Trusted CI Webinar: Open Science Chain, Dec. 4th @11am Eastern

San Diego Supercomputer Center's Subhashini Sivagnanam is presenting the talk, Open Science Chain - Enabling Integrity and Metadata Provenance for Research Artifacts Using Open Science Chain, on December 4th at 11am Eastern time.

Please register here.

The envisioned advantage of sharing research data lies in its potential for reuse. Although many scientific disciplines are embracing data sharing, some face constraints on the data they can share and with whom. It becomes crucial to establish a secure method that efficiently facilitates sharing and verification of data and metadata while upholding privacy restrictions to enable the reuse of scientific data. This presentation highlights our NSF-funded Open Science Chain (OSC) project, accessible at https://www.opensciencechain.org. Developed using blockchain technologies, the OSC project aims to address challenges related to the integrity and provenance of research artifacts. The project establishes an API-based data integrity verification management service for data-driven research platforms and hubs, aiming to minimize data information loss and provide support for managing diverse metadata standards and access controls.

Speaker Bio:

Subhashini Sivagnanam is the manager of the Cyberinfrastructure Services and Solutions (CISS) group at the San Diego Supercomputer Center/ UCSD. Her research interests predominantly lie in distributed computing, cyberinfrastructure development, scientific data management, and reproducible science. She serves as the PI/Co-PI on various NSF/NIH projects related to scientific data integrity and developing cyberinfrastructure software.  Furthermore, she oversees the management of UC San Diego’s campus research cluster known as the Triton Shared Computing Cluster.

---

Join Trusted CI's announcements mailing list for information about upcoming events. To submit topics or requests to present, see our call for presentations. Archived presentations are available on our site under "Past Events."

CCoE Webinar Feb. 26th at 11am ET: SmartProvenance

The University of Texas at Dallas's Dr. Murat Kantarcioglu is presenting the talk "SmartProvenance: A Distributed, Blockchain Based Data Provenance" on February 26th at 11am (Eastern).

Please register here. Be sure to check spam/junk folder for registration confirmation email.

Blockchain technology has evolved from being an immutable ledger of transactions for cryptocurrencies to a programmable interactive environment for building distributed reliable applications. Although the blockchain technology has been used to address various challenges, to our knowledge none of the previous work focused on using Blockchain to develop a secure and immutable scientific data provenance management framework that automatically verifies the provenance records using off-chain techniques. In this talk, we discuss how we leverage Blockchain as a platform to facilitate trustworthy data provenance collection, verification, and management. The developed system utilizes smart contracts and open provenance model (OPM) to record immutable data trails. We show that our proposed framework can securely capture and validate provenance data that prevents any malicious modification to the captured data as long as the majority of the participants are honest.

Dr. Kantarcioglu is a Professor in the Computer Science Department and Director of the Data Security and Privacy Lab at The University of Texas at Dallas (UTD). Dr. Kantarcioglu’s research focuses on the integration of cyber security and data science.Presentations are recorded and include time for questions with the audience.

Join CTSC's announcements mailing list for information about upcoming events. To submit topics or requests to present, see our call for presentations. Archived presentations are available on our site under "Past Events."

CCoE Webinar June 19th 11am ET: Using the Blockchain to Secure Provenance Meta-Data

Dr. Richard Brooks and Dr. Tony Skjellum are presenting the talk "Using the Blockchain to Secure Provenance Meta-Data," on June 19th at 11am (Eastern). Note: Due to a CTSC conflict this presentation is being held a week earlier than our normal schedule.

Please register here. Be sure to check spam/junk folder for registration confirmation with attached calendar file.

Provenance meta-data, also known as data pedigree, is a set of data that explains how information was derived. A number of provenance systems exist. They are useful for finding the sources of errors; allowing system users to have confidence in the materials; and potentially providing legal justification for decisions. An open issue has been how to properly secure this meta-data, in a manner that extends beyond trusting the information providers. Blockchain technology provides a universally accessible ledger of transactions that is the basis of the current generation of crypto-currencies. The blockchain structure provides guarantees of system integrity that make it exceedingly difficult for malicious insiders to tamper with data. Our project adapts blockchain concepts to securing provenance meta-data. The talk we present will include the following topics: 

• A brief survey of provenance systems that discusses security needs; 
• The presentation of three illustrative use-cases that motivate the development of a provenance security framework; • A short tutorial on the structure of the blockchain; 
• A brief overview of the current generation of crypto-currencies; 
• An explanation of what aspects of crypto-currencies are ill-suited to our application; 
• An overview of our system architecture, emphasizing two important points:
• Our ability to integrate existing tools, and 
• The portions of the system that we are developing; 
• A discussion of our current status; and 
• Plans for the next phase.

More information about this presentation is on the event page.

Presentations are recorded and include time for questions with the audience.

Join CTSC's discuss mailing list for information about upcoming events. To submit topics or requests to present, contact us here. Archived presentations are available on our site under "Past Events."

Illicit Bitcoin Mining: Prevention, Detection, and Response

Bitcoin mining and NSF computational resources have been in the news lately with the NSF OIG report for March 2014 (p. 29-30) reporting on a user of NSF-funded supercomputers using them illicitly to mine for over $8,000 in bitcoins. A similar story emerged regarding a student at Harvard. Additionally, a report from Iowa State reports intruders using a computer illicitly for bitcoin mining. (For more details about bitcoin mining, see the NSF-funded research from UCSD.)

Assuming you have made the decision to disallow bitcoin mining, addressing unauthorized bitcoin mining is a multi-phase process.

Educating your users that bitcoin mining isn’t allowed is a good first step. Make sure you have a clear acceptable use policy (AUP) that states what computing systems can and cannot be used for. For example, the IceCube AUP states that their resources “are intended to provide computing resources for analysis, processing and filtering, and simulation activities for the IceCube project.” Another, stronger approach is to explicitly ban bitcoin and other crypto-currency mining (for example, see the Heroku AUP).

Second, your users may still misbehave, or you may have unauthorized users compromise your system, so consider implementing rules for an intrusion detection system to detect the mining. Since bitcoin mining requires network traffic, monitoring network traffic can be effective. For example, bro_bitcoin is a module for Bro to detect bitcoin mining on the network.

Finally, consider procedures for what happens if you detect bitcoin mining and successfully mined bitcoins. This is an emerging area and there are no standard practices yet. However, an incident response plan should support effective response to this case, including who should be notified and involved given the fungible nature of bitcoins.