Enhancing KBase Security: Strengthening Platform Integrity for Biological Research
Authors:
Boris Sadkhin2* ([email protected]), Christopher S. Henry2, Gavin Price1, A. J. Ireland1, Shane Canon1 (PI)
Institutions:
1Lawrence Berkeley National Laboratory; 2Argonne National Laboratory
URLs:
Goals
For over a decade, the DOE Systems Biology Knowledgebase (KBase) platform has been an essential resource for DOE Biological researchers and the broader biological research community. It provides a comprehensive web-based system for analysis, collaboration, and publishing results. However, as the platform has evolved, it faces increased complexity and security challenges, including end-of-life dependencies and potential vulnerabilities. This project aims to enhance the platform’s security and maintenance capabilities to mitigate high-impact outages, data integrity risks, and security breaches.
Abstract
This poster presents an overview of the KBase platform architecture, highlighting its wide array of services and underlying databases. This poster outlines the project’s objectives, emphasizing the team’s proactive approach to prioritize updates based on a thorough audit, focusing on critical services and dependencies. Leveraging automated scanning tools like Dependabot and Trivy, the team can efficiently identify and address vulnerabilities, ranging from straightforward dependency updates to complex migrations ensuring both security and operational integrity.
Additionally, the group delves into the specifics of the platform services, emphasizing their importance and role within the KBase ecosystem. This presents progress to date, showcasing milestones achieved in addressing critical security and end-of-life issues for the platform’s core services. This poster concludes with an outline of the next steps, including ongoing maintenance processes and automation, aimed at sustaining these improvements.