Title: "Trends in Computer Security for Open Scientific Facilities"
Point of Contact:
Bill Kramer
LBNL/NERSC
MS 50B-4230
One Cyclotron Road
Berkeley, CA 94720
Phone: (510) 486-7577
Fax: (510) 486-4300
Email: kramer@nersc.gov
Tutorial Length - Full Day (6 hours)
Content Level
Beginner – 10%, Intermediate –50%, Advanced – 40%
Was this tutorial presented before? No. Portions of this tutorial have been presented in limited venues.
Presenters (we appear to be limited to 4)
Dr. Vern Paxson
LBNL/NERSC
MS 50A-3111
One Cyclotron Road
Berkeley, CA 94720
Phone: (510) 486-6363
Fax:
Email: Vepaxson@lbl.gov
Vita
Dr Paxson received his M.S. and Ph.D. degrees from the University of California, Berkeley, and is a staff scientist with the Lawrence Berkeley National Laboratory's Network Research Group for many years. He began at ICIR (formerly ACIRI) in February 1999. His main active research projects are Bro and NIMI. His professional activities include:
· Chair of the IRTF;
· Member of the editorial board of IEEE/ACM Transactions on Networking;
· Program co-chair for SIGCOMM 2002;
· Steering committee member for Internet Measurement Workshop 2002; and
· Program committee member for USENIX 2002, 2002 IEEE Symposium on Security and Privacy, USENIX Security Symposium 2002, RAID 2002, and PAM 2002.
Stephen Lau
LBNL/NERSC
MS 943-256
One Cyclotron Road
Berkeley, CA 94720
Phone: 510-486-7178
Fax: 510-486-4316
Email: slau@lbl.gov
Vita
As Large Scale Computer Security Analyst, Stephen Lau is responsible for cyber security for the National Energy Research Scientific Computing (NERSC) Division at Lawrence Berkeley National Labs. He leads NERSC’s computer security team that responds to network intrusions and computer security incidents and also serves as the NERSC Division representative to the Berkeley Lab Cyber Security Team. Steve has been responsible for the deployment of Berkeley Lab’s Bro intrusion detection system to monitor network traffic for SciNet at the SC conference.
James Rothfuss
LBNL/NERSC
MS 50A-3111
One Cyclotron Road
Berkeley, CA 94720
Phone: (510) 495-2437
Fax:
Email: JSRothfuss@lbl.gov
Vita
Jim is the CPPM (Computer Protection Program Manager) at LBNL. As such, he is responsible for the Laboratory’s computer security program and implementations that implements government and site policy in a total open, large scale research facility.
Bill Kramer
LBNL/NERSC
MS 50B-4230
One Cyclotron Road
Berkeley, CA 94720
Phone: (510) 486-7577
Fax: (510) 486-4300
Email: kramer@nersc.gov
Vita
Bill is the Head of High Performance Computing and the Deputy Director of NERSC. As such, he is responsible for the operation and improvement of all aspects of the NERSC Center. One of his major challenges is how to provide cutting edge services – and the best performance to a national client base. He is also a co-PI on the DOE Science Grid project – which is designed to accelerate the implementation of Grid technology throughout the DOE. In the past, Bill has been involved with computer security at NASA and University of Delaware.
Abstract (200 Words)
The ability for scientists to collaborate unfettered over networks is critical in high performance computational (HPC) environments. This need however is tempered by the realities of today's interconnected computational environments where protection from unauthorized access and usage is a necessity. How does one find the balance between the needs of an open scientific research facility while simultaneously protecting a site from attackers? What challenges lie ahead in high performance computing security?
This tutorial addresses these questions by exploring various topics of computer security as it relates to an open high performance computer facility. Some of the topics we will address are:
1) The unique nature of high performance computing security
2) Addressing the needs of computer security in an HPC environment
3) An overview of current trends in attacks and incidents
4) Intrusion detection in an HPC environment
5) The future of high performance computing security
The field of computer security is a constantly evolving one, typically with more questions than there are answers. For that reason, we will conclude the tutorial with a panel discussion to promote dialogue on the current and future challenges that face HPC computer security.
Detailed Description – 4-page maximum
TBD – if we like the outline, we can work on this description.
Outline and timing
1. Introduction - Jim Rothfuss – .5 hours
a. Defining terms
b. Review of policy and regulations
c. Concepts of security
d. Goals and objectives for an open site
2. What is the threat? – Vern Paxson – 1.0 hour
a. Present
b. Future
c. "How to 0wn the Internet in your spare time"
3. Tools of the Trade
a. Intrusion Detection – 1.5 hours
i. Intrusion Detection – Vern Paxson
1. How it works
a. What tools are available
2. Bro – Design and implementation of an IDS
3. Limitations
4. Future development
b. Other tools – Scanning, firewalls, etc. - Steve Lau – 1.0 hour
i. How they work
ii. Limitations
iii. Future Development
4. Components of good protection – Bill Kramer .5 hour
a. Policy and Procedures
b. Good systems protection
c. Staffing,
d. Response teams
e. Other “best practices”.
5. Computer security in an HPC open computing environment Steve Lau – 1 Hour
a. The current state of the art
b. Incident Response
c. Intrusion detection
d. “War stories” and real world challenges
6. Future developments and challenges – Steve Lau, Jim Rothfuss and others 1 Hour
a. The Grid
i. What the Grid adds to Computer Security
ii. The Challenges the Grid presents
b. Clusters
i. How to secure clusters while maintaining an open environment.
c. High bandwidth issues
i. Computer security at OC-48 or higher?
d. The press of external policy and regulations
i. How to deal with complexity and inconsistency
ii. What a facility can do
7. Summary – Panel session on computer security
Examples of Material
- some URLs needed