INFSO-RI-508833 Enabling Grids for E-sciencE Glexec overview Gerben Venekamp NIKHEF.
INFSO-RI-508833 Enabling Grids for E-sciencE Operational Security OSCT JSPG March 2006 Ian Neilson,...
-
Upload
darren-booker -
Category
Documents
-
view
214 -
download
0
Transcript of INFSO-RI-508833 Enabling Grids for E-sciencE Operational Security OSCT JSPG March 2006 Ian Neilson,...
INFSO-RI-508833
Enabling Grids for E-sciencE
www.eu-egee.org
Operational Security
OSCT
JSPG March 2006
Ian Neilson, CERN.
To change: View -> Header and Footer 2
Enabling Grids for E-sciencE
INFSO-RI-508833
OSCT
• Activity Areas– Security Service Challenge
Pal Anderssen
– Security Monitoring Romain Wartel
– Incident Response Ian Neilson
To change: View -> Header and Footer 3
Enabling Grids for E-sciencE
INFSO-RI-508833
Incident Response Planning
• At Pisa(Oct 2005) -– Proposed: Incident Response Handbook
Make procedures out of policy• Quicker to update than policy
• Lighter process than SSC Framework for planning activity
– 4 Sections/Activities Quick Start
• The basic process Grid resources
• References for contacts and administrators Services Reference
• Threat and impact by service Playbook
• Worked examples
To change: View -> Header and Footer 4
Enabling Grids for E-sciencE
INFSO-RI-508833
Incident Response Planning
• Issues raised (Pisa)– “Not clear there is effort available now”
Clear there is not!
– OSCT/IR Integration with operational procedures CIC, GGUS procedures still evolving
– Relations/communications with peering grid projects– NREN CSIRTS
NRENS and Grids workshops
• Handbook– Almost no feedback
What there was rather negative/off mark
– “Playbook” twiki senarios - 2 of 6 https://twiki.cern.ch/twiki/bin/view/LCG/IR
To change: View -> Header and Footer 5
Enabling Grids for E-sciencE
INFSO-RI-508833
EGEE-II SA1 structure
To change: View -> Header and Footer 6
Enabling Grids for E-sciencE
INFSO-RI-508833
EGEE-II
• Security Coordination Group (SCG)– “Security tasks are thus spread over several activities that are
coordinated via a cross-activity Security Coordination Group (SCG). The SCG members are drawn from SA1, JRA1 and JRA2 and the group is responsible for overall security coordination. The SCG is chaired by a Security Head, organisationally part of the Quality Assurance Activity JRA2.”
• OPERATIONS COORDINATION CENTRE (OCC)– “The OCC coordinates the SA1 activity and its tasks and has the
mandate to distribute tasks to the ROCs as necessary. Its responsibilities include:
…. Coordinate the operational security activity; ….”
To change: View -> Header and Footer 7
Enabling Grids for E-sciencE
INFSO-RI-508833
EGEE-II
• ROC-centric– “The mandatory set of ROC responsibilities is the following:
….. Responsible for ensuring that operational problems in the region or in
resource centres in the region are resolved and followed-up. The ROC owns the operational problems and is responsible for them;
….. Coordinate Grid security in the region; provide incident response teams
(with members from the sites); …..”
• Other security ROC activities -– Coordinate the Joint Security Policy Group;
Will be provided by UK/I (CCLRC);
– Security vulnerability and risk analysis. This is a new task that will verify the security of middleware being deployed.
This includes coordinating code reviews, providing information on best practices for developers, etc;
Will be provided by UK/I (CCLRC);
To change: View -> Header and Footer 8
Enabling Grids for E-sciencE
INFSO-RI-508833
EGEE-II
“It is time and effort consuming to work through with each site incident scenarios, but this cost outweighs the potential real cost of a significant incident. Nevertheless investment must be made to handle this. This is also extremely important in the longer term, and for industrial take up - EGEE must be able to show that it is conforming to cuurent, and building future best practices.”
To change: View -> Header and Footer 9
Enabling Grids for E-sciencE
INFSO-RI-508833
Deliverables and Milestones