Wednesday, March 20, 2019

Jim Basney appointed as Trusted CI Deputy Director



I’m happy to announce that as of March 15th, Jim Basney is serving as Trusted CI’s Deputy Director. In this role, Jim will work closely with me to manage Trusted CI’s many activities as well as help with outreach to the research community. Jim has been with Trusted CI since its inception and has more than two decades of experience working with the research community. He is an internationally recognized leader in open science identity and access management, and leads the CILogon project.

It’s my pleasure to officially welcome Jim into this new role at Trusted CI.

Von Welch, Director, Trusted CI

Scripps Institution of Oceanography, Trusted CI, and CACR Launch Engagement

We are pleased to announce the start of an engagement with Scripps Institution of Oceanography at the University of California San Diego. Scripps Oceanography is supported by multiple NSF awards, including # 1327683, 1212770, and 1556466, as well as research awards from the Department of Defense and National Oceanographic and Atmospheric Administration (among others).

This engagement is in collaboration with the DOD-funded Principles-Based Assessment for Cybersecurity Toolkit (PACT) project. PACT is a methodology and tool set based on the Information Security Practice Principles and developed in collaboration by Trusted CI, the IU Center for Applied Cybersecurity Research, and Naval Surface Warfare Center Crane. Lessons learned from applying the methodology to Scripps Oceanography will be used to refine PACT.  Scripps Oceanography’s interest in engaging with Trusted CI and the PACT project presented a perfect opportunity to leverage Trusted CI’s expertise and knowledge of complex open science environments, while advancing a methodology with potential for very broad application.


Tuesday, March 19, 2019

Including Trusted CI in your NSF CSSI Proposal

Cybersecurity is an important element in every cyberinfrastructure project plan. For example, NSF's current Cyberinfrastructure for Sustained Scientific Innovation (CSSI) solicitation (Due Monday, April 8th) includes the following guidance:
The description of the CI architecture and processes should explain how security, trustworthiness, provenance, reproducibility, and usability will be addressed by the project and integrated into the proposed system and the engineering process, and how adaptability to new technologies and changing requirements will be addressed by the project and built into the proposed system, as appropriate.
It's often the case that while writing a proposal you will identify a cybersecurity challenge suited to a collaboration with Trusted CI. We offer the following suggestions to indicate your intent to engage with Trusted CI to solve the challenge, hence indicating in your proposal that you both recognize the challenge and take it seriously.

Identify and utilize Trusted CI resources. Our cybersecurity program guide provides recommendations and templates for establishing and maintaining cybersecurity programs. Our online training materials and webinars cover many cybersecurity topics tailored to the NSF CI community. Our annual cybersecurity summit provides a venue for training sessions for cybersecurity practitioners, technical leaders, and risk owners from within the NSF Large Facilities and CI community.

Indicate Your Intent to Approach the CCoE. We invite proposing NSF CI projects to indicate their intention to approach Trusted CI once they are funded. Trusted CI resources and staff are available to assist NSF projects with cybersecurity plans and training, via one-on-one engagements, and other Trusted CI activities. For example, Trusted CI recently engaged with the Environmental Data Initiative (EDI). Proposers are free to include language showing an awareness of cybersecurity of a specific issue and showing you are aware of Trusted CI, how we can help, and that you plan to approach us if funded to collaborate on addressing the issue. You can do this unilaterally without any commitment from Trusted CI (and please be aware it does not commit Trusted CI, we do our best to help all NSF projects, but are subject to our own resource availability). We ask that you let us know if you reference Trusted CI, this way to help us plan ahead.

Possible language to include in a proposal:
Our proposal team recognizes [that cybersecurity is important for the effort we are undertaking | we have a cybersecurity challenge with regards to XXX]. To address this issue we plan to approach the NSF-funded Cybersecurity Center of Excellence (trustedci.org). The Cybersecurity Center of Excellence (CCoE) engages projects such as the one we propose to help them address cybersecurity challenges and maintain the trustworthy nature of the computational science we support. We understand that engagements with CCoE are collaborative, and have budgeted resources in our project to work with CCoE on our challenge.
Trusted CI can also provide a letter of collaboration for your proposal using this template.

Include the CCoE in your Proposal. You can include one or more of the CCoE Partners (IU, Internet2, LBNL, NCSA, PSC, U. Wisconsin) via a subcontract on your proposal, a process that provides a firm commitment of our participation. Please contact us to discuss which partner would be most appropriate, whether the commitment would be exclusive for a given solicitation, and the level of effort that would be involved. In this case, we would provide a custom letter of collaboration indicating our agreement to the terms of the subcontract.

