Presentation is loading. Please wait.

Presentation is loading. Please wait.

A Science DMZ in Every Pot?

Published byCecily Jordan Modified over 5 years ago

Similar presentations

Presentation on theme: "A Science DMZ in Every Pot?"— Presentation transcript:

1 A Science DMZ in Every Pot?
Von Welch, Director Center for Applied Cybersecurity Research Pervasive Technology Institute A Science DMZ in Every Pot? National Research Platform Workshop August 8th, 2017 INDIANA UNIVERSITY

2 SECTION TITLE GOES HERE IF NECESSARY
Who am I? Director, IU Center for Applied Cybersecurity Research cacr.iu.edu Director, NSF Cybersecurity Center of Excellence trustedci.org I work with a lot a lot of science projects on cybersecurity challenges and think a lot about how cybersecurity and science interact. I engage with scientists, science facilitators, and infosec folks to enable science.

3 SECTION TITLE GOES HERE IF NECESSARY
My Main Points Networks to support science on campuses well exists: Science DMZs Scaling is blocked by social problems.

4 What would it take, from an information security perspective, to have networks suitable for science on every campus?

5 Science DMZs: Networks for Science
Typical enterprise network is lots of small flows. Typical science network is a few large flows. Science DMZs optimize for the latter.

6 https://academic.oup.com/jamia/article/23/6/1199/2399316/The-Medical-Science-DMZ#

7 So, What’s the Problem?

8 The use of dedicated systems for data transfer
“A Science DMZ integrates four key concepts into a unified whole that together serve as a foundation for this model.  These include: A network architecture explicitly designed for high-performance applications, where the science network is distinct from the general- purpose network The use of dedicated systems for data transfer Performance measurement and network testing systems that are regularly used to characterize the network and are available for troubleshooting Security policies and enforcement mechanisms that are tailored for high performance science environments”

9 The Research Computing Facilitator says…
“Science DMZs are great! They optimize the network for large science flows, removing the friction, and make data movement fast!”

10 The Information Security Officer hears…
“We get rid of the firewall and…”

11 So, What’s the Solution?

12 We need to shift the conversation
Cybersecurity is too often ONLY about the technology or compliance. This makes it rigid and inflexible.

13 Shifted conversation The goal of cybersecurity is to support a mission by managing risks to IT. Research and Science is part of mission in the same way things in Enterprise are part of mission.

14 Cast in this light… An enterprise network with cybersecurity to support the enterprise applications, services, data, network flows, etc. and… A science network with cybersecurity to support science applications, services, data, network flows, etc. makes sense.

15 To Scale we need the right people to say it
This is hard, most CIOs and CISOs learn enterprise first. “Social Peer-to-peer” is the most effective social mechanism to foster acceptance. Need to identify the infosec early adopters (who may already have adopted) and get early success stories out from them to their peers.

16 cacr.iu.edu / trustedci.org
Thank you. Von Welch cacr.iu.edu / trustedci.org We thank the National Science Foundation (grant ) for supporting our work.

Download ppt "A Science DMZ in Every Pot?"

Similar presentations

Tom Sheridan IT Director Gas Technology Institute (GTI)

Tom Sheridan IT Director Gas Technology Institute (GTI)
BERAC Charge A recognized strength of the Office of Science, and BER is no exception, is the development of tools and technologies that enable science.

BERAC Charge A recognized strength of the Office of Science, and BER is no exception, is the development of tools and technologies that enable science.
SERC Security Systems Engineering Initiative Dr. Clifford Neuman, Director USC Center for Computer Systems Security Information Sciences Institute University.

SERC Security Systems Engineering Initiative Dr. Clifford Neuman, Director USC Center for Computer Systems Security Information Sciences Institute University.
Enterprise Security. Mark Bruhn, Assoc. VP, Indiana University Jack Suess, VP of IT, UMBC.

