
NSF Org: |
OAC Office of Advanced Cyberinfrastructure (OAC) |
Recipient: |
|
Initial Amendment Date: | August 29, 2022 |
Latest Amendment Date: | August 29, 2022 |
Award Number: | 2232911 |
Award Instrument: | Standard Grant |
Program Manager: |
Daniel F. Massey
dmassey@nsf.gov (703)292-5147 OAC Office of Advanced Cyberinfrastructure (OAC) CSE Directorate for Computer and Information Science and Engineering |
Start Date: | October 1, 2022 |
End Date: | September 30, 2026 (Estimated) |
Total Intended Award Amount: | $591,664.00 |
Total Awarded Amount to Date: | $591,664.00 |
Funds Obligated to Date: |
|
History of Investigator: |
|
Recipient Sponsored Research Office: |
660 S MILL AVENUE STE 204 TEMPE AZ US 85281-3670 (480)965-5479 |
Sponsor Congressional District: |
|
Primary Place of Performance: |
660 S MILL AVE STE 312 TEMPE AZ US 85281-3670 |
Primary Place of
Performance Congressional District: |
|
Unique Entity Identifier (UEI): |
|
Parent UEI: |
|
NSF Program(s): | Cybersecurity Innovation |
Primary Program Source: |
|
Program Reference Code(s): |
|
Program Element Code(s): |
|
Award Agency Code: | 4900 |
Fund Agency Code: | 4900 |
Assistance Listing Number(s): | 47.070 |
ABSTRACT
Scientific collaborations tremendously contribute to advancing science by allowing to share diverse resources including real data, high-performance computing, network channel, and so on. Since multiple stakeholders are involved in accessing those resources, it is critical to regulate resource sharing activities based on a series of access mediation security policies (AM-Policies) that fulfill requirements and constraints from various institutions, collaborative teams, and researchers. Such policy-driven approach would help achieve important challenges in scientific collaborations: fairness in resource sharing and risk management in dealing with digital assets. However, such AM-Policies have been specified, evaluated and enforced in an ad-hoc, semi-formal, and incomplete way: (i) scientists still need to write their own AM-Policies without having expressiveness power in policy specification, making it difficult for them to correctly articulate their specific needs. (ii) the evaluation and enforcement of AM-Policies across multiple local institutions and administrators are limited. (iii) there is also limited support for systematically collecting security-relevant data that needs to evaluate policies at run-time.
To address these challenges, this project develops ScienceAccess, a federated framework supporting the storage, retrieval, evaluation, and enforcement of AM-Policies that allows for scientists and administrators to manage their resource sharing needs with a high degree of autonomy. Ultimately, ScienceAccess attempts to produce the following outcomes: (i) new insights to articulate AM-Policies for effectively sharing resources and real-world experiments with existing cyberinfrastructures including the Arizona Federated Open Research Computing Enclave (AFORCE) and Science DMZ; (ii) new innovative techniques to efficiently specify, evaluate, and manage AM-Policies with the notion of a Zero-Trust security, including the automated collection and distribution of security-relevant information in the form of attributes between independently-run scientific institutions; and (iii) assessments, guidelines, and best practices for future deployments of ScienceAccess framework.
This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.
PUBLICATIONS PRODUCED AS A RESULT OF THIS RESEARCH
Note:
When clicking on a Digital Object Identifier (DOI) number, you will be taken to an external
site maintained by the publisher. Some full text articles may not yet be available without a
charge during the embargo (administrative interval).
Some links on this page may take you to non-federal websites. Their policies may differ from
this site.
Please report errors in award information by writing to: awardsearch@nsf.gov.