Category Archives: oa.security

G7 Science and Technology Ministers’ Communique

Posted on by
Reply

“We share a growing concern that some actors may attempt to unfairly exploit or distort the open research environment and misappropriate research results for economic, strategic, geopolitical, or military purposes. This undermines the principles and values that underpin open, transparent, reciprocal, and accountable international research cooperation and the integrity of research and may pose security risks….

The G7 will collaborate in expanding open science with equitable dissemination of scientific knowledge and publicly funded research outputs including research data and scholarly publications in line with the Findable, Accessible, Interoperable, and Reusable (FAIR) principles. This is so that researchers and people throughout the world can benefit from them as well as contribute to the creation of new knowledge, stimulation of innovation, democratization of access to knowledge by society and the development of solutions for global challenges. This will also help to build more reproducible and trusted research results.

We recognize openness, freedom, and inclusiveness should be enhanced globally for the sound development of scientific research. When making decisions about openness, the respect for universal human rights and the protection of national security are essential, and principles and rules related to academic freedom, research integrity, privacy, and protection of intellectual property rights should be applied and upheld.

We acknowledge that open science platforms can allow the rapid sharing of pathogen samples and pathogen genetic sequence data on a global scale. They should also enable early development and more rapid, effective, and equitable access to MCMs for the prevention and control of emerging and re-emerging infectious diseases. Robust multilateral data sharing is needed to ensure continued societal resilience to the global issues of today and the future….

The G7 also supports immediate open and public access to government-funded scholarly publications and scientific data, and supports the endeavors of the scientific community to address challenges in scholarly publishing for broader sharing of appropriate scientific outputs. To this end, we support the efforts of the G7 Open Science Working Group in promoting the interoperability and sustainability of infrastructure for research outputs, supporting research assessment approaches that incentivize and reward open science practices, and encouraging “research on research”, aimed at helping to shape a more effective evidence-based research policy…. ”

A portal to China is closing, at least temporarily, and researchers are nervous | South China Morning Post

Posted on by
Reply

“CNKI, a portal for Chinese academic papers, will restrict foreign access to some databases starting April 1, for security concerns

It is unclear when access might be resumed, leading some scholars to fear the suspension might become permanent….

China’s top internet portal for academic papers will suspend foreign access to some databases starting next week, sparking concerns among scholars that they will lose not only an important resource for understanding China but also a useful guardrail to reduce misunderstanding between China and the West.

This week, research institutions around the world – including the University of California, San Diego, Kyoto University and the Berlin State Library – notified affiliates that they would indefinitely lose access to up to four databases provided by the China National Knowledge Infrastructure (CNKI) platform starting on April 1….

 

For academics studying China, CNKI is an invaluable resource, particularly with the current uncertainty surrounding visits to China for field research….

Over 95 per cent of Chinese academic papers that are formally published are available on CNKI, according to the State Administration for Market Regulation, China’s antitrust watchdog, when it conducted a separate review of the platform’s practices….”

Integrity and security in the global research ecosystem

Posted on by
Reply

“Open and transparent communication and dissemination of scientific information and data and sharing of research materials are essential for the global science ecosystem to operate effectively….

However, new challenges and threats are emerging as some governments and non-state actors exhibit increasingly forceful efforts to unfairly exploit and distort the open research environment for their own interests. Many countries now consider unauthorised information transfer and foreign interference in public research as a serious national and economic security risk and a threat to freedom of scientific research….

Hence, the aim of the project was to identify good practices to safeguard national and economic security whilst protecting freedom of enquiry, promoting international research cooperation, and ensuring openness and non-discrimination….”

