Duke ITAC - October 25, 2012 Minutes

Duke ITAC - October 25, 2012 Minutes

ITAC Meeting Minutes

October  25, 2012, 4:00 - 5:30

Allen Board Room

 

 

Agenda

  • Announcements
  • Halloween Scary Topics: Phishing/External Attack Metrics, Mobile Device Security Issues
  • Scholars@Duke - Presentation and Demo
  • Research Computing - Cloud Approaches and High Performance Computing (HPC)

 

 

Announcements

Laurie reminded us that there will only be one meeting per month for the next couple months, November 8th, December 6th and resuming regular schedule on January 13th.

Tracy, reminded folks to send substitutes in their place if they couldn't attend regularly scheduled meetings.

Ashutosh mentioned that in the committee meetings, it was suggested that advance information be given on ITAC agenda items.  This would provide for more helpful feedback and better questions/discussions during the ITAC meeting.

Tracy also mentioned that Evan Levine is on paternity leave for several weeks and Laurie Cousart will be filling in for him.

 

Halloweed Scary Topics:  Phishing/External Attack Metrics, Mobile Device Security Issues - Richard Biever/Artem Kazantsev, OIT Data Security

Richard gave handouts on metal device security and how to stay protected during computing.

Email stats were also displayed, and we're at over 90 million messages per month.  We have a couple of mail filters that reject messages before they even hit our mailbox.  After the filter, we still end up with about 20 million messages per month/600k per day.

Richard displayed some messages that were phishing messages used by hackers.  He also gave good tips on how to identify phishing messages that hit your box from what appears to be known or familiar sites.

Spam filters are tweaked on a regular basis.  A lot of outreach is done through Duke Today.  We've begun experimenting with digital certificates and we block large (or bulk) senders to your account.

As a word of caution, be skeptical of messages.  Most legitimate sites will not send links embedded inside messages.  Also, no legitimate organization; Duke included, is going to ask you for your password via email.  Finally, pay attention to the actual url inside of the messages that you receive.  If they look sketchy, simply do not click.

Question:  What if you get messages from people you know...?

Answer:  It means the account was hacked, or you may be being spear phished.  

Question:  What do you do if you already clicked a link?

Answer:  Call the OIT help desk immediately.

Artem displayed a slide presentation about mobile device security. 

Threats unique to mobile devices:

  • Mobile devices = easy to steal, easy to lose
  • New ecosystem = no tradition of security
  • Life cycle - 2 years= vendors are not issuing upgrades
  • GPS, camera, multiple network options = new attack surface, more ways to steal data.

Antivirus programs on mobile devices can help to reduce the theft of data or access to your device by a third party hacker.  There may also be a disconnect between hardware vendor, service provider and software developer.  Each one is pointing fingers to the other for firmware/software upgrades.

The unique features that these devices have (GPS, Cameras, etc.), are accessible by multiple network interfaces (bluetooth, dialup, 3G, 4G, WiFi), which provides a number of new attack surfaces.  Unlike a desktop computer that plugs into the network, there you only have to worry about one attack surface.  In this instance you can put a firewall in place and limit attacks on that machine.  In the case of a mobile device, you have to create a number of protections because on there you may even have more important data.  Your GPS gives hackers your exact location; your device stores your contacts and pictures. 

Question:  What about the information that is contained in the data of an individual app?

Answer:  Look in your settings area and it will display the information and data set of each individual app.  An antivirus may also display this information for you and point out specific areas where the threat can be found.

Question:  Practical advice for users...?

Answer:  Yes, see information that was provided on the handout distributed in the meeting.

Scholars@Duke - Presentation and Demo - Julia Trimmer and Jim Roberts, Provosts Office; Paolo Magiafico, University Library; Richard Outten, OIT

Julia presented a few slides to give us an update on Scholars@Duke, and then there were three short demos by Paolo, Julia and Richard.    

The primary goal for Scholars@Duke is to create web profiles that highlight faculty interests / activities and make them public.  Secondly, is the support for the reuse of information that is in Scholars@Duke for school and individual websites.  Third, we're going to help populate the repository with full text publications which has been published since 2010.  In order to meet this goals, we will deploy multiple tools. 

Scholars@Duke is really a suite of tools.  Vivo is the data hub is where all data from systems are linked.  Institutional data are loaded from various sources from a multitude of applications.  Publications are managed by a tool called Simplectic Elements. 

Simplectic Elements is a great tool that is designed to simplify the maintenance of publication lists.  This tool can harvest publications from a number of bibliographic sources and lets individuals add publications. 

Question:  How are those vetted?

