Jupyter Security Workshop Progress

@rcthomas and I wanted to share an update on our activities related to the
Jupyter Security Best Practices Workshop. We’ve restarted our planning for this after a natural pause.

The target date for the in-person workshop is sometime during March, April, or May of 2022; our goal is to select a location by September of this year. Obvious options are our home institutions (NERSC, UC Berkeley, or UCSD), but we’re reaching out to other groups active in the Jupyter community that may be interested in hosting. The expectation is that we’ll be able to use the workshop funds for participants’ travel and meals.

Taking advantage of the long planning window, @rcthomas and I meet about every other week as a small steering committee for the workshop, plus thinking of other ways we might help the community around security. We’ve been joined by a security engineer from NERSC who is interested in Jupyter and who is beginning a review of existing security-related documentation within Project Jupyter. This week, we decided to try and do interviews with Jupyter operators in different contexts to learn about their priorities when it comes to deploying Jupyter securely. Please let us know if there’s someone that would like to participate in these interviews, especially if they’re from the systems, networking, or security side of your team.

To help bring in additional expertise, we submitted an application for an engagement with the Trusted CI, the NSF Cybersecurity Center of Excellence, which was accepted. Trusted CI has helped similar projects, (e.g., Galaxy) to develop security programs or focus on specific needs. We’ve asked for their help in developing a set of best practices for deploying Jupyter and making recommendations to the community for a persistent security program.

We’ll post regular updates here as we learn from the community or solidify the plans for the workshop.

P.S. @choldgraf s it possible to move or label the previous topic about the workshop so it shows up in this category?

2 Likes