Jefferson Lab Remote Access Review: Free-Electron Laser Wesley Moore FEL Computer Scientist
description
Transcript of Jefferson Lab Remote Access Review: Free-Electron Laser Wesley Moore FEL Computer Scientist
Jefferson Lab
Remote Access Review:Free-Electron Laser
Wesley MooreFEL Computer Scientist
01 December 2010
• What is the Free-Electron Laser (FEL)? • FEL's relationship to sensitive information (SI)
• Outline adopted policies and procedures
• Remote Access to SI and control systems
• Quality Assurance
• Future plans
FEL Presentation Objectives
The FEL is the world's most powerful free-electron laser. It is primarily an infrared laser, although it can also produce ultraviolet and other colors of laser light.
The FEL also holds the world record as
the brightest source of Terahertz (THz) light and is now in the process of characterizing it's kilowatt-scale ultraviolet capability.
Description of JLab's FEL
UV WigglerUV Lasing
Science and Technology (S&T) is typically considered to be sensitive if the S&T involves activities or items on the Military Critical Technologies List (MCTL) or if the S&T is included in the Department of State's International Traffic in Arms Regulations (ITAR). Sensitive S&T has consequent export control requirements by law, regulation and the JLab DOE contract.
Please note there is no Classified Information involved with FEL activities at this point.
Cause for Sensitive Information
Policies & Procedures
The FEL wanted to maintain a proactive posture with respect to information security, not reactive. • Early involvement of the Chief Information Officer (CIO)
• Obvious the FEL would become a moderate enclave
• Initiated compliance with JLab site wide policies and procedures for
sensitive information • Procedures used for the following:
o Personnel securityo Physical securityo Handling of hard copieso Handling of electronic information
Sensitive Information Security
• Remote Accesso 2-Factor Authenticationo Restrictive inbound and outbound firewall configuration
• FOUO-ITAR documents are stored on a secure file server
o File server provided by IT Core o Located in Computer Center with card reader access security
EPICS access security protects IOC databases from unauthorized Channel Access Clients. Access is based on the following*: • Who: Userid of the channel access client.
• Where: Hostid where the user is logged on. This is the host on which the
channel access client exists. Thus no attempt is made to see if a user is local or is remotely logged on to the host.
• What: Individual fields of records are protected. Each record has a field
containing the Acess Secuirty Group (ASG) to which the record belongs... • How: User Access Groups (UAG) and Host Access Groups (HAG)
combine to create read/write permissions. Local IOC console is protected via physical security and telnet access protected via networking security.
* extracted from EPICS Application Developer's Guide, Base Release 3.14.11Slide 7
Control System Security 1/2
Key Points to Remote Access: • Once through the firewall, an accepted user and host has transparent
remote access. Recall:o Who: Userid of the channel access client.o Where: Hostid where the user is logged on. This is the host on which the
channel access client exists. Thus no attempt is made to see if a user is local or is remotely logged on to the host.
• Channel Access Security is granted by the System Owner (W. Moore)
o Read/Write Access is role based (operator, user, student, etc.) • Remote actions are administratively coordinated through the on-site Duty
Officer and operators.
Slide 7
Control System Security 2/2
Slide 7
Quality Assurance
Active QA:o Network and system level QA (reliant on IT Core)o Security of FOUO-ITAR is periodically reviewed
Gaps:
o Some embedded IOCs are not using EPICS Channel Access security files.
o Periodic audit of Channel Access security configuration.
• Remove old userids• Changes in personnel
o PLCs and other network capable devices??
Future...
We are currently evaluating our readiness for future ITAR related experiments on the FEL.
Things we must consider:
o Machine hardware is not ITAR, configuration could be.
o Effort required to "Black-box" the FEL's control system• Is all Remote Access denied??
o Proper storage of machine parameters.
o Staffing issues and requirements due to heightened information
security.
o Cost associated with protecting information.
Questions?