Andrew Adams

Principal Information Security Officer

akadams@psc.edu

412-268-4960

I’m PSC’s Principal Information Security Officer and Security Manager for Bridges.  However, I’m predominantly funded through Trusted CI — The NSF Cybersecurity Center of Excellence (formerly CTSC), supported by the National Science Foundation under Grant OAC-1547272, as well as the ResearchSOC (Grant OAC-1840034).  I hold M.S. degrees in both computer science and information science (U. Pittsburgh), and have 20+ years of experience in computer networking research as a previous member of PSC’s Networking Group, including operational responsibilities in the 3ROX GigaPoP.  As a member of PSC’s Security Group, I designed and developed multiple security oriented systems, performed risk assessments and developed security policies.  At present, my focus is in privacy and policy.

As a current member of Trusted CI, my skills in security policy and operations have been utilized in several Trusted CI engagements, including:

• SLATE: Worked on review of their architecture (Blog Posts)
• USARF: Worked on review of their fleet (Blog Posts)
• REED+: Led review of vision to facilitate CUI data protection covering Purdue University’s cyberinfrastructure (Blog Posts)
• PGC: Worked on developing a security program for them (Blog Posts)
• SAGE2: Worked on exploring identify and access management solutions for them (Blog Posts)
• Ike Wai gateway: Led review of EPSCoR‘s cyberinfrastructure through SGCI‘s Incubator consultations (Blog Post)
• Cloud Security Best Practices: Led collaboration in producing “Security Best Practices for Academic Cloud Service Providers” (Blog Posts)
• TransPAC: Led engagement to review their security program (Blog Post)
• DesignSafe-CI: Led cybersecurity checkup of their cyberinfrastructure (Blog Posts)
• DataONE: Worked on a review of their cyberinfrastructure (Blog Post)
• OSCRP: Collaborated to develop a risk profile for open science “OSCRP” (Blog Posts)
• USAP: Worked on in-depth review of their cyberinfrastructure (Blog Post)
• HubZERO: Worked on developing a Master Information Security Policy and Procedures document and a Software Assurance and Testing Policy (Blog Post)
• IBEIS/Wildbook: Worked in exploring alternative identity management options (Blog Post)

Additionally, I lead Trusted CI’s situational awareness group, Cyberinfrastructure Vulnerabilities (Blog Posts), and I’m an active member in REN-ISAC, and both Trusted CI”s and PSC’s Information Security program.

Recent Publications

 

 

 

• Andrew Adams, Kay Avila, Jim Basney, Dana Brunson, Robert Cowles, Jeannette Dopheide, Terry Fleury, Elisa Heymann, Florence Hudson, Craig Jackson, Ryan Kiser, Mark Krenz, Jim Marsteller, Barton P. Miller, Sean Piesert, Scott Russell, Susan Sons, Von Welch, and John Zage. 2019. Trusted CI Experiences in Cybersecurity and Service to Open Science. In PEARC’19: Practice and Experience in Advanced Research Computing, July 28-August 1, 2019, Chicago, IL, USA. ACM, New York, NY, USA, 8 pages. https://doi.org/10.1145/3332186.3340601
• Rion Dooley, Andy Edmonds, David Y. Hancock, Richard Knepper, John Michael Lowe, Edwin Skidmore, Andrew K. Adams, Ryan Kiser, Mark Krenz, Von Welch, Security Best Practices for Academic Cloud Service Providers, May, 2018. http://hdl.handle.net/2022/2
• Peisert, Sean, Von Welch, Andrew Adams, RuthAnne Bevier, Michael Dopheide, Rich LeDuc, Pascal Meunier, Steve Schwab, and Karen Stocks, Open Science Cyber Risk Profile (OSCRP), Version 1.2. March 2017.
• V. Hazlewood, K. Benninger, G. Peterson, J. Charcalla, B. Sparks, J. Hanley, A. Adams, B. Learn, R. Budden, D. Simmel, J. Lappa, J. Yanovich, Developing Applications with Networking Capabilities via End-to-End SDN (DANCES), XSEDE16, Miami, FL, July 17-21, 2016.
• Andrew K. Adams and Adam J. Lee, “Combining Social Authentication and Untrusted Clouds for Private Location Sharing”, in Proceedings of the 18th ACM Symposium on Access Control Models and Technologies (SACMAT), June 2013.
• A. Adams, A. J. Lee, and D. Mosse, “Receipt-Mode Trust Negotiation: Efficient Authorization Through Outsourced Interactions”, in Proceedings of the Sixth ACM Symposium on Information, Computer, and Communication Security (ASIACCS 2011), March 2011.
• V. Paxson, A. Adams, “Experiences with NIMI,”, Symposium on Applications and the Internet 2002, Proceedings, February 2002.
• A. Adams, M. Mathis, “A System for Flexible Network Performance Measurement”, INET 2000, Proceedings, July 2000.
• A. Adams, T. Bu, R. Caceres, N. Duffield, T. Friedman, J. Horowitz, F. Lo Presti, S. B. Moon, V. Paxson, and D. Towsley, “The Use of End-to-end Multicast Measurements for Characterizing Internet Network Behavior,”, IEEE Communications, Vol.38, No.5, May 2000.
• V. Paxson, A. Adams, M. Mathis, “Experiences with NIMI,”, Passive and Active Measurement Workshop 2000, Proceedings, April 2000.