If you are preparing a CSSI proposal and would like additional assistance from Trusted CI, don't hesitate to contact us to discuss how Trusted CI can help.

Wednesday, March 13, 2019

Trusted CI presenting at the Great Plains Network Annual Meeting (May 21 - 23)

Members of Trusted CI will be presenting three training sessions at the Great Plains Network (GPN)'s Annual meeting  in Kansas City, Missouri (May 21st - 23rd).

Bob Cowles  and Mark Krenz are presenting, "Developing Cybersecurity Programs for NSF Projects." This tutorial describes Trusted CI's Framework for cybersecurity programs to protect science projects

Mark Krenz and Ishan Abhinit are presenting, "Security Log Analysis." Participants will learn how to collect and analyze system logs to help detect security incidents.
     
Anurag Shankar and Ryan Kiser are presenting, "Building NIST Risk Management Framework for HIPAA and FISMA." This session will familiarize participants with how to tackle HIPAA, FISMA, and NIST 800-171, US regulations that affect research computing.

More details about the conference will be posted here at it becomes available.

Monday, March 11, 2019

CCoE Webinar March 25th at 11am ET: The NSF CC-DNI SecureCloud Project

Casimer DeCusatis is presenting the talk "The NSF CC-DNI SecureCloud Project: Autonomic Cybersecurity for Zero Trust Cloud Computing" on Monday March 25th at 11am (Eastern).

Please register here. Be sure to check spam/junk folder for registration confirmation email.
Cyberinfrastructure is undergoing a radical transformation as traditional data centers are replaced by cloud computing. Cloud hosted applications tend to have a poorly defined network perimeter, large attack surfaces, and pose significant challenges for network visibility, segmentation, and authentication.  We discuss research from the NSF SecureCloud project, which addresses the unique requirements of cloud security using an autonomic, zero trust architecture. We have created and tested original software using a first-of-a-kind cybersecurity test bed constructed at the New York State Cloud Computing & Analytic Center, Marist College. We developed the first honeypot for software defined network (SDN) controllers , and created honeypots for graph database APIs, SSH, and other applications.  These honeypots collect raw data telemetry, which is processed into actionable threat intelligence using our Lightweight Cloud Analytics for Real Time Security (LCARS), an SIEM that includes the G-Star graph database and hive plot visualizer.  We have built a threat intelligence database including attack patterns and orchestrated response recipes. We demonstrate dynamic reconfiguration using REST APIs for network appliances, while we cloak high risk applications using a combination of Transport Layer Access Control and First Packet Authentication.  Use cases include reconfiguration of trust levels in response to distributed denial of service (DDoS) and other attacks.
Speaker bio:

Casimer DeCusatis is an Assistant Professor at Marist College.  He is a Cisco Distinguished Speaker, Fellow of IEEE, OSA, SPIE, and recipient of the following awards: IEEE Kiyo Tomiyasu, IEEE R1 Cybersecurity Education, Sigma Xi Walston Chubb, Mensa Copper Black, PSU Outstanding Alumnus, and IEEE/HKN OYEE.  He received his M.S.(1988) & Ph.D.(1990) from RPI and his B.S. from Penn State (1986).

Presentations are recorded and include time for questions with the audience.

Join Trusted CI's announcements mailing list for information about upcoming events. To submit topics or requests to present, see our call for presentations. Archived presentations are available on our site under "Past Events."

Tuesday, March 5, 2019

Upcoming events featuring Trusted CI

Interested in the latest from Trusted CI? Want a chance to chat in person with us? Members of Trusted CI will be participating in a number of events over the next few months.

Internet2 Global Summit (March 5-8) in Washington, D.C.
The summit focuses on trust and identity; advanced networking; information security; and integrated solutions for research, scholarship and creativity. Von Welch will be presenting in the Executive Track on Tuesday on Cybersecurity for Open Science. On Friday Jim Basney and Von Welch will be co-presenting a talk with UC San Diego's Michael Corn "Strategies for Research Cybersecurity and Compliance from the Lab."

CENIC Annual Conference (March 18-20) in San Diego, CA.
The Corporation for Education Network Initiatives in California (CENIC) is hosting its annual conference bringing together participants from all education segments, research universities, public libraries, private sector technology businesses, public policy and government, and R&E partners. Von Welch will be presenting a talk on the Trusted CI framework.