Enterprise Security. Mark Bruhn, Assoc. VP, Indiana University Jack Suess, VP of IT, UMBC.
Von Welch (PI) Susan Sons (HUBzero Engagement Lead) Hubbub 2014 30 September 2014 trustedci.org Cybersecurity for Cyberinfrastructure… and Science!

Von Welch (PI) Susan Sons (HUBzero Engagement Lead) Hubbub September 2014 trustedci.org Cybersecurity for Cyberinfrastructure… and Science!
July 18, 2012 Campus Bridging Security Challenges from “Panel: Security for Science Gateways and Campus Bridging”

July 18, 2012 Campus Bridging Security Challenges from “Panel: Security for Science Gateways and Campus Bridging”
Gene Wilhoit, Executive Director Center for Innovation in Education Kentucky Education Professional Standards Board Retreat July 21, 2014.

Gene Wilhoit, Executive Director Center for Innovation in Education Kentucky Education Professional Standards Board Retreat July 21, 2014.
High-throughput Sequencer Dec 2011 – 758 sequencers Apr 2012 – 823 sequencers Biomedical Research 1 – © 2012 Internet2 Source: Dec.

High-throughput Sequencer Dec 2011 – 758 sequencers Apr 2012 – 823 sequencers Biomedical Research 1 – © 2012 Internet2 Source: Dec.
Faculty Senate Meeting President’s Report September 16, 2010 President’s Report.

Faculty Senate Meeting President’s Report September 16, 2010 President’s Report.
Cyberinfrastructure: An investment worth making Joe Breen University of Utah Center for High Performance Computing.

Cyberinfrastructure: An investment worth making Joe Breen University of Utah Center for High Performance Computing.
LOW STAKES INTERACTIONS CATALYZE HIGH IMPACT STEM EDUCATION PROGRAMS Kathryn Trenshaw Brown University November 7 th, 2014.

LOW STAKES INTERACTIONS CATALYZE HIGH IMPACT STEM EDUCATION PROGRAMS Kathryn Trenshaw Brown University November 7 th, 2014.
NSF Cybersecurity Funding Opportunities Anita Nikolich National Science Foundation Program Director, Advanced Cyberinfrastructure September 2015.

NSF Cybersecurity Funding Opportunities Anita Nikolich National Science Foundation Program Director, Advanced Cyberinfrastructure September 2015.
Cybersecurity Challenges and Opportunities Anita Nikolich Program Director, Advanced Cyberinfrastructure October 2015.

Cybersecurity Challenges and Opportunities Anita Nikolich Program Director, Advanced Cyberinfrastructure October 2015.
Copyright © 2014 Juniper Networks, Inc. 1 Juniper Unite Cloud-Enabled Enterprise Juniper’s Innovation in Enterprise Networks.

Copyright © 2014 Juniper Networks, Inc. 1 Juniper Unite Cloud-Enabled Enterprise Juniper’s Innovation in Enterprise Networks.
1 Supplemental line if need be (example: Supported by the National Science Foundation) Delete if not needed. XDMoD Financial Analytics Craig Stewart ORCID.

1 Supplemental line if need be (example: Supported by the National Science Foundation) Delete if not needed. XDMoD Financial Analytics Craig Stewart ORCID.
Data NIH Philip E. Bourne, PhD Associate Director for Data Science National Institutes of Health Big Data Symposium, Lincoln,

Data NIH Philip E. Bourne, PhD Associate Director for Data Science National Institutes of Health Big Data Symposium, Lincoln,
New Specialization Training Requirement Available Now: Selling Business Outcomes v1.0 810-403.

New Specialization Training Requirement Available Now: Selling Business Outcomes v
Instructional slide to Partner: REMOVE BEFORE PRESENTING TO CUSTOMER

Instructional slide to Partner: REMOVE BEFORE PRESENTING TO CUSTOMER
D-Link Wireless AP with NAP 802.1x solution

D-Link Wireless AP with NAP 802.1x solution
IT: Be the Change and Culture You Want IT to Be

IT: Be the Change and Culture You Want IT to Be

Similar presentations

Ads by Google