a short white paper on the cybersecurity needs of their community and some initial steps they will take (or have taken) to address these needs. After the Fellowship year Trusted CI will continue to recognize the cohort of Fellows and give them prioritized attention. Over the years, this growing cohort of Fellows will broaden and diversify Trusted CI’s impact. About the Trusted CI Fellows Program Trusted CI serves the scientific community as the NSF Cybersecurity Center of Excellence, providing leadership in and assistance in cybersecurity in the support of research. In 2019, Trusted CI is establishing an Open Science Cybersecurity Fellows program. This program will establish and support a network of Fellows with diversity in both geography and scientific discipline. These fellows will have access to training and other resources to foster their professional development in cybersecurity. In exchange, they will champion cybersecurity for science in their scientific and geographic communities, and communicate challenges and successful practices to Trusted CI. Fellows come from a variety of career stages. They demonstrate a passion for their area, the ability to communicate ideas effectively, and a real interest in the role of cybersecurity in research. Fellows are empowered to talk about cybersecurity to a wider audience, network with others who share a passion for cybersecurity for open science, and learn key skills that benefit them and their collaborators.

Thursday, April 18, 2019

Leverage Trusted CI in your NSF SaTC Proposal

NSF SaTC solicitations are focused on areas critical to cybersecurity research and development. NSF's current Secure and Trustworthy Cyberspace Frontiers Solicitation (LOI Due July 5th, Proposal due Sept 30th) in conjunction with the SaTC program solicitation NSF 18-572 includes the following guidance:
The goals of the SaTC program are aligned with the Federal Cybersecurity Research and Development Strategic Plan (RDSP) and the National Privacy Research Strategy (NPRS) to protect and preserve the growing social and economic benefits of cyber systems while ensuring security and privacy. The RDSP identified six areas critical to successful cybersecurity research and development: (1) scientific foundations; (2) risk management; (3) human aspects; (4) transitioning successful research into practice; (5) workforce development; and (6) enhancing the research infrastructure.
Trusted CI, the NSF Cybersecurity Center of Excellence, has engaged practitioners in research, academia, industry, and government to identify top cybersecurity needs and gaps which might be filled through successful transitioning of cybersecurity research into practice , as reported on the Trusted CI TTP blog. We may be able to connect you with practitioners enunciating needs which your project innovations may address. We have identified NSF funded cybersecurity researchers actively working to address some of the top cybersecurity needs, with whom we can connect you to enable collaboration for NSF research transition.

We offer the following suggestions to engage us in these areas.

Reach out to us at ttp@trustedci.org to let us know the focus for your project, and the types of practitioners or researchers you would like to collaborate with to support your proposal. 

Participate in the Cybersecurity TTP Program. Request an invitation to attend the June 19, 2019 Cybersecurity TTP workshop in Chicago, where you will meet researchers and practitioners.

Indicate Your Intent to Approach the CCoE regarding your proposal. We invite proposing NSF SaTC projects to indicate their intention to approach Trusted CI once they are funded. Proposers are free to include language showing an awareness of cybersecurity of a specific issue and showing you are aware of Trusted CI, how we can help, and that you plan to approach us if funded to collaborate. You can do this unilaterally without any commitment from Trusted CI (and please be aware it does not commit Trusted CI, we do our best to help all NSF projects, but are subject to our own resource availability). We ask that you let us know if you reference Trusted CI, this way to help us plan ahead.

Possible language to include in a proposal:
Our proposal team recognizes [the need to collaborate with operational leaders and cybersecurity researchers to enable practical cybersecurity innovations to be accelerated into operational environments in our areas of focus including xxx]. To address this we plan to approach the NSF-funded Cybersecurity Center of Excellence (trustedci.org). The Cybersecurity Center of Excellence (CCoE) engages researchers and practitioners to identify and help address cybersecurity challenges and maintain the trustworthy nature of cyberinfrastructure. We understand that engagements with CCoE are collaborative, and have budgeted resources in our project to work with CCoE on our challenge.
Trusted CI can also provide a letter of collaboration for your proposal using this template.

Include the CCoE in your Proposal. You can include one or more of the CCoE Partners (IU, Internet2, LBNL, NCSA, PSC, U. Wisconsin) via a subcontract on your proposal, a process that provides a firm commitment of our participation. Please contact us to discuss which partner would be most appropriate, whether the commitment would be exclusive for a given solicitation, and the level of effort that would be involved. In this case, we would provide a custom letter of collaboration indicating our agreement to the terms of the subcontract.

If you are preparing a SaTC, CICI, or other NSF proposal and would like additional assistance from Trusted CI, don't hesitate to contact us to discuss how Trusted CI can help.


