Information Security Guide: Difference between revisions

From Cheaha
Jump to navigation Jump to search
(Minor word reduction)
(Tuned wording of introduction to introduce the subject of information security and bring into context for the work we are doing)
Line 1: Line 1:
Confidence in the meaning, disposition, and provenance of information is at the heart of scientific research and discovery. Our confidence comes from building trust in the processes used to conduct experiments, analyze results, and create knowledge. Information security in the research domain is about following processes that allow us to reproduce our discoveries.
Confidence in the meaning, disposition, and provenance of information is at the heart of scientific research and discovery. Our confidence originates from our trust in the processes used to conduct experiments, analyze results, and create knowledge. The processes we construct to support reproducible discovery are the foundation of information security in the research domain.


Modern science is increasingly a virtual expression of ideas on the computational platforms that surround us.  Our computers are our most versatile scientific instruments. They allow us to explore any abstraction we can envision and build pathways to discovery.  They also help us by supporting development of reproducible processes.  Good process can help us to explore our virtual worlds with confidence and build trust in the experiments we conducted and the results we obtained.
Modern science is increasingly an expression of ideas in the virtual spaces of the computational platforms that surround us.  The computer is our most versatile scientific instrument. The computer allows us to explore any abstraction we can envision and to build pathways to our discoveries.  They help us by supporting development of a reproducible process.  Good process lets us explore our virtual worlds with confidence. It underlies our trust in the experiments we conducted and the results we obtained from our virtual worlds.


We are building a Research Computing System that supplies HPC, storage, web, and virtual machine tools to researchers to facilitate investigation and enable collaboration.  This system is being designed to promote and support processes that ensure confidence in the experiments conducted and results obtained using this platformOur construction can be viewed as an effort to build scientific instrumentation and support the virtual expressions of modern science.
At UAB, we are building a Research Computing System that supplies researchers with HPC, storage, web, and virtual infrastructure to facilitate investigation and enable collaboration.  This system is being designed to promote and support processes that ensure confidence in the experiments conducted and results obtained using this systemIn other words, we are building a scientific instrument to support the virtual expressions of modern science.
 
The guide will document the function of the Research Computing System to ensure the trust, the security, of the information involved in the conduct of science on this platform.


== Background ==
== Background ==


To facilitate dialog about the Research Computing System and its development across a wide variety of groups and interests, this document will leverage definitions and standards for information security being developed by NIST. According to NIST, information security is the protection of information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction in order to provide confidentiality, integrity, and availability.  This term is defined in ([[wikipedia:FIPS-199|FIPS-199]]), the primary standards document that all participants in this dialog should be familiar with. FIPS-199 identifies information types and information systems as the two primary classes used to document information security requirements.  Additionally, it defines three areas of information security "confidentiality, integrity, and availability" that are used to guide the implementation of appropriate process.  FIPS-199 is a short document, and the heart of the matter is covered in the first 6 pages.  The remaining content is an appendix defining the referenced terms.
To facilitate dialog about the Research Computing System and its development across a wide variety of groups and interests, this document will leverage definitions and standards for information security being developed by NIST. According to NIST, information security is the protection of information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction in order to provide confidentiality, integrity, and availability.  This term is defined in ([[wikipedia:FIPS-199|FIPS-199]]), the primary standards document that all participants in this dialog should be familiar with. FIPS-199 identifies information types and information systems as the two primary classes used to document information security requirements.  Additionally, it defines three areas of information security "confidentiality, integrity, and availability" that are used to guide the implementation of appropriate process.  FIPS-199 is a short document, and the heart of the matter is covered in the first 6 pages.  The remaining content is an appendix defining the referenced terms.

Revision as of 17:13, 18 June 2012

Confidence in the meaning, disposition, and provenance of information is at the heart of scientific research and discovery. Our confidence originates from our trust in the processes used to conduct experiments, analyze results, and create knowledge. The processes we construct to support reproducible discovery are the foundation of information security in the research domain.

Modern science is increasingly an expression of ideas in the virtual spaces of the computational platforms that surround us. The computer is our most versatile scientific instrument. The computer allows us to explore any abstraction we can envision and to build pathways to our discoveries. They help us by supporting development of a reproducible process. Good process lets us explore our virtual worlds with confidence. It underlies our trust in the experiments we conducted and the results we obtained from our virtual worlds.

At UAB, we are building a Research Computing System that supplies researchers with HPC, storage, web, and virtual infrastructure to facilitate investigation and enable collaboration. This system is being designed to promote and support processes that ensure confidence in the experiments conducted and results obtained using this system. In other words, we are building a scientific instrument to support the virtual expressions of modern science.

The guide will document the function of the Research Computing System to ensure the trust, the security, of the information involved in the conduct of science on this platform.

Background

To facilitate dialog about the Research Computing System and its development across a wide variety of groups and interests, this document will leverage definitions and standards for information security being developed by NIST. According to NIST, information security is the protection of information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction in order to provide confidentiality, integrity, and availability. This term is defined in (FIPS-199), the primary standards document that all participants in this dialog should be familiar with. FIPS-199 identifies information types and information systems as the two primary classes used to document information security requirements. Additionally, it defines three areas of information security "confidentiality, integrity, and availability" that are used to guide the implementation of appropriate process. FIPS-199 is a short document, and the heart of the matter is covered in the first 6 pages. The remaining content is an appendix defining the referenced terms.