 

Biosecurity in an age of open science

Posted on by
Reply

Abstract:  The risk of accidental or deliberate misuse of biological research is increasing as biotechnology advances. As open science becomes widespread, we must consider its impact on those risks and develop solutions that ensure security while facilitating scientific progress. Here, we examine the interaction between open science practices and biosecurity and biosafety to identify risks and opportunities for risk mitigation. Increasing the availability of computational tools, datasets, and protocols could increase risks from research with misuse potential. For instance, in the context of viral engineering, open code, data, and materials may increase the risk of release of enhanced pathogens. For this dangerous subset of research, both open science and biosecurity goals may be achieved by using access-controlled repositories or application programming interfaces. While preprints accelerate dissemination of findings, their increased use could challenge strategies for risk mitigation at the publication stage. This highlights the importance of oversight earlier in the research lifecycle. Preregistration of research, a practice promoted by the open science community, provides an opportunity for achieving biosecurity risk assessment at the conception of research. Open science and biosecurity experts have an important role to play in enabling responsible research with maximal societal benefit.

 

Making Science More Open Is Good for Research—but Bad for Security

Posted on by
Reply

But a new paper in the journal PLoS Biology argues that, while the swell of the open science movement is on the whole a good thing, it isn’t without risks. 

 

Though the speed of open-access publishing means important research gets out more quickly, it also means the checks required to ensure that risky science isn’t being tossed online are less meticulous. In particular, the field of synthetic biology—which involves the engineering of new organisms or the reengineering of existing organisms to have new abilities—faces what is called a dual-use dilemma: that while quickly released research may be used for the good of society, it could also be co-opted by bad actors to conduct biowarfare or bioterrorism. It also could increase the potential for an accidental release of a dangerous pathogen if, for example, someone inexperienced were able to easily get their hands on a how-to guide for designing a virus. “There is a risk that bad things are going to be shared,” says James Smith, a coauthor on the paper and a researcher at the University of Oxford. “And there’s not really processes in place at the moment to address it.”

 

Biosecurity in an age of open science

Posted on by
Reply

Abstract:  The risk of accidental or deliberate misuse of biological research is increasing as biotechnology advances. As open science becomes widespread, we must consider its impact on those risks and develop solutions that ensure security while facilitating scientific progress. Here, we examine the interaction between open science practices and biosecurity and biosafety to identify risks and opportunities for risk mitigation. Increasing the availability of computational tools, datasets, and protocols could increase risks from research with misuse potential. For instance, in the context of viral engineering, open code, data, and materials may increase the risk of release of enhanced pathogens. For this dangerous subset of research, both open science and biosecurity goals may be achieved by using access-controlled repositories or application programming interfaces. While preprints accelerate dissemination of findings, their increased use could challenge strategies for risk mitigation at the publication stage. This highlights the importance of oversight earlier in the research lifecycle. Preregistration of research, a practice promoted by the open science community, provides an opportunity for achieving biosecurity risk assessment at the conception of research. Open science and biosecurity experts have an important role to play in enabling responsible research with maximal societal benefit.

 

Full article: A Librarian’s Perspective on Sci-Hub’s Impact on Users and the Library

Posted on by
Reply

Abstract:  On December 19, 2019, The Washington Post reported that the U.S. Justice Department is investigating the founder and operator of Sci-Hub Alexandra Elbakyan on suspicion of working with Russian intelligence to steal U.S. military secrets from defense contractors. The article further discusses Sci-Hub’s methods for acquiring the login credentials of university students and faculty “to pilfer vast amounts of academic literature.” This has long been public knowledge. But the confirmation of Sci-Hub potentially working with Russian intelligence was major news. Both fronts of the Sci-Hub assault on stealing intellectual property are concerning. Since many academic researchers and their employers routinely receive defense contracts to perform sensitive research, the article helped posit that offering free access to academic research articles is perhaps a Trojan Horse strategy for Sci-Hub. To add to The Washington Post’s report, we sought out individuals at universities with a vantage point on Sci-Hub’s activities to see if there is independent evidence to support the report. We spoke to Dr. Jason Ensor who at the time of this interview was Manager, Engagement Strategy and Scholarly Communication, Library Systems at Western Sydney University Library in Australia. Ensor holds four degrees in related critical thinking fields and is an experienced business professional in software development, data scholarship and print publishing. He is also a distinguished speaker on digital humanities and linked fields, presenting regularly in national and international forums.

