Remembering Steve Tuecke’s contributions to cybersecurity

I am deeply saddened to learn of the passing of Steve Tuecke last weekend. Steve was a passionate leader in the application of technology to advance science as well as being a great mentor to me during the three years I worked as part of the Globus project and since. While Steve’s contributions to scientific computing and data management are wide-ranging, I worked most closely with him on the topics of cybersecurity and identity management. This post is to remember and reflect on his work in those areas that was foundational to much of cybersecurity in scientific computing today.

When I first met Steve in the late 1990s, he was a driving force behind establishing a flexible security architecture to support distributed science. His ability to grasp the needs for delegating authority and secure communications amongst researchers and infrastructure (fairly novel concepts in those days where the world wide web was just getting started) and his acumen in systems design and software engineering immediately attracted me to him as someone from whom I was eager to learn.

The first project Steve drew me into was solving the challenge of how a researcher delegated credentials to web servers, an unknown concept in the simple client-server model of the web at that time. This original work became MyProxy, a workhorse for credential management in scientific computing to this day, and which led to the important CILogon infrastructure.

I joined the Globus project shortly after and under Steve’s mentorship started working on standardizing Proxy Certificates and developing their implementation in the very nascent Grid Security Infrastructure (GSI). During this period, Steve taught me much about software development and architecture (I will always associate the term “idempotent” with Steve), the role of standards, building  communities, and leadership.

Since my days with Globus, I continued to admire Steve’s leadership in developing Globus Auth, allowing researchers to manage their multiple identities at different sites and services. I enjoyed numerous conversations with Steve on that identity work as well as other topics such as software sustainability. He was a great mentor and friend and will be missed.

Von Welch, Trusted CI Director

Globus and CTSC engagement: data sharing

CTSC and Globus recently completed an engagement in which CTSC took a close look at the Globus data sharing feature. As many in the NSF community already know, Globus provides both services and applications that try to make it easier for scientists to focus on their science. One key Globus service is data management, especially the movement of files between two endpoints, e.g. between two users’ personal computers, between a user’s computer and a large institutional storage site, or between two other endpoints. In addition to an explicit data copy between endpoints, Globus also has a data sharing feature in which a user can make an entire folder accessible (read/write) to other Globus users. CTSC performed an assessment of this particular feature of Globus. The assessment covered a review of the design, architecture, and high-level implementation of the sharing feature. It was not a code review; however, the CTSC team did perform a source code installation of a Globus Connect Server, with the sharing feature enabled, and analyzed how credentials were being handled and how log files were being generated. While the assessment did not reveal any high security risks for the data sharing feature, CTSC did make a number of recommendations to address low-to-medium risks. These recommendations included improving the documentation, for both system administrators and users, and improving the logging and monitoring of sharing activity.
An ongoing challenge in such assessments of software features is the lack of clear process for doing the assessment, as the question is more one of “is this doing the right thing” without clear definition of what “the right thing” is (a challenge we also tackled in our engagement with Pegasus WMS). For this engagement we utilized a modified set of principles originally put forth by Saltzer and Schroeder in 1975 on the protection of information systems, to help guide our assessment. We think utilizing the principles helped significantly and plan to continue exploring their use in future engagements.
For more information, please see the Globus-CTSC Engagement final report, available at http://hdl.handle.net/2022/19165.
We want to thank the Globus team, especially Rachana Ananthakrishnan, Mike Link, and Steve Tuecke, for their helpful collaboration on this engagement.
See how CTSC might engage with you and your NSF project at http://trustedci.org/howwehelp/.