ISGC 2019 (March 31-April 5) in Taipei, Taiwan.
The International Symposium on Grids and Clouds (ISGC) 2019 & Soundscape Conference is built around the FAIR concept -- data must be Findable, Accessible, Interoperable and Re-usable. The conference will bring together individual communities and national representatives to address this challenge. Von Welch will be giving a keynote address, "FAIR in an unfair world: cybersecurity, data breaches, data integrity, and open science."

WE-RIT Women in Engineering at RIT and Cybersecurity Research TTP (April 2-3) in Rochester, NY.
Florence Hudson will be at speaking at Rochester Institute of Technology at the WE-RIT event on April 2, and meeting with Cybersecurity Researchers April 2-3 to discuss how to accelerate cybersecurity research transition to practice (TTP) including business model development.

SIG-ISM/WISE Meeting (April 16-18) in Kaunas, Lithuania. 
The GÉANT Special Interest Group - Information Security Management (SIG-ISM) group and the Wise Information Security for Collaborating e-Infrastructures (WISE) are hosting joint meeting in Lithuania. The meeting aims to enhance the collaboration among large e-infrastructures and NRENs and their communities on handling security information. The groups will discuss their activities in the past few years, share the results and outcomes and tackle challenges together. Bob Cowles will be giving a talk on the new Trusted CI Framework.

IU Internet of Things Wearables in Motion Symposium (April 25-26) in Bloomington, IN.
The Indiana University School of Informatics, Computing, and Engineering, Innovate Indiana, IU Research and Technology Corp., The Mill and Indiana IoT Lab, will host academic and industry experts to discuss wearables and the Internet of Things (IoT) including novel sensors and actuators, scalable and secure cyberinfrastructures, and more. Florence Hudson will be presenting with Mitch Parker from IU Health on Protecting Health Wearables from Cyber Attack.

EDUCAUSE Security Professional Conference 2019 (May 13-15) in Chicago, IL.
EDUCAUSE brings higher education security professionals together to network and discuss information security and privacy trends and current issues with peers and solution providers. Anurag Shankar is presenting a talk on securing workflows. Also, Trusted CI's partner project, the ResearchSOC, will be presenting a talk on helping security professionals support sponsored research projects. And Florence Hudson and cohorts will be presenting a birds-of-a-feather (BOF) session on cybersecurity needs and partnering with researchers to fill the gaps.

The Great Plains Network (GPN) Annual Meeting (May 21-23) in Kansas City, MO.
The meeting brings together advanced network and cyberinfrastructure users, information technology staff, network engineers, faculty members, researchers, and graduate students from leading Midwestern universities and higher education networks. Mark Krenz, Bob Cowles, Ishan Abhinit, Anurag Shankar, and Ryan Kiser will be presenting talks on security log analysis, developing cybersecurity programs, and the NIST framework for HIPAA and FISMA compliance. 

Training Workshop for Network Engineers and Educators on Tools and Protocols for High-Speed Networks (July 22 - 23) in Columbia, SC.
This free hands-on workshop provides cyberinfrastructure (CI) engineers with an introduction to tools and techniques for the design, implementation, and monitoring of high-throughput networks and science demilitarized zones (Science DMZs). Von Welch will be speaking at the workshop.

Trusted CI's Technology Transition to Practice (TTP) Workshop (June 19) in Chicago, IL.
The Cybersecurity TTP workshop is an opportunity for Cybersecurity researchers and practitioners to discuss the needs and gaps we can fill with cybersecurity research, and enjoy co-creation of plans on accelerating this valuable research to practice. Florence Hudson and fellow members of Trusted CI will be hosting the workshop. Apply to request an invitation here.

PEARC19 in (July 28 - August 1) in Chicago, IL.
PEARC19 will explore the current practice and experience in advanced research computing including modeling, simulation, and data-intensive computing. Abstracts are still under review. Trusted CI intends to present many things at this year's conference and will update the community as more information is available.

The 2019 NSF Cybersecurity Summit (October 15 - 17) in San Diego, CA.
The Summit is hosted by Trusted CI and welcomes cybersecurity practitioners, technical leaders, and risk owners from within the NSF Large Facilities and CI Community, as well as key stakeholders and thought leaders from the broader scientific and information security communities. The Summit includes training sessions, plenary session, and opportunities to network and socialize with peers.

Whether you are an operational security pro, high speed networking researcher, NSF PI, or identity management specialist; the coming months present some interesting opportunities to network and collaborate. We look forward to seeing you at these events.