Trusted CI at SFSCon 2021

SFSCon was on hiatus last year due to the pandemic, but it's back this year with a virtual format. SFSCon 2021, to be held November 5-7, will be the fourth annual cybersecurity training and professional development event organized by Cal Poly Pomona (CPP) for CyberCorps Scholarship for Service (SFS) students and alumni nationwide. This year SFSCon will use the U.S. Cyber Range for hands-on student training. Trusted CI will be providing Identity and Access Management training and Security Log Analysis training, as in previous years, with training materials updated for the virtual format.

Trusted CI at SFSCon 2019

Group Photo of SFSCon 2019 Participants

On September 27-29, Trusted CI participated in SFSCon 2019, the third annual cybersecurity training and professional development event at Cal Poly Pomona (CPP) for the CyberCorps Scholarship for Service (SFS) students and alumni nationwide. 105 student attendees traveled to California from 42 universities across the country for this event organized by CPP Professor Mohammad Husain. In 2017, Trusted CI helped organize the CPP-CTSC SFS Cyberinfrastructure Security Workshop, the first event in this SFSCon series.

This year, Trusted CI's Barton P. Miller and Elisa Heymann provided a Software Assurance training for the students, and Trusted CI's Jim Basney and John Zage provided an Identity and Access Management training. Ishan Abhinit and Zalak Shah (CACR) also provided a Security Log Analysis training, using training materials developed by Trusted CI.

From 45 student attendees in 2017 to 105 student attendees in 2019, SFSCon is a growing success. It’s great to see the SFS program supporting the development of the next generation cybersecurity workforce. Trusted CI is proud to have the Cal Poly Pomona Scholarship for Service project as one of our partners.

CPP-CTSC SFS Cyberinfrastructure Security Workshop

On the weekend of October 14th, the California State Polytechnic University Pomona Scholarship for Service program in collaboration with the Center for Trustworthy Scientific Cyberinfrastructure (CTSC) hosted a cyber workshop for Scholarship for Service (SFS) students. 45 Students from 13 different universities traveled to Pomona, CA, to participate despite looming midterms the following week. Students spent all day Saturday and half of Sunday participating in workshops covering topics such as public key infrastructure and deployment, log analysis + Splunk, network security in a Science DMZ, and federated identity and access management.

The Student Attendees

The students at this workshop are participants of the Cybercorps Scholarship for Service (SFS) program, designed by the National Science Foundation to strengthen the workforce of information assurance professionals protecting the government’s critical information infrastructure. The SFS program provides a scholarship to full-time students that typically includes full tuition, related fees, and a stipend. These students then repay the program through public service and employment in a government agency. Agencies and positions qualifiable for the program include both federal and state institutions.

The CPP and CTSC Instructors

The engagement process started in May of 2017, with CPP submitting an application to CTSC requesting assistance in creating a training workshop for the SFS students. Once the engagement started, CPP and CTSC equally shared the task of planning the event.   Cal Poly Professors Dr. Mohammad Husain, Dr. Ron Pike, and Dr. Tingting Chen, as well as CTSC security professionals Dr. Jim Basney, Jeannette Dopheide, John Zage, and Kay Avila participated in the coordination. Materials from previous CTSC lectures and training were used as a base for the lessons taught by CTSC, as well as for the creation of new material. Hands-on training was prepared in a single virtual machine from the NSF project SEED base image. The SEED image provides a host of instruction and training materials for Information security projects.

The day before the workshop, the CPP staff led the CTSC team through a tour of the facilities and introduced them to the various cyber student groups on the CPP campus. One of these groups, Students With an Interest in the Future of Technologies (SWIFT), were preparing for a national capture the flag competition, while another group, CPP PolySec Lab, was penetration testing integrated devices. A third group demonstrated their student-run data center, including a small server room with server racks and sensors. This data center provides services to students while providing excellent experience to the students managing the server.

On Saturday, the workshop began with Dr. Mohammad Husain, the director of cyber security programs and Cal Poly Pomona’s SFS Principal investigator, introducing the instructors for the weekend. Following introductions, the day started with CTSC instructors introducing a set of cyberinfrastructure projects currently being worked on, namely HTCondor, DKIST, and OSiRIS.

At the end of the day on Saturday, the students were introduced to a panel of professionals to showcase different career paths for the security profession. The panel consisted of Karl Mattson, the Chief Information Security Officer for City National Bank; Veronica Mitchel, a cyber risk officer for the city of Long Beach,  CA; Deronda Dubose, a special agent for the secret service; John W. McGuthry, the Chief Information Officer for Cal Poly Pomona; and Dr. Basney, a CTSC co-PI.  Dr. Daniel Manson, a professor and the campus Information Security Officer at Cal Poly, moderated the conversation. Students did a phenomenal job participating in the panel, giving elevator speeches and promoting their extracurricular activities while receiving feedback on their participation from the panel.

Survey results were collected after the workshop, and responses indicate the hands-on sessions were well received, especially the log analysis session. Ninety-five percent of students found the workshop either good or excellent, while sixty-three percent thought they were more likely to pursue a career in cyberinfrastructure security after the workshop. For more information about the workshop, slides, handouts, and videos will be uploaded here.

Secure Coding tutorial accepted at XSEDE'14

Prof. Bart Miller will present his Secure Coding tutorial at XSEDE'14 on July 14th. With the recent coding flaws found in OpenSSL, this subject has become even more timely.

Watch this blog or the CTSC Twitter feed for more details.

CTSC at Supercomputing

Bart Miller and Elisa Heymann will be holding a tutorial "Secure Coding Practices for Grid and Cloud Middleware and Services" on Monday morning from 8:30am-Noon. For more information see http://sc12.supercomputing.org/schedule/event_detail.php?evid=tut126.

Von Welch will be presenting CTSC (along with other IU cybersecurity activities) in the Indiana University booth (1343) on Wednesday from 10am - 1pm. Please feel free to find Von at the Indiana University booth any time to talk one-on-one about CTSC.

(11/9) Updated to add: Wednesday from 1:30-3:30 in room AB250 the MAGIC working group will being holding its monthly meeting focusing on Identity Management. Speakers will be Scott Koranda (LIGO and CTSC), Steven Newhouse (EGI), Ian Foster (Globus) and Jim Basney (CILogon and CTSC).