Trusted CI podcast

Trusted CI
  • 0,0 (0)
  • TECHNOLOGIES
Podcast Trusted CI podcast

Trusted CI is the NSF Cybersecurity Center of Excellence. The mission of Trusted CI is to lead in the development of an NSF Cybersecurity Ecosystem with the workforce, knowledge, processes, and cyberinfrastructure that enables trustworthy science and NSF’s vision of a nation that is a global leader in research and innovation. More information can be found at trustedci.org.

  1. 26 AOÛT

    August 2024: JSON Web Tokens for Science: Hands on Jupyter Notebook Tutorial

    NSF cyberinfrastructure is undergoing a security transformation: a migration from X.509 user certificates to IETF-standard JSON Web Tokens (JWTs). This migration has facilitated a re-thinking of authentication and authorization among cyberinfrastructure providers: enabling federated authentication as a core capability, improving support for attribute, role, and capability-based authorization, and reducing reliance on prior identity-based authorization methods that created security and usability problems. In this webinar, members of the SciAuth project (https://sciauth.org/ - NSF award #2114989) will provide a short, hands-on tutorial for cyberinfrastructure professionals to learn about JWTs, including SciTokens (https://scitokens.org/ - NSF award #1738962). Participants will use Jupyter Notebooks to validate the security of JWTs and experiment with JWT-based authentication and authorization. Participants will gain an understanding of JWT basics suitable for understanding their security and troubleshooting any problems with their use. Speaker Bios: Dr. Jim Basney is a principal research scientist in the cybersecurity group at the National Center for Supercomputing Applications at the University of Illinois at Urbana-Champaign. He is the Director and PI of Trusted CI. Jim received his PhD in computer sciences from the University of Wisconsin-Madison. Dr. Derek Weitzel is a research assistant professor in the School of Computing at the University of Nebraska - Lincoln. He has been providing distributed computing solutions to the national cyberinfrastructures since 2009. He is a member of the OSG’s production operations team and leads the operations of the National Research Platform. His current areas of research involve distributed data management for shared and opportunistic storage, secure credential management, and network monitoring and analytics.

    46 min

  2. 22 JUIL.

    Automated Building and Deploy Testing — Using Zeek as an example

    At ESnet, we pride ourselves on being cutting-edge, even if it causes a few scratches. Every new branch of Zeek is automatically built and tested in Gitlab CI. Then, every night, the latest successful 'master' build is deployed, along with all of our packages and scripts, to a test system via Ansible. As time permits, we roll out the latest build, in production, to over 40 servers. Through this process we've both been able to provide early feedback to the Zeek project about potential bugs and give ourselves an early warning system when changes impact our production plugins and scripts. Zeek is an open source network security monitoring tool. This does not focus on the use of Zeek itself, but rather the care and feeding of our installation footprint. Speaker Bio: Michael “Dop” Dopheide has spent the majority of his career working in the R&E community specializing in systems engineering, security research, incident response, and network intrusion detection. He especially enjoys helping coworkers debug problems at the packet and protocol levels. In addition to his operational security role, Dop helps support the open source Zeek community and volunteers every year to beta test the SANS Holiday Hack challenge.

    26 min

  3. 21 JUIN

    June 2024: The Transformative Twelve: Taking a Practical, Evidence-Based Approach to Cybersecurity Controls

    Controls aren’t everything, but they are an important rubber-meets-the-road component of your cybersecurity strategy and program. This webinar will help you will understand the role controls play in a competent cybersecurity program through the lens of the Trusted CI Framework. And, with help cutting through the noise of the many, many controls and control sets in the wild, it will introduce you to the Transformative Twelve, a small, highly prioritized, evidence-based set of cybersecurity controls. Speaker Bio: Craig Jackson is Deputy Director at the Indiana University Center for Applied Cybersecurity Research, where his R&D interests include evidence-based approaches to security, cybersecurity fundamentals, and cybersecurity program development and governance. He leads collaborative work with critical infrastructure partners. His work includes the Trusted CI Framework, the Information Security Practice Principles, and the Cybertrack and USN’s PACT assessment methodologies. Craig’s education background is in law, education, psychology, and philosophy.

