Monday, March 26, 2018

Upcoming events featuring Trusted CI

Interested in the latest from Trusted CI? Want a chance to chat in person with us? Members of Trusted CI will be participating in a number of upcoming events over the next few months.

EDUCAUSE Security Professional Conference 2018 (April 10-12) in Baltimore, MD. EDUCAUSE brings higher education security professionals together to network and discuss current trends in the industry. Trusted CI's Mark Krenz and Warren Raquel are presenting training sessions on Incident Response and Security Log Analysis. Also, Trusted CI's Von Welch and Jim Basney are co-presenting with IU CACR's Anurag Shankar on Cybersecurity for Research on Campus.

KINBERCON (April 23-25) in Harrisburg-Hershey, PA. KINBERCON's focus is on next generation networks and technology, and brings together leaders in education, healthcare, libraries, and government. The format of KINBERCON includes panels and technical workshops. There are many opportunities for collaborative discussions with speakers and attendees. Trusted CI's Von Welch will be presenting on the project and the intersection of campus IT, info sec, and research.

The 2018 NSF SI2 PI Meeting (April 30-May 1) in Washington, D.C. The SI2 PI workshop brings together PIs to present their projects to fellow PIs through posters, lightening talks, and brief presentations. Trusted CI's Von Welch is presenting "Software Security: Selecting engineering and security practices to enable robust CI and trustworthy science."

Internet2 Global Summit (May 6-9) in San Diego, CA. The summit focuses on advanced and trusted infrastructure, identity, federation and access management, and solutions for researchers with the goal of benefiting the entire research and education ecosystem. Trusted CI's Jim Basney will be co-presenting CACR's Anurag Shankar on "Cybersecurity for Research on Campus: Not Just HIPAA & FISMA."

PEARC 18 (July 22-26) in Pittsburgh, PA. PEARC is an all-inclusive event for scientists, engineers, scholars, artists, and educators who depend on efficient, secure, and reliable digital infrastructure. This year's theme is seamless creativity. Presentation abstracts are still under review. Trusted CI intends to attend and present at this year's conference and will update the community as more information is available.

The 2018 NSF Cybersecurity Summit for Large Facilities and Cyberinfrastructure (August 21- 23) in Alexandria, VA. The Summit is hosted by Trusted CI and welcomes cybersecurity practitioners, technical leaders, and risk owners from within the NSF Large Facilities and CI Community, as well as key stakeholders and thought leaders from the broader scientific and information security communities. The Summit includes training sessions, plenary session, and opportunities to network and socialize with peers. Be on the lookout for our call for proposals.

Whether you are an operational security pro, high speed networking researcher, NSF PI, or identity management specialist; the coming months present some interesting opportunities to network and collaborate. We look forward to seeing you at these events.

Thursday, March 22, 2018

New name, same mission

Dear friends of CTSC,

We're writing to announce that the Center for Trustworthy Scientific Cyberinfrastructure (CTSC) is becoming Trusted CI, the NSF Cybersecurity Center of Excellence.

Why are we making this change? While it clearly conveyed our mission, our initial name was a mouthful -- and, with the added CCoE designation, we found that people struggled to remember it. Trusted CI will build better name recognition, through consistent branding across our website (trustedci.org) and social media (@TrustedCI). 

The new name still emphasizes what we're about: Achieving the NSF goal of creating high-quality, trusted cyberinfrastructure (CI) that supports high-quality, trusted science. It will also make it easier for you to remember how to get help for your NSF CI projects: Email ask@trustedci.org (be sure to identify which NSF project your query relates to). 
 
As we roll out the new branding this spring, we'd like to extend an active invitation to engage our services. From quick questions to collaborative engagements lasting months, Trusted CI tackles challenges of all sizes. 

We're happy to assist with anything related to cybersecurity for NSF CI projects, and we're focused on tailored solutions that impact your work as little as possible. And now all you have to remember is Trusted CI!

