2021 NSF Cybersecurity Summit Report is now available

The 2021 NSF Cybersecurity Summit for Large Facilities and Cyberinfrastructure continued a nine-year tradition of providing a forum for NSF scientists, researchers, and cybersecurity professionals to develop community and share best practices. Trusted CI, NSF’s Cybersecurity Center of Excellence, hosted the Summit and looks forward to the 10th anniversary of hosting the Summit in 2022. 

Due to the ongoing COVID-19 pandemic, Trusted CI hosted the Summit virtually for the second year in a row. The 2021 Summit was held online Oct. 12-13, 15, 18-19. On Oct. 14, NSF held a Large Facilities Workshop in coordination with Trusted CI.

Collaboration, communicating with leadership about technology, mitigating against cyberattacks, identity management, building the cybersecurity workforce, and compliance were among important themes at the Summit.

The number of individuals who registered for the 2021 Summit increased to 329, including 15 students, 101 NSF-supported projects, and 19 of 20 NSF Large Facilities.

By removing the budget constraints of travel and hotel costs, this year’s online Summit enabled increased international participation, with representation from 11 countries from the previous high of eight in 2020.

The Trusted CI team looks forward to an in-person 2022 Summit, along with a virtual attendance option, so we can continue to advance the mission of the NSF science community.

Click here to see the 2021 Summit report.

CI CoE Pilot - NEON IdM Experiences

The Cyberinfrastructure Center of Excellence (CI CoE) Pilot project, in collaboration with Trusted CI, recently completed an identity and access management engagement with the National Ecological Observatory Network (NEON) to update the NEON Data Portal to use OpenID Connect for user authentication. A paper summarizing this engagement is available.

The goal of the CI CoE Pilot project is to develop a model for a CI CoE that facilitates community building and sharing, and applies knowledge of best practices and innovative solutions for NSF's major multi-user research facilities. One sub-component of the Pilot project is to gain experience with implementing identity management (IdM) solutions for facilities.

NEON was selected as the initial IdM engagee with the intent to assist them with moving the NEON Data Portal away from managing local user credentials and towards leveraging industry standards such as OpenID Connect (OIDC). The implementation involved transitioning to Auth0, which not only imported the existing database of Data Portal users, but also allowed users to log in with third-party OIDC Identity Providers (IdPs) Google and CILogon.

AARC and CTSC Collaborate on Interfederation

CTSC is starting a collaboration with the European Authentication and Authorisation for Research and Collaboration (AARC) project on use of federated identities for international science. AARC is a two year project that started May 2015. Jim Basney from CTSC joined the June 3-4 AARC kick-off meeting to begin the collaboration.

As the infrastructures for international scientific collaborations migrate from X.509 to SAML for identity management, there is a strong need for interoperability across national SAML federation boundaries. In 2014, the US InCommon federation joined eduGAIN, which connects SAML federations around the world, and now InCommon is engaging with science projects on international interfederation pilots. At the same time, the AARC project in Europe is addressing international adoption of SAML federations by research projects. This represents an opportunity to achieve critical mass around EU-US interfederation activities for science, with CTSC providing needed coordination on the US side.

Specific goals for the CTSC-AARC collaboration include:

1. Training: Develop and disseminate training materials to enable science projects to implement federated access.
2. Pilots: Facilitate US participation in interfederation pilot projects.
3. Incident Response: Establish an operational framework for security and incident response in R&E federations via the SIRTFI working group.
4. Levels of Assurance: Map requirements of cyberinfrastructure providers to an assurance framework that can be implemented in a cost-effective manner by identity federations. 

CTSC will gather input from US cyberinfrastructure (CI) projects for AARC activities, disseminate training and other AARC project outputs to US CI projects, and facilitate EU-US pilot projects.

To participate in the discussion, please join the CTSC Federated Identity Discussion List.

Cybersecurity at SC14

CTSC team members will participating in a variety of activities at SC14 open to any attendee.

On Tuesday from 2-4pm in Von Welch is organizing a MAGIC meeting in room 204 focusing on international issues in identity management. Speakers include Ann West on “InCommon and International Interfederation”, Harold Teunissen providing an update on identity management in the EU, Tom Barton on “Federated Security Incident Response”, and Nick Jones providing an update on identity management in New Zealand.

On Tuesday from 4-4:30pm, Von Welch will be in the Indiana University booth (1339) presenting on "Cybersecurity for Science."

On Wednesday from 3-4pm and Thursday from 1-2pm, join Adam Slagell and Jim Basney in the NCSA booth (1621) for an informal discussion of cybersecurity at NCSA, including the activities of the Bro Network Security Monitor and CILogon federated identity management projects.

Feel free to contact any CTSC team member directly to chat as well.