High-performance networks and advanced applications present significant security challenges, which are an extremely high priority for higher education. Performance requirements such as high-bandwidth, end-to-end transparency, and support of new protocols and advanced applications are essential for the academic mission and innovation, but are not easily accommodated in current approaches to network security. Over the long term, the challenge is to identify and examine these issues, such as high-performance computing (HPC) requirements around firewalls, or the campus networking issues created by fixed and dynamic dedicated circuit services.
Internet2’s Security Initiative works to support and focus the community’s efforts in this area, balancing the need to develop tools that address today's security problems, with a long-term focus on the integration of security and high-performance networking. This work falls under the EDUCAUSE/Internet2 Security Task Force and is advised by Salsa, a group of leading campus network security architects that guide the direction of Internet2’s security related Working Groups and workshops.
Security activities include participating in the EDUCAUSE Security Effective Practices Working Group, the Internet2 Network Technical Advisory Committee, the REN-ISAC (Research and Education Networking Information Sharing and Analysis Center) Technical Advisory Group, and participating as a member of REN-ISAC itself, as well as participating in the planning for the EDUCAUSE & Internet2 Security Professionals Conference.
During 2007, Internet2 received a grant from the U.S. Department of Justice, which was used to sponsor a workshop, under the auspices of the Internet2 Salsa-CSI2 (Computer Security Incidents) Working Group, addressing security incident response approaches. This grant was also used to partially fund the development of RENOIR (Research and Educational Networking Operational Information Retrieval), a reporting system for sharing information regarding security incidents within an inter-institutional trust community—to aid inter-institutional incident response, notification regarding compromised systems, analysis for recognition of attack behaviors and trends, and awareness for protection. RENOIR will handle security data from a variety of sources—human and machine—and organize that data into individual high-level cases that can then be used for response, analysis, and reporting. RENOIR is expected to be available in late 2008. The CSI2 Working Group is also working with the REN-ISAC to plan and implement a system to appropriately share information on security issues among campuses.