Notes 'Network security and data integrity in academia: an assessment and a proposal for large-scale archiving'
From: A. Smith, D. Greenbaum, S. M. Douglas, M. Long, and M. Gerstein, “Network security and data integrity in academia: an assessment and a proposal for large-scale archiving.,” Genome Biol., vol. 6, no. 9, p. 119, Jan. 2005.
Concept: vigilance, good policy and planning, and attention to detail in a three-pronged strategy of prevention, detection, and response.
Need workshops infosec to dvlpt:
- provide security guidelines,
- help documentation, and possibly even
- Linux distributions, tailored specifically to the genomics community;
- provide custom and third-party security scripts/programs, such as hardening scripts from the Bastille Linux project [http://www.bastille-linux.org];
- setup and monitor intrusion-detection systems such as SNORT or via honey-pots/honeynets and/or
- perform security scans using programs such as Nessus [http://www.nessus.org] and SARA [http://www-arc.com/sara/] on community members’ machines, allowing community-wide attack patterns to be detected;
- provide central hosting; and
- provide central authentication, enabling distributed collaborations
- regularly to backup all online genomics resources,
-
- such as Google [http://www.google.com], which maintains a cache of the most recent crawling of most pages it indexes, and
- backup the databases and programs used to generate content, or even better, the entire ‘virtual machine’ if virtualization software such as Vmware [http://www.vmware.com] or Xen [http://www.cl.cam.ac.uk/ Research/SRG/netos/xen/] were used; from these any site’s full functionality can be reproduced.