Security

1. Purpose

The purpose of this document is to describe and establish the set of policies relating to confidentiality, integrity, and availability of iPlant Collaborative services and resources while maintaining the goals outlined below.

The mission of the iPlant Collaborative is to support investigation of grand challenge questions by the plant sciences community and to foster education and training for K-12, undergraduate, and graduate students by accessing, developing, and managing digital dataset collections (both physical and virtual) and disseminating these resources as widely as possible. All the data, software tools, and other resources will be made freely and publicly available under creative commons or applicable open source terms. The iPlant Collaborative goals for the collections are:

1. Suitable for appropriate use based on the types of users
2. Accompanied by adequate documentation and metadata to enable their use
3. Checked and validated for quality control and include provenance where possible
4. Cataloged according to community developed metadata standards
5. Discoverable and accessible using web services and open standards protocols
6. Registered with appropriate authoritative repositories or information clearing houses.
7. Accessible to the community under policies that maximize opportunities for their use and redistribution

The iPlant Collaborative will primarily utilizes the networking and computing infrastructure at The University of Arizona and partner institutions, the standards and policies set forth within this document will complement the policies set forth by these organizations. If there are any overlapping or conflicting policy set forth within this document, the iPlant Collaborative will defer to the policy with the more stringent security requirements. In addition, state and federal laws may have jurisdiction, in which case the iPlant Collaborate will be required to abide to all state and federal laws relating to its applications, systems, and networks. The intent of this document is to specify and highlight policies that are particularly important to the iPlant Collaborative and not to detail every known situation, circumstance, and process relating to security.

2. Access Control

The iPlant Core Services team is ultimately responsible for determining the appropriate level of access to ensure the confidentiality, integrity, and availability of iPlant systems and resources to the community. This section presents a broad view about the organization’s stance of access control. However, due to the participatory and community-based nature of the iPlant Collaborative, access will be determined on a project, team, and individual basis.

Individual Responsibility

Every iPlant Collaborative staff, researcher, community participant, and user is responsible for protecting the access to any information and systems that has been granted to him or her. If there is any suspicion of a breach of access, the CI team should be contacted immediately so that an appropriate investigation can be performed.

Any iPlant Collaborative workstation and laptop should be password protected

Access Notification

A distinct and clear message will be displayed to users if an application, system, or network is restricted from the general public including the applicable Acceptable Usage Policy (AUP)

Authentication and Authorization

Authentication and authorization mechanisms will be used according to the needs of the application, system, and network. The iPlant internal systems and infrastructure will be highly restrictive.

Grand Challenge teams and development teams may employ temporary authentication and authorization schemes for the benefit of rapid development and prototyping. As applications and systems migrate under the professional services and Core Infrastructure team, these schemes may be standardized or removed, as appropriate, to ensure consistency for the community and general public.

Intellectual Property and Copyright

The iPlant Collaborative will make every effort to comply with the intellectual property rights and copyrights of software, source code, data, documents, and other relevant materials. Participating researchers and community members must declare any intellectual property rights and copyrights to the iPlant Collaborative in writing prior to its use within the iPlant Collaborate.

3. Awareness and Training

The iPlant Collaborative will provide security documentation for all end-users as needed. Any public security-related documentation, including this security policy, will be posted on the iPlant Collaborative website. If necessary, Grand Challenge teams and community teams will be provided with more detailed security documentation and training, depending on the nature of the applications, systems, and networking that will be used for their projects. Operations and Infrastructure documentation and training may be provided on to staff and researchers who will be directly accessing core infrastructure services.

4. Audit and Accountability

The Core Services team will be ultimately responsible for managing the security audits of the iPlant Collaborative.

Responsible Organizations

The distributed nature of cyberinfrastructure will necessitate that all iPlant assets subscribe and adhere to the local policies along with those set forth by the iPlant security requirements. The organization responsible for the security for the iPlant asset will include institutional and departmental security organization where the asset is housed and managed.

If the asset is a shared resource or iPlant projects are utilizing time and resource allocation at other locations, the standards set forth by the local organization responsible for security will be adhered to, ultimately iPlant will be responsible for security of its assets and will work cooperatively with local security organizations to share relevant information.

