Wednesday, February 22, 2017

CCoE and OSG kick off engagement to assess HTCondor-CE


The Open Science Grid (OSG) facilitates access to distributed high throughput computing for research across the US, delivering more than 1.2 billion CPU hours to researchers across a wide variety of projects over the last 12 months. The OSG and CTSC are collaborating to assess the security of HTCondor-CE (Compute Element). The HTCondor-CE is the next-generation gateway software for the Open Science Grid (OSG) and is responsible for providing a network service which authorizes remote users and provides a resource provisioning service. Based on the HTCondor software, this CE is a highly-specialized configuration of HTCondor and relies on less-common components, e.g., blahp, the focus of this engagement. HTCondor-CE was developed and adopted to provide the OSG with a more flexible, scalable, and easier-to-manage gateway software.

The primary goal of the CTSC-OSG engagement is to review blahp (pronounced “blop”), part of HTCondor-CE, and to help ensure its design and implementation are secure - that is, it is free of design errors and will function as intended in the face of malicious entities attempting to coerce it to do otherwise.

Monday, February 13, 2017

CCoE Webinar Feb. 27th 11am EST: Practical Cybersecurity Program for (Smaller) Science Programs

Members of the CTSC team are presenting the talk "Practical Cybersecurity Program for (Smaller) Science Programs," on February 27th at 11am (EDT). Our presenters are Susan Sons, Craig Jackson, and Bob Cowles (speaker info).

Please register here. Be sure to check spam/junk folder for registration confirmation with attached calendar file.
Based on CTSC’s cybersecurity program development guide (see trustedci.org/guide), this webinar addresses practical information security tasks for small and medium science projects. The NSF CCoE’s work spans the full range of NSF-funded projects and facilities, and cybersecurity is certainly *not* a one-size-fits-all endeavor.

Some of the topics covered include:
  • Cybersecurity’s relevance to science projects.
  • The complexity and scope of cybersecurity, and how cybersecurity programs can help you cope with that complexity (and protect your science).
  • A handful of “must-do” (and doable!) action items.
This session is appropriate for principal investigators, program officers, IT professionals in research and higher education, research facility managers, and security professionals interested in information security approaches tailored to particular communities. It is not a detailed technical training. There will be significant opportunities for Q&A.
More information about this presentation is on the event page.

Presentations are recorded and include time for questions with the audience.

Join CTSC's discuss mailing list for information about upcoming events. To submit topics or requests to present, contact us here. Archived presentations are available on our site under "Past Events."

Science Node article on Open Science Cyber Risk Profile

Last week, Science Node published an article on the Open Science Cyber Risk Profile: "Mind the gap: Speaking like a cybersecurity pro."  Dr. Karen Stocks, director of the Geological Data Center at the Scripps Institution of Oceanography at the University of California San Diego, is quoted in the article:
“It is critical that our scientific infrastructure be reliable and trusted,” says Stocks. “The OSCRP provides the most accessible, focused, and practical guidance I know of for a scientist needing to evaluate and assess their cybersecurity.”
Please see the article for more from Dr. Stocks, as well as others involved in the profile.

Thursday, February 2, 2017

The Report of the 2016 NSF Cybersecurity Summit and Request to Select Dates for the 2017 NSF Cybersecurity Summit!


CTSC is pleased to present the report of the 2016 NSF Cybersecurity Summit to the community. The report outlines progress the community has made based on recommendations from the previous year, attendee details and survey results for both the plenary and training portions of the Summit. The report in its entirety can be reviewed here: http://hdl.handle.net/2022/21161

Additionally, we are currently preparing to kick off planning for the 2017 NSF Cybersecurity Summit for Large Facilities and Cyberinfrastructure. One of our first steps will be selecting a date for this year’s summit, and we would like to hear from you, the community regarding the best dates to meet. The summit will be held in Arlington, VA again this year, at the Westin Arlington Gateway. Please follow the below link to the survey containing the dates we have identified as being available and not conflicting with other conferences in the industry, and enter your choices no later than Friday February 10, 2017: https://www.surveymonkey.com/r/FZBH2H7