Science Gateway Community Institute
Trusted CI had entered into a collaboration with the Science Gateway Community Institute (SGCI). Funded by NSF, the SGCI provides services, resources, community support, and education to those seeking to create and sustain science gateways -- online interfaces that give researchers, educators, and students easy access to specialized, shared resources that are specific to a science or engineering discipline.
Through SGCI’s Incubator program, Trusted CI offers specialized engagements, or consultations, to science gateway developers and operators seeking cybersecurity support. Additionally, Trusted CI presents on relevant cybersecurity topics during SGCI’s focus weeks (formerly called “bootcamps”).
Resources offered by Trusted CI include:
Developing a Cybersecurity Program: a tractable method to build policies and procedures for cyberinfrastructure
Cybersecurity checkups: a tailored approach to accessing the maturity of a security program
Identity and Access Management: a collection of resources to improve authentication and authorization
Open Science Cyber Risk Profile: providing risk profiles for common scientific assets.
Providing advice to the SGCI team on protecting their own internal information assets.
Interested science gateway developers and operators interested in obtaining help with cybersecurity should contact SGCI at: https://sciencegateways.org/consulting/work-with-us.
The next SGCI focus week is September 9 - 13 in Chicago, IL.
The Gateways 2019 Conference September 23 - 25 in San Diego, CA.
Below are a few examples of Trusted CI's contributions to science gateways
GISandbox: Reviewed their operational security and science gateway code
EarthCube Data Discovery Studio: Reviewed the security of the project server and website
UC SanDiego's BRAIN Lab: Advised on using the cloud storage service, Box, for one of their projects
The Rolling Deck to Repository (R2R): Presented best practices in transferring and archiving data
SeedMeLab: Advised the project on using software penetration testing
cloudperm: Trusted CI has written an app that checks permissions on Google documents to identify potential sensitive material accessible to the public. This scan has been used by SGCI to review its own documents.
Trusted CI blog posts featuring the Science Gateway Community Institute and Science Gateways
Webinar, “Authorizing Access to Science Gateway Resources.“ Presented by Jim Basney of NCSA & Trusted CI, Marlon Pierce of Indiana University & SGCI, and Tom Barton of the University of Chicago & Internet2.