Open Science Grid Security Activities Mine Altunay, FNAL OSG Security Officer For the OSG Security...
-
Upload
daniel-obrien -
Category
Documents
-
view
215 -
download
1
Transcript of Open Science Grid Security Activities Mine Altunay, FNAL OSG Security Officer For the OSG Security...
Open Science Grid Security Activities
Mine Altunay, FNALOSG Security Officer
For the OSG Security Team:Doug Olson, Deputy Security Officer, LBNL,Jim Basney NCSA, Ron Cudzewicz FNAL,
Grid Deployment BoardJuly 9, 2008
OSG Security: Organization and Interfaces
207/09/2008 Altunay, OSG Security, GDB July, 2008
OSG Security Team
Middleware
Security Group
Joint Security Policy Group
IntlGrid Trust Federatio
n
Partner Grids
Incident Response
Basney EUGridPMAOlson TAGPMA
M. Altunay Wartel (EGEE-OSCT), Marsteller (TG), NDGF, …
J.Basney
Altunay co-chair with Witzig
OSG VO and Site Security Contacts
Altunay: VDT Security Officer
WLCG
Dave KelseyWLCG Security Coordinator
Altunay & Witzig
VDT Security & OSG
Operations & OSG Core
Assets
Interfaces between OSG and WLCG
• Some questions: Only through JSPG and MWSG ??? Should there be a separate direct arrow
between OSG Security and WLCG What about VDT Security Officer
Another direct arrow from VDT to WLCG?
• Any additions to the previous picture, any mistakes?
307/09/2008 Altunay, OSG Security, GDB July, 2008
Interfaces between OSG and JSPG
• New JSPG Mandate JSPG reports to WLCG
Dave Kelsey -- also WLCG Security Coordinator
No WLCG Security Officer
OSG only gives feedback for the policies – no mandatory inclusion of JSPG policies
OSG ED is part of WLCG MB and relays OSG concerns at MB
407/09/2008 Altunay, OSG Security, GDB July, 2008
Recent WLCG Security Challenge
• USCMS received pretty poor scores OSG is actively working on it Held a meeting on 6/27 with USCMS
Discovered policy problems Unawareness of WLCG incident response procedure Policy enactment issues: lack of CMS security contacts
at FNAL
• Going back to tie between OSG and WLCG Should OSG Security be involved with next
challenges? Are we missing a link here?
507/09/2008 Altunay, OSG Security, GDB July, 2008
A Recent Incident at Atlas
• We had a security incident at AGLT2 (Atlas)• Have not completed the post-mortem and no
operational disruption• Take-home messages: What we learned
Good test for Atlas security officers: John Hover USAtlas Security Officer Atlas Security Officer: Alessandro de Salvo (OSG did not
have his contact before)
• Very important for VOs to identify Security Officers.
We worked with CMS (Marie-Christine Sawley) Other VOs ?
607/09/2008 Altunay, OSG Security, GDB July, 2008
VO Policies & Security Duties
• Urged and educated VOs for their security policies and work at OSG Users meeting
• A VO must have Security Officers: intl and local levels Operations and Management contacts
local contacts (in USA) are registered with OSG
A clear user registration workflow – presented a sample policy template to OSG VOs
A clear AUP – presented a template to OSG VOs 5 VOs are preparing their policies: CMS, USAtlas, Edu, OSG VO,
Engage More VOs to come
Essential for Incident Response
707/09/2008 Altunay, OSG Security, GDB July, 2008