Monday, March 12, 2018

Trusted CI Webinar Mar. 26th at 11am ET: Data Quality and Security Evaluation Framework

Rochester Institute of Technology's Leon Reznik and Igor Khokhlov are presenting the talk "Data quality and security evaluation framework development" on March 26th at 11am (Eastern).

Please register here. Be sure to check spam/junk folder for registration confirmation email.
In this talk, we are presenting our work on building a data quality and security (DQS) framework, which integrates cybersecurity with other diverse metrics, such as accuracy, reliability, timeliness, and safety into a single methodological and technological framework. This innovation has a high potential to enable a significant improvement in a wide spectrum of science and technology applications as it will create new opportunities for optimizing data structures, data processing and fusion procedures based on a new quality and security information application. While the developed evaluation techniques may cover a wide range of data sources, the current framework’s implementation concentrates on using an ordinary user’s owned mobile devices and Android-based smartphones in particular.  
After discussing a motivation and general concepts of data quality evaluation, we will present preliminary results. As the framework integrates various metrics from accuracy to security and privacy, we will show examples of cyberinfrastructure elements from those areas developed so far. The security evaluation aspect of the framework is introduced with the Android applications that evaluate a smartphone security, gives a comprehensive score, and advises how the smartphone security can be improved. Two applications that are already available on Google Play will be presented and discussed. In addition, we will show some examples of the framework’s user interface designed for data quality metrics assignment and demonstrate its visualization capabilities. 
The data privacy evaluation is presented with the investigation of the colluded application vulnerability in Android OS devices. We will discuss and analyze the results achieved in this domain.
We believe that DQS evaluation framework will stimulate further improvement of the quality of the whole cyberinfrastructure and, in particular, cybersecurity. We will discuss possible further developments and seek the feedback and advice on the further DQS evaluation research directions. In particular, we are looking for a collaboration in the development of our framework applications in various science and technology domains.

Leon Reznik is a Professor of Computer Science (primary affiliation) and Computing Security (secondary affiliation) at the Rochester Institute of Technology. His current research concentrates on data quality and security evaluation and assurance; cognitive sensor networks and systems; intelligent intrusion detection and big data analytics.

Igor Khokhlov is a Ph.D. candidate at the Rochester Institute of Technology. He conducts research on data quality and value evaluation for sensor-originated data. Igor’s fields of interest include Android OS, cyber-security, and AI.
Join Trusted CI's announcements mailing list for information about upcoming events. To submit topics or requests to present, see our call for presentations. Archived presentations are available on our site under "Past Events."

Friday, March 2, 2018

NRAO and Trusted CI Launch Engagement

Trusted CI is pleased to announce the start of an engagement with the National Radio Astronomy Observatory (NRAO), an NSF Large Facility supported in part by NSF Award # 1647378. This engagement is expected to continue through the end of June. Our shared goal for this engagement is to assess and facilitate the continued maturation of NRAO’s information security program, as well as to positively impact its adaptiveness and longevity. We will accomplish this by evaluating their existing policies, practices, and documentation, and providing recommendations for opportunities to strengthen these within the overarching framework of the four pillars of cybersecurity: mission, governance, resources, and controls.

Initially established in 1956, the National Radio Astronomy Observatory is operated under cooperative agreement by Associated Universities, Inc. (AUI). NRAO provides state-of-the-art radio telescope facilities for use by the international scientific community, open to all astronomers regardless of institutional or national affiliation. NRAO also provides both formal and informal programs in education and public outreach for teachers, students, the general public, and the media. Their instruments include the Jansky Very Large Array in New Mexico and the North American component of the Atacama Large Millimeter/submillimeter Array in Chile.

With its latest renewal, NRAO’s mandate is to improve not only the accessibility of its scientific instruments, but also the accessibility of its multi-petabytes of archived observational data for re-processing and re-use beyond the initial intent and audience. NRAO’s revised mission seeks to extend beyond the traditional radio astronomy community into the fields of general scientific endeavor looking at complex molecules in space, real-time events, and the explanation of origins of life, planets, solar systems, galaxies, and the universe.