Version 40 (modified by bbaker, 11 years ago) (diff) |
---|
Security
Overview
LSST has two apparently conflicting goals:
- Openness - generous access to data by scientists and the public
- Security - reliable infrastructure and long-term data integrity
As a large and publicly exciting project, LSST can expect to attract many kinds of interest, ranging from scientific curiosity to active attacks. We must ensure that we:
- Encourage engagement by providing access to data
- Prepare for both attacks and disasters
- Ensure the functioning of our essential data-collection pipeline
- Protect the long-term integrity of our data
Important Dates
- May 15 - Annotated Outline (for All Hands Mtg)
- August 2008 - Review draft for inclusion in NSF PDR
- October 2008 - NSF PDR due
Types of Security
- Physical Security -- buildings, networks, cables, electric power, physical machines
- System-level Security -- operating systems, processes, file systems, local user accounts & root access
- Applications -- services, registries, trust networks, bandwidth management
- User Access -- personal workspaces, job management, user interfaces
Sites
See also a table of LSST security realms.
- Mountaintop
- Network access strictly through base facility
- Important roles: Buffering, Network transfer to Base Facility
- Base facility (at La Serena)
- [Who can access?]
- No public access (all through collocated Data Access Center)
- Nightly processing (real-time)
- Data transferred to Archive Center
- Archive Center (at NCSA)
- [Who can access?]
- Data Archive
- Primary data processing
- Data access Centers
- Operated by LSST
- Collocated with the Archive Center (NCSA)
- Collocated with Base Facility (La Serena)
- San Diego
- Education and Public Outreach (EPO)
- Possibly others, independently funded
- Operated by LSST
Shared Facilities
Where LSST shares a site, we can expect to collaborate with other organizations on security, especially physical security.
- NCSA
- The LSST Archive Center will be housed in NCSA's Petascale Computing Facility, which will also house the NSF supercomputing cluster Blue Waters, expected to come online in 2011.
- NCSA's security policy document is linked below.
[Needed: list of other organizations whose facilities we will share]
Threats
What threats does LSST need to guard against?
[To be filled in & organized -- this is really just a placeholder]
- Data deletion, both accidental & malicious
- DOS, both accidental & malicious
- Loss of connectivity (is this a security issue, an operations issue, or both?)
- Between mountaintop & base station
- Between base station & archive center
Are these threats too abstract? Should we focus on things like "cable cut" instead of "loss of connectivity"? Both the cause & the symptom are important.
Questions
How does security policy relate to:
- Disaster preparedness? For example, cable cuts on the mountain?
- Application performance? In particular, denial-of-service that exploits expensive computations?
- Measuring and ensuring data integrity?
- Data provenance (especially the relationship between authentication and data provenance)?
Related Documents
Institutions
- Cybersecurity and Acceptable Use (html)
- Acceptable Encryption Use Policy (pdf)
- Network Audit Policy (pdf)
- Backup Policy (pdf)
- Information Sensitivity Policy (pdf)
- Laptop Security Tips (pdf)
- Guidelines for Choosing a Good Password (pdf)
- Privileged Account Access Policy (pdf)
- Remote Access Policy (pdf)
- Server Security Policy (pdf)
- Wireless Access Policy (pdf)
To Do: add SIRTF docs
Guides and Handbooks
- Guide to NIST security documents (pdf, March 2007, 36 pages)
- NIST Security Handbook for Managers (pdf, October 2006, 178 pages)
- NIST Security Handbook (pdf, 1995, 290 pages)
- RFC 2196 - Site Security Handbook (html, 1997)
Document Template Collections
- SANS
- NIST archive
- Templates from Ephibian (attached below)
Attachments
-
Security Policy documents.zip
(455.4 KB) -
added by bbaker 11 years ago.
Generic Templates for Security Policy Documents