Friction Free Network

1056 Words5 Pages
C. Project Description C.1 The OneOklahoma Friction Free Network (OFFN) Fig. 1 illustrates the prototypical OFFN site: Login nodes or other front-end services expose cyberinfrastructure resources (computing or storage, e.g. Oklahoma PetaStore) to users via two paths. The conventional path traverses the campus enterprise network to reach the Internet, and is subject to conventional enterprise security controls including campus-wide policy and possibly perimeter firewalls. Securing such networks is well-studied and understood. The second path traverses the OneOklahoma Friction-Free Network (Science DMZ) to reach the other OneOCII sites. The other sites also take the rough form of this prototype, themselves connecting to the Internet through…show more content…
Protection needs springing from security properties of integrity and confidentiality illuminate abuse and attack scenarios that further shape the Science DMZ threat model. Denial of Service: Attackers may wish to disrupt the operational capabilities of or hinder the performance of assets in a Science DMZ. This includes denial of service attacks on core processing and compute facilities as well as data storage facilities. Ransomware threats emerge as a new attack vector spanning concerns of availability and integrity. Theft of Cycles and Services: The HPC platforms in a Science DMZ constitute high-valued assets that may be the target of compromise and subversion. An attacker may seek to steal compute cycles for a variety of purposes, e.g., mining bit coins, establishing a botnet, cracking passwords, and amplifying DDoS attacks. In addition, an attacker may desire expansive storage capacity and target large scale data storage facilities commonly associated with Science DMZs. Theft of Data: Research data and data resident on large scale data storage facilities in Science DMZs may be tempting targets for hackers seeking valuable intellectual property. Sponsored research conducted in Science DMZs may house proprietary information and encumber strict confidentiality requirements. Theft of Software: Scientific application software suites and custom software tools may offer unique and valuable functionality sought
Open Document