CyberSecurity for NEEShub: Best-practices and Lessons Learned
Category
Published on
Abstract
The George E. Brown, Jr. Network for Earthquake Engineering Simulation (NEES) operates a shared network of civil engineering experimental facilities aimed at facilitating research on mitigating the impact of earthquakes. The network depends on a reliable distributed cyberinfrastructure among 15 universities to successfully work as an integrated co-laboratory for over 5,000 users from around the world.
Cybersecurity is a critical aspect to achieve the reliability required for research environments such as NEES. The network has developed a comprehensive cybersecurity approach that includes best-practice cybersecurity policies and controls and annual security audits at each of the NEES sites. The goal of the cybersecurity practices is to protect the computational resources and archived research data at NEES from malicious access that might violate the data's confidentiality or integrity or make the network or its data unavailable. Eight types of security controls have been implemented: user authentication; access control; perimeter defenses; network engineering; monitoring/auditing; data loss prevention; security evaluations; and patch management.
In this talk, we will review the evolution of the NEES cybersecurity infrastructure since its inception at Purdue University and will present a description of the security controls implemented to fulfill the particular requirements of this projects. Finally, we will share experiences and lessons learned from a handful of actual cybersecurity incidents.
Bio
Gaspar Modelo-Howard is the CyberSecurity Engineer for the Network for Earthquake Engineering Simulation (NEES), at Purdue University. He is also working towards a Ph.D. degree in Computer Engineering, with research interest at the intersection between network security and machine learning. Mr. Modelo-Howard came to Purdue after spending seven years as an information security officer for the Panama Canal Authority and five years as a college professor. He has an M.Sc. in Information Security from Royal Holloway, University of London, and a B.Sc. in electrical engineering from Universidad Tecnologica de Panama. He is a member of IEEE, Usenix and ACM.
Cite this work
Researchers should cite this work as follows: