Key Issues in the Digital Research Infrastructure Landscape Jim Ghadbane | December 7, 2018 | RDM Summit for Canadian Colleges and Polytechnics
Let’s connect! @jghadbane canarie.ca | @canarie_inc Agenda
1. Digital Research Infrastructure (DRI) Overview: CANARIE Perspective 2. Evolution of Canada’s DRI Ecosystem • Budget 2018 and ISED Consultation • DRI Components 3. Cybersecurity
canarie.ca | @canarie_inc 2 Canada’s DRI Ecosystem
canarie.ca | @canarie_inc 3 Core Purpose Advancement of Canada’s knowledge and innovation infrastructure
canarie.ca | @canarie_inc 4 What is Digital Research Infrastructure (DRI)?
DRI is the enabling foundation for modern, data-intensive, global research and education.
DRI maximizes the return on the investments made by governments and institutions in higher education.
canarie.ca | @canarie_inc 5 The 4 pillars of Digital Research Infrastructure (DRI)
Network Computing Storage Software
Highly Qualified Personnel (HQP) CANARIE’s vision for an integrated DRI ecosystem
Research Collaboration Innovation
Anytime. Actors in the DRI ecosystem
Network Compute Data / Storage Software CANARIE Compute CANARIE CANARIE Canada via CFI Canadian Tri-Agencies Canadian Association of (indirectly) Foundation for Research Libraries Innovation (CFI) CFI/Compute National Canada Organizations CFI/Compute Canada
Research Data Canada via CANARIE
Regional Advanced Regional Consortia Campus repositories Off-the-shelf Networks (RANs) software Provincial and Campus computing Institutional Institutional Organizations networks Southern Ontario Smart Computing Innovation Platform (SOSCIP) How does DRI support the research workflow?
Data Management / Storage Tools
Research Software Tools Data Data Acquisition/ Data Curation, Management Plan Sensor Management Storage Computing Data Visualization Storage, Re-use
Network Computing
Research Workflow Evolution of Canada’s DRI Ecosystem
canarie.ca | @canarie_inc 10 A researcher-centric ecosystem
System Requirements
What researchers want: Development and deployment of > Solution-based tools integrated suite of tools > Awareness of tools > Support (HQP) & clear escalation Clear and accessible contact points at > Influence tool evolution/creation institutional, regional and national levels > Improved access
> Reduced need to develop or Agility to deploy funds to purchase own tools elements of ecosystem as and when needed
canarie.ca | @canarie_inc 11 A researcher-centric ecosystem
System Requirements
Governance models that What institutions want: respects multiple funders and > Clarity and predictability jurisdictional roles around function and funding of elements of ecosystem Clear and accessible contact points at > Input around holistic evolution institutional, regional of DRI ecosystem and national levels
Funding models that map to jurisdictional roles in the ecosystem
canarie.ca | @canarie_inc 12 DRI funding announced in Budget 2018
canarie.ca | @canarie_inc 13 Budget 2018 - “Harnessing Big Data”
> $572.5M over 5 years • Leverage “improved technologies such as cloud computing and faster networking”* ─ Objective: deliver more open and equitable access to advanced computing and big data resources to researchers across Canada • Requires development of a Digital Research Infrastructure Strategy that includes working with provinces, territories and universities, “including how to incorporate the roles currently played the CFI, Compute Canada, and CANARIE to provide for more streamlined access for Canadian researchers” • Yields improved access to essential tools and services to strengthen Canada’s reputation as a global leader in science, research, and innovation > $52M/year ongoing afterwards > ISED discussion paper released July 2018 > Decision on delivery mechanisms likely spring 2019 * Federal 2018 Budget, p.92 canarie.ca | @canarie_inc 14 Canada’s National Research and Education Network (NREN)
The foundation for digital innovation… via successful federal- provincial collaboration.
canarie.ca | @canarie_inc 15 How does Canada’s NREN work?
CANARIE CommitteeGC) (NREN NRENGovernance National coordination; international and interprovincial connectivity
Regional Advanced Networks (RANs) Provincial coordination; interprovincial connectivity
Local delivery; onsite support Research Community Researchers
canarie.ca | @canarie_inc 16 Advanced Research Computing (ARC) in Canada
canarie.ca | @canarie_inc 17 CANARIE’s Research Software Program
> Reusable, plug-and-play software services
Data Acquisition/ Computation/ Storage Visualization Sensor Management Processing
canarie.ca | @canarie_inc 18 Research Software: Community Development
> Improving the quality of research software and minimizing duplication maximizes the efficiency of research funding and speeds time to discovery
Annual Research Software Survey
Local Support Research Software Development Software Pilot Best Practices Conference Project
Generic Platform
canarie.ca | @canarie_inc 19 Long-term research data storage and preservation
Why?
Considerations vs. vs.
How long?
canarie.ca | @canarie_inc 20 Long term research data storage and preservation: A model for a federated system
Federated systems
Local, secured storage Institutional collaboration National data storage for sensitive data for regional data storage
canarie.ca | @canarie_inc 21 National/global data discovery requirements
Data Governance
Retains Locates global Manages Respects provenance; datasets accessibility privacy attribution
canarie.ca | @canarie_inc 22 Cybersecurity
canarie.ca | @canarie_inc 23 R&E cybersecurity challenges
Valuable student & research data Diverse and mobile Common populations threats, but lack of Bring your coordination own device policies Difficulty finding & retaining HQP
canarie.ca | @canarie_inc 24 R&E threats are both external and internal.
canarie.ca | @canarie_inc 25 CANARIE’s strategy: Creating a R&E cybersecurity ecosystem
Process:
Encourage data & threat sharing
Technology: People:
Shared tools reduce Develop HQP within costs; encourage the R&E community sharing & automation NREN Security Information and Event Management (SIEM) Deployment
To improve the posture of the NREN as a whole, the provincial and territorial partners in Canada’s NREN will deploy common security tools, and collaborate through the development of a distributed team of security experts.
canarie.ca | @canarie_inc 27 SIEM Deployment Project: Phase 1 Monitoring the R&E Network
NREN Internet
Operational SIEM SIEM RAN(s) Alarms Infrastructure SIEM Console SIEM Admin SIEM Log Monitored IT Security Collectors Logs Skills & Training RAN(s) Network
IT Security Incident Response
RAN End-User Member(s) Institutions canarie.ca | @canarie_inc 28 SIEM Deployment Project: Phase 2 Monitoring Endpoints
NREN Internet
Operational SIEM SIEM RAN(s) Alarms Infrastructure SIEM Console SIEM Admin SIEM Log Monitored IT Security Collectors Logs Skills & Training RAN(s) Network
IT Security Incident Response
Monitored RAN End-User Logs Member(s) Institutions canarie.ca | @canarie_inc 29 Joint Security Project (JSP) The most important part of the JSP is learning how to collaborate on security.
The JSP aims to begin an alignment for improving and coordinating national cybersecurity.
canarie.ca | @canarie_inc 30 CANARIE’s role in the JSP
• Project definition and • In-person training launch workshop • Working group meetings
Leadership Coordination
Funding Administration
• Installation of local network monitoring • Project agreement equipment [BRO] • Procurement • Self-serve data aggregation • Information sharing & analysis platform agreement
canarie.ca | @canarie_inc 31 JSP: A successful pilot
> Oversubscribed participation > Building operational trust > Active security analysis > Active security information sharing > Proposal with Government of Canada to expand Joint Security Project into Phase 2
canarie.ca | @canarie_inc 32 CANARIE is participating in the university-led Proof of Concept Canadian Shared SOC (CanSSOC)
canarie.ca | @canarie_inc 33 Complementarity of security initiatives
SSOC – Shared Security Operations Centre
CANARIE SIEM – Security Incident and Event Management
Shared SSOC SOC Pilot Provincial/Territorial Institutions NREN SIEM Phase 2 Networks [RANs]
canarie.ca | @canarie_inc 34 Resulting in…
Support for the Greater security development of for the NREN and cybersecurity connected expertise institutions
People
Process Data for Support for researchers to commercialization of develop new new defense/prevention techniques techniques
canarie.ca | @canarie_inc 35 canarie.ca | @canarie_inc 36 canarie.ca | @canarie_inc