Answer:  The primary source is ReachNC, they have a team that helps to disambiguate publications manually by hand outside of Duke. 

The data in Scholars@Duke is going to be repurposed in many customized views such as content management systems.  This can be searched by Vivo to form and larger institutional network.  The publications process consists of harvesting data, managing the content in Simplectic Elements and displaying the final output in Scholars@Duke. 

Question:  The way that we enter our own data in now is through FDS.  Will that change?

Answer:  Yes, it will.  But I will elaborate on that in just a second.  

We're using ReachNC to harvest a large number of articles, and this gets updated weekly with any new publications that have been published as well.  Anyone that publishes an article in a peer review journal will be pulled into this database. 

Question:  So, is this only American?  Are there any international journals?

Answer:  I believe there are...

So, for professors that do other things besides publish journals, we will have to look at other sources to get their publications. 

 

Question:  Do you have a faculty advisory board? 

Answer:  Yes, we have a steering committee that's been meeting quarterly for a couple of years and we've had various faculty members to rotate on and off.  There also have been meetings with John Tromena about the other non-traditional scholarly material. 

The go live sequence:

Phase 1 - Medicine (April)

Phase 2 - Engineering, Nursing, Environment and Business (July)

Phase 3 - Law, Divinity, Sanford and Arts & Sciences (September)

The biggest benefits for faculty are:

  • Simplified maintenance of publication lists
  • Easy submission to Open Access Repository
  • More automated, institutional data
  • Profile data available for other purposes
  • VIVO features: networking, faceted searches, widgets
  • Profiles rank higher on Google
  • Increases visibility

 

REACHNC was demoed on the screen.  ReachNC is the UNC system faculty database that represents 15 UNC campuses as well as RTI and Duke.  ReachNC is created by a tool called Syval Experts profiles, which compiles journal articles. 

 

Duke joined ReachNC in July of this year.  We created profiles for faculty in Business, Nicholas, Engineering, about half of Sanford, Medicine, Nursing and about a third of Arts and Sciences departments.

 

ReachNC gives some aggregate information by organization, but the most useful comes from the individual. 

 

Question:  Is that lifetime or just his professional career?

Answer:  Mostly professional career.

 

Question:  Do users have the ability to control content?

Answers:  Yes, but you have to contact REACHNC.

 

This is more likely to be a feeder tool into our University, but not controlled by the University.

 

Questions:  What do you do with false positives?  Also, what do you do about copyright isses?

Answer:  Question was not given because we were running out of time for this segment.

 

Scholars@Duke was demoed, https://scholars-staging.oit.duke.edu.

 

Research Computing - Cloud Approaches and High Performance Computing (HPC) - John Pormann, SCSC and Jeff Chase, Computer Science

John gave a brief update on some of the improvements made in the area of research computing. 

Software Defined Networking

  • 2 NSF grants came in for SDN
    • EAGER (chase, Futhey)
    • CC-NIE
  • Significant build - out of networking resources

SDN in Contest:  SDN Architecture slide was displayed...

DSCR Update - has seen a lot of growth since moving to the new business model.  Since that time, things have been picked back up and some of the new groups have gotten larger. 

 DSCR Storage:

o   "Fast" storage (SAS/15k)

o   $1600 / TB / year

 

o   "Data" storage (SATA/7.2k)

o   $500 /k

 

DSNR Network

  • 10 Gbps is now free on Dell blades
  • We are working OIT Networking and the vendors to build out a more capable 10Gbps DSCR network

 

Visualization

  • Vis Coordinaro is here (Angela Zoss)
  • Friday Forum is continuing
  • New vis seminars and workshops
    • Intro to Vis, Vis in Excel and Tableau

 

Condor Grid Computing

  • The Condor drid environgment is stable
  • Were officially open for new users

 

"Flocking" mechanism also for dept control of department machines

  • With s over onto the duke flock

 

DSCR / Condo Revenue

  • Almost on track
  • Expected $140k (probably $100k

 

DSCR/Cloud Revenue

  • Still not seeing any significant pay-per hour activity
  • Expected $65k (probably $2k)

May move to a simple buy-in model instead of pay-per-hour

"It isn't whether we have more chips process the data, but whether we have more neurons".

New IT Analyst Position

  • Reporting/Billing
  • Monitoring/System health Checks
  • End-user Support
  • New System testing
  • One-offs / Special cases
  • Automatic detection of "bad situations"
  • Common problems, "FAQ++ support"
  • Verivication of install, "does _work"?

COTS Storage Project

  • 2-in1 project
  • Hadoop is a key "Big Data" technology
  • HDFS Storage System

 

Meeting adjourned at 5:32pm.