The International Conference for High Performance Computing, Networking, Storage, and Analysis
The International Conference for High Performance Computing, Networking, Storage, and Analysis
Authors: Frank Indiviglio (NOAA), Ron Bewtra (Hewlett Packard Enterprise (HPE)), Jeremy Duckworth (Hewlett Packard Enterprise (HPE)), Nick Ward (US Drug Enforcement Administration), Ann Dunkin (US Department of Energy)
Abstract: Zero-Trust is the cybersecurity architecture of choice and is now being discussed in supercomputing environments. Zero-Trust is based on a least-privilege per-request approach - and it has serious implications for HPC centers, application developers, and end-user workflows. Join this discussion with US Federal CIOs to discuss their expectations and with HPC leaders on their approach.
Long Description: According to the US Cybersecurity and Infrastructure Security Agency (CISA), Zero Trust provides a collection of concepts and ideas designed to minimize uncertainty in enforcing accurate, least privilege per-request access decisions in information systems and services in the face of a network viewed as compromised. The goal is to prevent unauthorized access to data and services and make access control enforcement as granular as possible.
As Zero Trust rapidly becomes the security paradigm of choice, HPC stakeholders worldwide are exploring how this approach can improve the cybersecurity posture for their centers. Implementation moves beyond networks and hardware - it may change how applications are designed and end-user workflows.
This session will provide a short introduction to Zero Trust from US Federal CIOs - who are charged with implementing the architecture within their agencies. Additionally, HPC leaders will discuss what the industry is doing and how they can address these mandates. To ensure a healthy discussion across the community, this BOF will be moderated by two long-time HPC practitioners that have Government, industry, academic, and cybersecurity experience.
While mandate examples are coming from the US Federal Government, the implementation and discussions are happening worldwide. Join this important discussion on this important topic - and share your perspectives on the requirements and how it will impact the supercomputing community.
Additional information on US Federal mandates that are driving this initiative can be found at: OMB Executive Order on “Improving the Nation’s Cybersecurity” (E.O. 14028), the OMB Memorandum on “Moving the U.S. Government Toward Zero Trust Cybersecurity Principles” (M-22-09), and the recent draft “High Performance Computing(HPC) Security: Architecture, Threat Analysis, and Security Posture” (NIST SP 800-223). Additionally, the Department of Defense Reference Architecture notes the Zero Trust model is “a dramatic paradigm shift in philosophy of how we secure our infrastructure, networks, and data, from verify once at the perimeter to continual verification of each user, device, application, and transaction .” As demonstrated by their Zero Trust Framework and aggressive implementation timelines.
Back to Birds of a Feather Archive Listing