Wednesday, April 10, 2019

Welcoming Eric Cross to the Trusted CI Advisory Committee

I am happy to welcome Eric Cross to the Trusted CI Advisory Committee. Eric is the Information Technology Manager for the National Solar Observatory (NSO) in Boulder, Colorado, and has in the past served in the same role at the National Ecological Observatory Network (NEON) and the Raytheon Company. During his time at the NSO, he has played key roles in major projects including moving the organization to cloud-based collaboration applications via Google GSuite, deploying IT services at a newly constructed facility for Daniel K. Inouye Solar Telescope (DKIST) support and science research staff, and managing the procurement and deployment of the DKIST Operations Network and IT infrastructure at the Haleakalā summit on the island of Maui, Hawai’i.

Eric replaces David Halstead of NRAO on the advisory committee. I thank David for his contributions to Trusted CI on the committee.

Jim Basney
Deputy Director, Trusted CI

Tuesday, April 9, 2019

Cyberinfrastructure Vulnerabilities 2019 Q1 Report

The Cyberinfrastructure Vulnerabilities team provides concise announcements on critical vulnerabilities that affect science cyberinfrastructure (CI) of research and education centers, including those threats which may impact scientific instruments. This service is freely available to all by subscribing to Trusted CI’s mailing lists (see below).

We monitor a number of sources for software vulnerabilities of interest, then determine which ones are of the most critical interest to the community. While it’s easy to identify issues that have piqued the public news cycle, we strive to alert on issues that affect the CI community in particular. These are identified using the following criteria: the affected technology’s or software’s pervasiveness in the CI community; the technology’s or software’s importance to the CI community; type and severity of potential threat, e.g., remote code execution; the threat’s ability to be remotely triggered; the threat’s ability to affect critical core functions; and if mitigation is available. For those issues which warrant alerts to the Trusted CI mailing lists, we also provide guidance on how operators and developers can reduce risks and mitigate threats. We coordinate with XSEDE, the NSF supercomputing centers, and the ResearchSOC (the newly formed CaaS MSSP) on drafting and distributing alerts to minimize duplication of effort and maximize benefit from community expertise. Some of the sources we monitor for possible threats to CI include:
In 1Q2019 the Cyberinfrastructure Vulnerabilities team issued the following 4 vulnerability alerts to 124 subscribers:
If you wish to subscribe to the Cyberinfrastructure Vulnerability Alerts mailing list you may do so through https://list.iu.edu/sympa/subscribe/cv-announce-l. This mailing list is public and the archives are available at https://list.iu.edu/sympa/arc/cv-announce-l.

If you believe you have information on a cyberinfrastructure vulnerability, let us know by sending us an email at alerts@trustedci.org.

Monday, April 8, 2019

CCoE Webinar April 22nd at 11am ET: REED+: A cybersecurity framework for research data at Purdue University

Preston Smith is presenting the talk "REED+: A cybersecurity framework for research data at Purdue University" on Monday April 22nd at 11am (Eastern).

Please register here. Be sure to check spam/junk folder for registration confirmation email.
The REED+ framework integrates NIST SP 800-171 and other related NIST publications as the foundation of the framework. This framework serves as a standard for campus IT to align with security regulations and best practices, and create a single process for intake, contracting, and facilitate easy mapping of controlled research to CI resources for the sponsored programs office, human subjects office, and export control office.

The framework allows researchers to experience faster intake of new funded projects and be more competitive for research dollars. Using student-developed training materials and instruction, researchers, administrators, and campus IT are now able to more clearly understand previously complicated data security regulations affecting research projects.

The ecosystem developed from this project enables new partnerships with government agencies, and industry partners from the defense, aerospace, and life science sectors. Experiences and best practices in providing cyberinfrastructure and security awareness developed from this collaboration are documented and shared with the broader CI and campus community through conferences, journals and workshop.

Addition to the IT challenges - security controls, technology, or regulations, the REED+ team will discuss the use of research facilitators dedicated to regulated research, building relationships between campus IT organizations, appropriate compliance offices, research administration, IRBs, and export control offices; and improving institutional processes.

Ultimately the goal is to create a systematic approach which results in rapid flow from contracts to actionable technical requirements to implementation to approval, so that research data can begin in the minimum possible time frame.
Speaker bio:

Preston Smith is the Director of Research Computing Services at Purdue University. Supporting over 180 HPC faculty, and 550 labs using research data systems, Purdue's Community Cluster program is a pioneering program for delivering "condo-style" HPC. At Purdue, his organization designs, builds, and operates compute systems, and delivers advanced research support to the campus community.

Presentations are recorded and include time for questions with the audience.

Join Trusted CI's announcements mailing list for information about upcoming events. To submit topics or requests to present, see our call for presentations. Archived presentations are available on our site under "Past Events."

Wednesday, March 20, 2019

Jim Basney appointed as Trusted CI Deputy Director



I’m happy to announce that as of March 15th, Jim Basney is serving as Trusted CI’s Deputy Director. In this role, Jim will work closely with me to manage Trusted CI’s many activities as well as help with outreach to the research community. Jim has been with Trusted CI since its inception and has more than two decades of experience working with the research community. He is an internationally recognized leader in open science identity and access management, and leads the CILogon project.

It’s my pleasure to officially welcome Jim into this new role at Trusted CI.

Von Welch, Director, Trusted CI