Sunday, March 16, 2014

Developing a Cybersecurity Plan for NSF Science and Engineering Projects: First Unit Released

A number of NSF projects have a requirement to develop a cybersecurity plan as part of their cooperative agreement with NSF [1]. Other want to do so because they consider it a best practice worth following.

As apart of CTSC's ongoing engagement with the Daniel K. Inouye Solar Telescope (DKIST) we are developing a guide for creating such a cybersecurity program. Our first unit in this guide is now available for comment. We are using the TrustedCI Forum to disseminate this unit and solicit feedback from the community. We encourage all members of the community to join the conversation and provide their insights into this important work.

[1] http://www.nsf.gov/pubs/policydocs/cafatc/cafatc_lf212.pdf (see item 56 on page 6)

Tuesday, March 11, 2014

CTSC DataONE engagement: identity management system review

In the CTSC-DataONE engagement, CTSC and DataONE staff worked together to perform an architectural review of DataONE's identity management system. DataONE (Data Observation Network for Earth) is "a distributed framework and sustainable cyberinfrastructure that meets the needs of science and society for open, persistent, robust, and secure access to well-described and easily discovered Earth observational data."

CTSC's overall assessment of the DataONE identity management system was positive. Strengths include support for authentication using federated identities, equivalence mapping of multiple identities for the same person, and a well-specified access policy language. CTSC made recommendations for improvements in the areas of system documentation, architecture, and operations. See the report at http://hdl.handle.net/2022/16926 for more details.

CTSC's engagements are inherently collaborative. Many thanks to the DataONE team, and specifically Ben Leinfelder, Bruce Wilson, and Dave Vieglais for the collaborative effort that made this engagement possible.

For more about how CTSC helps NSF projects visit http://trustedci.org/howwehelp.