 

Evolving How We Share Rapid7 Research Data | Rapid7 Blog

Posted on by
Reply

“In the spring of 2018, we [Rapid7] launched the Open Data initiative to provide security teams and researchers with access to research data generated from Project Sonar and Project Heisenberg. Our goal for those projects is to understand how the attack surface is evolving, what exposures are most common or impactful, and how attackers are taking advantage of these opportunities. Ultimately, we want to be able to advocate for necessary remediation actions that will reduce opportunities for attackers and advance security. This is also why we publish extensive research reports highlighting key security learnings and mitigation recommendations.

Our goal for Open Data has been to enable others to participate in these efforts, increasing the positive impact across the community. Open Data was an evolution of our participation in the scans.io project, hosted by the University of Michigan. Our hope was that security professionals would apply the research data to their own environments to reduce their exposure and researchers would use the data to uncover insights to help educate the community on security best practices….

Yet IP addresses make up a significant portion of the data being shared in our security research data. While we believe there is absolutely a legitimate interest in processing this kind of data to advance cybersecurity, we also recognize the need to take appropriate balancing controls to protect privacy and ensure that the processing is “necessary and proportionate” — per the language of Recital 4….”

Protecting the integrity of Government Science

Posted on by
Reply

“Coordination is needed with related policy domains, including open science, which enhances transparency into research processes and outputs….

Efforts to implement open science can make more of the process and outputs of scientific research freely and readily accessible to other scientists, engineers, policymakers, students and educators, and the general public, while maintaining needed protections of national security, personal privacy, and other sensitive information. By making research publications, study data, analytical software and code, and study protocols more readily available for inspection and reuse—as Federal science agencies are currently doing—open science affords new opportunities to detect instances of interference, mischaracterization, and other policy violations. As such, open science is an essential enabler of scientific integrity….

Open science policies and practices provide transparency to help ensure that publications, data, and other outputs of Federally funded research are readily available to other researchers, innovators, students, and the public (taking into consideration legal and ethical limitations on access, such as national security and privacy)…. 

Facilitate free flow of scientific and technological information, by availability online in open formats and, where appropriate, including data and models underlying regulatory proposals and policy decisions…. ”

Academic Journal Claims it Fingerprints PDFs for ‘Ransomware,’ Not Surveillance | Vice

Posted on by
Reply

by Lorenzo Franceschi-Bicchierai

Elsevier embeds a unique code in every academic journal article users download. Security researchers fear this could be used to identify people who share PDFs.

 

Beyond Copyright: the Ethics of Open Sharing | by Josie Fraser | Creative Commons: We Like to Share | Nov, 2021 | Medium

Posted on by
Reply

“In a world where internet and mobile technologies are mainstream, communities, groups and organisations routinely produce materials in a wide range of digital formats. This position paper looks at some of the ways in which the impacts of openly sharing these materials, or deciding not to, is an ethical decision. This paper also looks at some of the ways in which sharing openly can be considered in terms of an organisational commitment to social responsibility….

The decision to share openly (or not) is an ethical decision….”

 

SDSC’s Open Science Chain Awarded $500,000 NSF Grant

Posted on by
Reply

The Open Science Chain program at the San Diego Supercomputer Center (SDSC) at UC San Diego has been awarded a $500,000 National Science Foundation (NSF) grant for providing a secure method to efficiently share and verify data and metadata while maintaining privacy restrictions necessary for the reuse of the scientific data.

Interview: John Arquilla, “Bitskrieg”

Posted on by
Reply

“Q: Science is moving to a more “open” attitude, with some advocating making machine-readable data, all research findings, and even preliminary research openly available. From your standpoint, and given the reality of power balances in the world, does this seem advisable? Who benefits? Who loses?

Arquilla: I like the idea of more sharing, because doing so will enhance human welfare. But perhaps not in all areas, defense being a particular exception, and a number of competitive commercial areas being general exceptions. My colleague David Ronfeldt and I long ago identified a posture of “guarded openness” as an approach that encourages sharing wherever possible, preclusiveness where necessary. …”