The SAGE Development Team at the Laboratory for Advanced Visualization & Applications (LAVA) at the University of Hawaiʻi at Mānoa and the Electronic Visualization Laboratory (EVL) at the University of Illinois at Chicago recently received one-year supplemental funding from the National Science Foundation (NSF) to their SAGE2 award, in the amount of $527,000, to focus on SAGE2 cybersecurity.
The diversity and distributed nature of the SAGE2 user base provides a growing set of security concerns. Identity and access management procedures in particular provide unique challenges, given the variety of institutions using SAGE2 to collaborate using display walls.
In July 2018, the SAGE2 Team began working with Trusted CI, the NSF Cybersecurity Center of Excellence at Indiana University, to develop an Engagement Plan that outlines the scope of a 6 month timeline for the engagement, followed by 6 months of implementation. Trusted CI is helping outline Identity and Access Management (IAM) procedures appropriate for SAGE2’s distributed user base. For example, SAGE2 needs to identify and provide access to local and remote sites involved in a collaboration as well as the users at those sites; such as: who is allowed to collaborate, are they allowed to share information or simply read it, and are they allowed to download information, etc. A secondary goal of the engagement, time permitting, is to determine if there are any unidentified high-priority cybersecurity needs revealed during the fact-finding stage that the SAGE2 Team should pursue; such as: securing the web server, securing documents that are shared, etc.
Trusted CI Blog: http://blog.trustedci.org/2018/08/trusted-ci-begins-engagement-with-sage2.html