    54 min

  4. 20 MAI

    May 2024: NSF's 2025 Research Infrastructure Guide: Information Assurance

    NSF's major facilities represent some of the most significant research facilities on the globe. The forthcoming revision to the Research Infrastructure Guide (or RIG) details NSF's guidance on securing these facilities and its expectations for cybersecurity programs at the major facilities. This presentation will explain how we approached shaping this guidance, the unique challenges we faced, and offer a peek at some of the resulting guidance the revised RIG will provide. Speaker Bio: Michael Corn has been a CISO at four institutions (UIUC, Illinois System, Brandeis University, and most recently UC San Diego). A regular author on a variety of privacy, cybersecurity and identity related topics, he is currently the Cybersecurity Advisor for Research Infrastructure in the Office of the Chief Officer for Research Facilities and additionally provides support to the Office of the Chief of Research Security Strategy and Policy within NSF. A recent online presentation on cybersecurity policy can be found at https://bit.ly/3JIpI8w.

    46 min

  5. 9 AVR.

    April 2024: SPHERE - Security and Privacy Heterogeneous Environment for Reproducible Experimentation

    Cybersecurity and privacy threats increasingly impact our daily lives, our national infrastructures, and our industry. Recent newsworthy attacks targeted nationally important infrastructure, our government, our researchers, and research facilities. The landscape of what needs to be protected and from what threats is rapidly evolving as new technologies are released and threat actors improve their capabilities through experience and close collaboration. Meanwhile, defenders often work in isolation, use private data and facilities, and produce defenses that are quickly outpaced by new threats. To transform cybersecurity and privacy research into a highly integrated, community-wide effort, researchers need a common, rich, representative research infrastructure that meets the needs across all members of the community, and facilitates reproducible science. To meet these needs, USC Information Sciences Institute and Northeastern University have been funded by the NSF mid-scale research infrastructure program to build Security and Privacy Heterogeneous Environment for Reproducible Experimentation (SPHERE). This infrastructure will offer access to an unprecedented variety of hardware, software, and other resources connected by user-configurable network substrate, and protected by a set of security policies uniquely aligned with cybersecurity and privacy research needs. SPHERE will offer six user portals, closely aligned with needs of different user groups. It will support reproducible research through a combination of infrastructure services (easy experiment packaging, sharing and reuse) and community engagement activities (development of realistic experimentation environments and contribution of high-quality research artifacts). Speaker Bios: Dr. Jelena Mirkovic is Principal Scientist at USC-ISI and Research Associate Professor at USC. She received her MS and PhD from UCLA, and her BSc from University of Belgrade, Serbia. Jelena's research interests span networking and cybersecurity fields, as well as testbed experimentation. Her current research is focused on authentication, use of machine learning for network attack detection, large-scale dataset labeling for security, and user privacy. She is the lead PI on the SPHERE project. Mr. David Balenson is Senior Supervising Computer Scientist and Associate Director of the Networking and Cybersecurity Division at USC-ISI. He received his MS and BS in Computer Science from the University of Maryland. His current research interests include cybersecurity and privacy for critical infrastructure and cyber-physical systems including automotive and autonomous vehicles, experimentation and test, technology transition, and multidisciplinary research. He is the Community Outreach Director for SPHERE.

    38 min

  6. 18 MARS

    March 2024: Lessons from the ACCORD Project

    The ACCORD cyberinfrastructure project at the University of Virginia (UVA) successfully developed and deployed a community infrastructure providing access to secure research computing resources for users at underserved, minority-serving, and non-PhD-granting institutions. ACCORD's operational model is built around balancing data protection with accessibility. In addition to providing secure research computing resources and services, key outcomes of ACCORD include creation of a set of policies that enable researchers external to UVA to access and use ACCORD. While the ACCORD expedition achieved its technical and operational goals, its broader mission of broadening access to underserved users had limited success. Toward gaining a better understanding of the barriers to researchers accessing ACCORD, our team carried out two community outreach efforts to engage with researchers and computing service leaders to hear their pain points as well as solicit their input for an accessible community infrastructure. In this talk, we will describe the ACCORD infrastructure and its operational model. We will also discuss insights from our effort to develop policies to balance accessibility with security. And finally, we wil share lessons learned from community outreach efforts to understand institutional and social barriers to access. Speaker Bios: Ron Hutchins: In the early 1980’s, Ron worked at the Georgia Institute of Technology to create a networking laboratory in the College of Computing teaching data communications courses there. After moving to the role of Director of Campus Networks in 1991, Ron founded and led the Southern Crossroads network aggregation (SoX) across the Southeast. In 2001 after receiving his PhD in computer networks, he took on the role of Chief Technology Officer for the campus. In August of 2015, Ron moved into the role of Vice President of Information Technology for the University of Virginia, working to build partnerships across the campus. Recently, Ron has moved from VP to research faculty in the Computer Science department at UVA and is participating broadly across networking and research computing in general including work with the State of California building out the broadband fiber network backbone across the state. Tho Nguyen is a computer science and policy expert. He served as project manager for the ACCORD effort from 2019-2021, and continues to support the project implementation and growth. Nguyen is currently a Senior Program Officer at the National Academies of Sciences, Engineering, and Medicine. From 2015-2021 Nguyen was on the research staff in the Department of Computer Science at the University of Virginia where he worked on compute-in-memory and developing HPCs for research. Prior to UVA, he was a AAAS Science and Technology Policy Fellow at the National Science Foundation where he worked primarily on the Cyber Physical Systems program. Nguyen holds a PhD in Systems & Controls (Electrical Engineering) from the University of Washington.

    57 min

  7. 04/12/2023

    December 2023: Open Science Chain

    The envisioned advantage of sharing research data lies in its potential for reuse. Although many scientific disciplines are embracing data sharing, some face constraints on the data they can share and with whom. It becomes crucial to establish a secure method that efficiently facilitates sharing and verification of data and metadata while upholding privacy restrictions to enable the reuse of scientific data. This presentation highlights our NSF-funded Open Science Chain (OSC) project, accessible at https://www.opensciencechain.org. Developed using blockchain technologies, the OSC project aims to address challenges related to the integrity and provenance of research artifacts. The project establishes an API-based data integrity verification management service for data-driven research platforms and hubs, aiming to minimize data information loss and provide support for managing diverse metadata standards and access controls. Speaker Bio: Subhashini Sivagnanam is the manager of the Cyberinfrastructure Services and Solutions (CISS) group at the San Diego Supercomputer Center/ UCSD. Her research interests predominantly lie in distributed computing, cyberinfrastructure development, scientific data management, and reproducible science. She serves as the PI/Co-PI on various NSF/NIH projects related to scientific data integrity and developing cyberinfrastructure software. Furthermore, she oversees the management of UC San Diego’s campus research cluster known as the Triton Shared Computing Cluster.

    27 min

  8. 13/09/2023

    September 2023: Improving the Privacy and Security of Data for Wastewater-based Epidemiology

    As the use of wastewater for public health surveillance continues to expand, inevitably sample collection will move from centralized wastewater treatment plants to sample collection points within the sewer collection system to isolate individual neighborhoods and communities. Collecting data at this geospatial resolution will help identify variation in select biomarkers within neighborhoods, ultimately making the wastewater-derived data more actionable. However a challenge in achieving this is the nature of the wastewater collection system, which aggregates and commingles wastewater from various municipalities. Thus various stakeholders from different cities must collectively provide information to separate wastewater catchments to achieve neighborhood-specific public health information. Data sharing restrictions and the need for anonymity complicates this process. This talk presents our approaches to enabling data privacy in wastewater-based epidemiology. Our methodology is built upon a cryptographic technique, Homomorphic Encryption (HE), ensuring privacy. Additionally, we outline a technique to enhance the performance of HE, which could be of independent interest. Speaker Bio: Ni Trieu is currently an Assistant Professor at Arizona State University (ASU). Her research interests lie in the area of cryptography and security, with a specific focus on secure computation and its applications such as private set intersection, private database queries, and privacy-preserving machine learning. Prior to joining ASU, she was a postdoc at UC Berkeley. She received her Ph.D. degree from Oregon State University.

    56 min
Tout afficher (87)

À propos

Trusted CI is the NSF Cybersecurity Center of Excellence. The mission of Trusted CI is to lead in the development of an NSF Cybersecurity Ecosystem with the workforce, knowledge, processes, and cyberinfrastructure that enables trustworthy science and NSF’s vision of a nation that is a global leader in research and innovation. More information can be found at trustedci.org.

Informations

  • Création
    Trusted CI
  • Années d’activité
    2021 - 2024
  • Épisodes
    87
  • Classification
    Tous publics
  • Copyright
    311811 Copyright © 2021 The Trustees of Indiana University. This work is licensed under a Creative Commons Attribution-­NonCommercial 3.0 Unported (CC BY­NC 3.0) license.
  • Site web de l’émission
    Trusted CI podcast

Pour écouter des épisodes au contenu explicite, connectez‑vous.

Recevez les dernières actualités sur cette émission

Connectez‑vous ou inscrivez‑vous pour suivre des émissions, enregistrer des épisodes et recevoir les dernières actualités.
Choisissez un pays ou une région

Afrique, Moyen‑Orient et Inde

Asie‑Pacifique

Europe

Amérique latine et Caraïbes

États‑Unis et Canada