Security for eScience

M. Angela Sasse & Brock Craft

University College London

a.sasse@cs.ucl.ac.uk, b.craft@cs.ucl.ac.uk

2

They call it anaudit …

• But not of you and your project, but of security policies and tools

• How well do they meet the need of the eScience community?

• What’s wrong with tools, and how we can improve them.

• Knowledge, skills and support you need.

3

Aim of the survey

• Identify current and future security needs of e-Science users

• Encounters with eScience security needs so far – how was it for you?

• Input into – future security strategy– Selection and improvement of tools – Knowledge and skills training

4

Focus on users

• eScientists

• eScience software developers

• System administrators and other support roles

5

Security tool audit

• Authentication– Knowledge-based authentication– Digital certificates

• Authorization– Writing polies for eScience– Implementing policies

• Firewalls• Globus security

6

Auditing

• What do users need to know?

• How much effort is technology for different stakeholders?

• How well does security fit into your typical eScience day?

7

Problems with passwords?

8

5

9

How to talk to us

• Security discussion session – 16.00 today (Dean Room)

• Make an appointment any time to discuss your specific project needs

• Email us after the meeting, tell your colleagues

b.craft@cs.ucl.ac.uka.sasse@cs.ucl.ac.uk