The project includes participants from the Laser Interferometer Gravitational-Wave Observatory (LIGO) Scientific Collaboration and the Large Synoptic Survey Telescope (LSST) project to ensure relevance and facilitate adoption. The SciTokens project delivers open source software to help scientists manage their security credentials more reliably and securely. In an effort to avoid these problems, scientists often use long-lived, highly-privileged credentials (e.g., enabling the workflow to fully impersonate their identity), increasing risks to their accounts and to the underlying computational infrastructure and resulting in complexity for information security officers managing the infrastructure. Problems with security credentials (e.g., expiration, privilege mismatch) cause the workflows to fail to fetch needed input data or store valuable scientific results, distracting scientists from their research by requiring them to diagnose the problems, re-run their computations, and wait longer for their results. The management of security credentials such as passwords and secret keys for computational science workflows is a burden for scientists and information security officers. AttackTagger integrates with existing security software so as to be easily deployable within existing security ecosystems and consumes a wide variety of system and network security logs. AttackTagger is a sophisticated log analysis tool designed to find potentially malicious activity, such as credential theft, by utilizing a Factor Graph model. AttackTagger can scale to be able to address the dramatic increase in security log data, and detect emerging threat patterns in today's constantly evolving security landscape. Even larger facilities that have with security expertise are often overwhelmed with the amount of security log data they need to analyze in order to identify attackers and attacks, which is the first step to defending against them. Modest to medium research project teams have little cyber security expertise to defend against the increasingly diverse, advanced and constantly evolving attacks.
The cyber-infrastructure that supports science research faces the daunting challenge of defending against cyber attacks.
0 kommentar(er)
