Security
Levels of Security for Different Data, Metadata & Environments
The 4 primary Dataverse installations [49] are deployed on NCI VMWare servers and are secured and monitored by NCI [7], ANU ITS and CIO services [52]:
- Access to the vm’s is controlled by NCI – the ADA Technical Manager requests when specific users should be given ssh access, and with what privileges, and when they should be removed.
- Access to ADA’s NCI-hosted RDS is through an NCI-managed GlobalProtect VPN ADA-specific group. The ADA Technical Manager communicates with NCI to request ADA employees be added to and removed from that group as needed (onboarding new employee, offboarding departing employee).
- The Dataverse backend PostgreSQL database ports are locked down to restrict who can access them. NCI and the ADA DevOps manage access to these ports.
The four primary Dataverse installations are protected as much as possible by a conservative f5 WAF [55] that is tuned as needed. Suspicious activity that the WAF can catch is blocked, monitored and reported to the ADA technical team. NCI implements an automated weekly scan of ADA’s services including Dataverse installations and sends a report to the ADA team, plus others, highlighting potential, and real, security issues. The ADA DevOps is responsible for addressing those that are possible to address and reporting back on those that are not. The SIP/AIP/DIP files reside on NCI storage (server). This is protected by NCI standard protocols.
IT Security System, Employees & Risk Analysis
- IT security is implemented by NCI and ANU Information Technology Services (ITS) [52].
- Risk analysis lies with NCI and ITS.
- Risk analysis relative to level of data sensitivity is undertaken by the ADA Archivist team.
According to the Australian Government Security Classification System, data archived at ADA is deemed as UNCLASSIFIED - DLM (dissemination limiting marker). The DLM would be 'Sensitive' or Sensitive-Personal'. - Protective Security Policy Framework [56]. Any data that is deemed too high risk to be made available for download through Dataverse is requested through Dataverse, but the data transfer is completed through an external service AARNET File Sender [57].
Security for the Facility & Digital Objects Premises
The ADA office is secured and accessible by ANU staff card access for ADA staff only. The access card is an ANU centrally controlled photo identity security system. All secure physical data objects are stored in a locked safe in a locked storeroom, or locked cupboard in a second locked office within ADA. Computer screens are locked while staff are absent from their desks,
NCI servers are protected according to NCI standards:
- NCI is based in a secure building on ANU campus.
- All NCI staff offices, including the computer centre are secure and accessible to NCI staff only.
- Access is available only for approved visitors who must be signed in, wear visitor identification and be accompanied by NCI staff.
Security Specific Standards
- ANU Policy: Information technology security [58]
- ANU Policy: Code of Conduct [59]
Authentication & Authorisation to Manage Access to Systems
- Dataverse security [60].
- Access to ANU infrastructure requires being a student or staff member of the ANU:
- Roles and corresponding privileges to ANU/ITS systems is managed by the ANU ITS team.
- Access to the NCI infrastructure requires obtaining an NCI user account that is separate to a user’s ANU account:
- Users who wish access to NCI infrastructure must apply for an NCI Project to be created. That request is approved or rejected by NCI administrators.
- The Project owner/manager must grant access to specific NCI user accounts to allow those user accounts access.
- NCI user accounts are forced to be reasserted, and a new password created every 6 months.
- Access to data for the ADA archiving team is through the secure NCI RDS set up specifically for ADA.
- The ADA RDS is behind the NCI f5 firewall, where it has direct access to the ADA data storage also managed by NCI.
- Requires GlobalProtect [61] to login, and to be a member of a specific GlobalProtect group.
- The ADA Technical Manager requests a new ADA archivist to be added to the group when they begin employment and requests removal when an employee leaves.