CISAF: A Framework for Estimating the Security Posture of Academic and Research Cyberinfrastructure
Qishen Liang, Jelena Mirkovic, Brian Kocoloski
TL;DR
The paper addresses the security posture assessment of academic and research cyberinfrastructures (AR-CIs), which are open, heterogeneous, and underfunded. It introduces the Cyber Infrastructure Security Analysis Framework (CISAF), a simple, mission-centric threat-modeling workflow that links AR-CI architecture, mission losses, hazards, attack paths, and security mechanisms to prioritize mitigations. The authors demonstrate CISAF on the SPHERE testbed, detailing how losses map to hazards, how attack trees are constructed, and how existing protections illuminate unmitigated paths. This work offers a practical tool that complements existing frameworks by enabling AR-CIs to systematically reason about risk and direct limited security investments.
Abstract
Academic and research cyberinfrastructures (AR-CIs) present unique security challenges due to their collaborative nature, heterogeneous components, and the lack of practical security assessment frameworks tailored to their needs. We propose Cyber Infrastructure Security Analysis Framework (CISAF) -- a simple, systematic, mission-centric approach to analyze the security posture of a CI and prioritize mitigation actions. CISAF guides administrators through a top-down process: (1) defining unacceptable losses, (2) identifying associated system hazards and critical assets, (3) analyzing possible attack paths that target these critical assets, and (4) analyzing security mechanisms that lie on these attack paths. By combining information about the CI architecture, mission, attack vectors, and security mechanisms, CISAF provides a clear overview of potential security risks and offers valuable information to prioritize mitigation actions.