SGCI webinars bring together community members across the globe.

Content with tag trusted ci .

Webinar: Authorizing Access to Science Gateway Resources

January 9, 2019

Authorizing Access to Science Gateway Resources

Presented by Jim Basney of NCSA & Trusted CI, Marlon Pierce of Indiana University & SGCI, and Tom Barton of the University of Chicago & Internet2

Data use agreements, controlled-access data sets, and restricted-access scientific instruments are just a few examples of authorization challenges faced by science gateways. There are many options for authenticating science gateway users, but fewer options for implementing complex authorization policies after users log on. The three panelists for this webinar will present their perspectives and experiences with authorization solutions applicable to science gateways.

Webinar Slides

Q&A from the webinar:

  • Q: In OAuth, can the user choose which items they allow and which not from the list of access requested by the app?
    A: In general a gateway should only request what items they need, so a user would accept or deny all.
  • Q: What is a good resource for getting started with Research & Scholarship attributes? I collect these attributes for my gateway with a custom sign-up form.
    A: InCommon's Research & Scholarship info is here: https://spaces.at.internet2.edu/display/InCFederation/Research+and+Scholarship+Category
  • Q: What is the URL for the paper "Federated Identity Management for Research Collaborations"?
    A: https://zenodo.org/record/1307551#.XDY8989KhAY
  • Q: Is there any sort of federation body that takes into consideration students in K-12?
    A: The Steward program was started to address this audience https://www.incommon.org/steward/, but there hasn't been enough perceived need to carry the project forward. As of now, there is no federation body for K-12.
  • Q: Any tips or success paths for gateways that must deal with PII information? I know this is not directly related to security but security plays a huge role in the overall infrastructure plan.
    A: That's a big question! Some things that come to mind: First, I hope that on your campus the CISO's office is viewed as a good enabling resource. If so, they should be able to provide in-depth guidance and assistance. Second, the TrustedCI Open Science Cyber Risk Profile https://trustedci.org/oscrp can be useful to help you think through how to suitably protect the PII. 
  • Q: How do I learn more about Airavata?
    A: See http://airavata.apache.org/mailing-list.html to subscribe to the Airavata dev list.

Watch on YouTube


Webinar: Cybersecurity for the Modern Science Gateway

February 14, 2018

Cybersecurity for the Modern Science Gateway 

Presented by Von Welch, Director, Indiana University Center for Applied Cybersecurity Research and Center for Trustworthy Scientific Cyberinfrastructure
and
Mark Krenz, Lead Security Analyst, Indiana University Center for Applied Cybersecurity Research

Science Gateways may be varied in their individual design and purpose, but can all benefit from a commonly used approach to Cybersecurity. Join security experts from the Center for Trustworthy Scientific Cyberinfrastructure (CTSC) as they present an easy-to-follow overview of the resources available to start or improve your gateway's cybersecurity program. From this presentation, you will learn the three key cybersecurity aspects that science gateways share as well as the three goals your program should strive to achieve in cybersecurity. An overview of techniques and tools will be shown to provide guidance to those not focused on cybersecurity, but wishing to address its challenges.

Cybersecurity Webinar Slides

Resources mentioned during the webinar:

Watch on YouTube