Information Security Guide
Confidence in the meaning, disposition, and provenance of information is at the heart of scientific research and discovery. Our confidence comes from building trust in the processes used to conduct experiments, analyze results, and create knowledge. Information security in the realm of research is about following processes that allow us to reproduce our discoveries.
Modern science is increasingly a virtual expression of ideas on the computational platforms that surround us. Our computers are our most versatile scientific instruments. They allow us to explore any abstraction we can envision and build pathways to discovery. They also help us by supporting development of processes that can be reliably reproduced. Good process can help us to explore our virtual worlds with confidence and build trust in the experiments we conducted and the results we obtained.
We are building a Research Computing System that supplies HPC, storage, web, and virtual machine tools to researchers to facilitate investigation and enable collaboration. This system is being designed to promote and support processes that ensure confidence in the experiments conducted and results obtained using this platform. Our construction can be viewed as an effort to build scientific instrumentation and support the virtual expressions of modern science.
To facilitate dialog about the Research Computing System and its development across a wide variety of groups and interests, this document will leverage definitions and standards for information security being developed by NIST. According to NIST, information security is the protection of information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction in order to provide confidentiality, integrity, and availability. This term is defined in (FIPS-199), the primary standards document that all participants in this dialog should be familiar with. FIPS-199 identifies information types and information systems as the two primary classes used to document information security requirements. Additionally, it defines three areas of information security "confidentiality, integrity, and availability" that are used to guide the implementation of appropriate process. FIPS-199 is a short document, and the heart of the matter is covered in the first 6 pages. The remaining content is an appendix defining the referenced terms.