There is no one-size-fits-all set of security practices for Project Jupyter, particularly when many components are involved. Using JupyterHub as the common element, this presentation helps close this gap by showing potential threat areas and how to implement some best practices. This can be a starting point to securely use or support Jupyter for research.
Jupyter network connectivity and execution models to determine system boundaries for various use cases;
Potential threats to using Jupyter securely;
Ways to secure Jupyter network communications;
Where to find documentation for various Jupyter components;
Different models for running Jupyter notebooks;
Different models for running JupyterHub;
How to engage with the Jupyter community, e.g., submit a potential vulnerability.
The content of this presentation is targeted at people looking to understand security in deploying and running Jupyter, with an emphasis on a multi-user JupyterHub server. Examples include:
Researchers looking for guidelines on sharing Jupyter notebooks;
Research software engineers facilitating a JupyterHub deployment at their campus research computing center;
System administrators and user support staff that want to improve the security of their existing JupyterHub installation;
Security engineers who have been asked to review JupyterHub;
People interested in how the JupyterHub architecture could be used as a template for the secure deployments of other interactive computational tools.