Acceptable Use

All iPlant assets and personnel will adhere to the Acceptable Usage Policy (AUP) set forth by the local organization. e.g AUP for computer and network use at University of Arizona http://security.arizona.edu/index.php?q=node/37
For services and resources available through iPlant AUP will be set based on the specific resource and service being provided and users will be required to comply with policies to gain access
Servers

All iPlant Collaborative servers will record login and connection information including the remote host, timestamps, protocols, and user login information. If applicable application and server logs will be consolidate in a central logging system. Server logs will be maintained for a minimum of one year.

Applications

Any third-party applications, ones not developed by the iPlant Collaborative, will have logging enabled as appropriate. Applications developed for the Discovery Environment (DE) requiring authentication or authorization should capture connection information including remote host, timestamps, and user login information, if applicable display relevant AUP.

Applications that result from the Grand Challenge teams will eventually be migrated to the Core Infrastructure and for community access. During the migration process, the CI team will evaluate the security of these applications and perform penetration testing. If applicable, the data and any data collection process will be also evaluated to ensure that there are no privacy or confidentiality, copyright and patent issues.

Audit

On going traffic pattern analysis and intrusion detection systems (IDS) will be employed to perform host based intrusion detections (HIDS) and network based intrusion detection (NIDS)

Cursory audits of the server logs will occur on a periodic basis. If a situation warrants immediate attention, such as a potential security breach, then the CI team will perform a more detailed audit.

5. Incident Response

The Core Infrastructure team will investigate any reports of security breaches within the iPlant Collaborative. If the investigation results in a credible claim, the Core Infrastructure team will take necessary action to remove or isolate the threat. The Core Infrastructure team will make a best effort to minimize any downtime. In the event that a downtime must occur for a significant duration, then appropriate notifications will be sent and posted to the website.

All security-related incidents should be reported to security@iplantcollaborative.org.
For active threats, urgent and secure communication call: 1-520-621-0011

6. Incident Reporting

As part of the incident response, the CI team will update all responsible authorities on the occurrence of the incident and actions being taken to mitigate the situations through designated channels. This will include institutional providers and participating authorities, funding agencies and law enforcement agencies. e.g. University of Arizona “report a security incident” systemhttps://www.telcom.arizona.edu/requests/iso/iso.php

Occurrence of all incidents will be logged by CI team for evaluation and audit.

7. Maintenance

Maintenance of applications and operating systems is expected to happen periodically. The Core Services Team will be responsible for managing the maintenance process for the iPlant Collaborative and executing the maintenance for the core infrastructure systems. If any server requires a hardware or system update and results in a system reboot, loss of connectivity, or negatively impacts users, then the Core Services Team will plan for scheduled downtime for the servers in question. The Core Services Team will make a best effort to minimize the impact and notify the affected users of the scheduled downtime.

End-users of laptops and workstations are expected to periodically check for updates on their operating systems (i.e. Windows Updates and Mac OS updates). If an end-user is not familiar with updating the operating system, the Core Services Team can provide training on these tasks.

8. Physical Protection

iPlant Collaborative servers are to be located in a secure, limited access and monitored data center. Workstations and laptops should be physically secured to an immovable or difficult-to-move object whenever possible. To secure a physical system, a special cable with a locking mechanism should be used, such as a Kensington lock.

Loss or theft of physical iPlant asset will require contacting law enforcement (follow iPlant incident reporting procedures)

9. Planning

The iPlant Collaborative will formally re-evaluate and document all security, business continuity, and backup and recovery plants at least every three months, including this security policy document. Operationally, the re-evaluation process may occur more frequently and policies may be modified in response to addition in internal requirements, the external environment, or risk assessments.

10. Risk Assessment

A formal risk assessment process for the servers, workstations, laptops, and network equipment will occur every three months. This will also include participation in risk assessment procedures and security scans conducted by institutional providers

11. System and information integrity

To ensure business continuity and information integrity, iPlant will adhere to its disaster preparedness and recovery policies.