Sponsored by the National Science Foundation

Comprehensive GENI Security ProgramSpiral 2 Year-end Project Review

National Center for Supercomputing Applications

PI: Adam Slagell

Staff: N/AStudents: N/A

Aug. 30, 2010

Sponsored by the National Science Foundation 2INSERT PROJECT REVIEW DATE

Project Summary

• Goal: Lay the ground work for a security and incident response program for GENI. Advancing Spiral 3 goals of making GENI operational

• Components– Threat and Risk Assessments– Document policies, agreements, standards and guidelines– Develop security plans

• How will incidents be addressed?• What kind of proactive security measures can be deployed and maintained?

Sponsored by the National Science Foundation 3INSERT PROJECT REVIEW DATE

Milestone & QSR Status

ID Milestone Status On Time? On Wiki

GPO signoff

S2.a Catalog of relevant use cases v. 0.1 Delivered as stated on time. On time Yes Yes

S2.b Asset Valuation and Risk Assessment report v. 0.1

Delivered as stated on time. On time Yes Yes

S2.c Review and Update of Asset Valuation and Risk Assessment report

Review only consisted of phone call and comments from PO, no other stakeholders involved.

Incomplete No No

S2.d Threat & Vulnerability Report v. 0.1 Delivered as stated on time. Early Yes Yes

S2.e Aggregate Provider Agreement v. 0.1 Delivered as stated on time. Early Yes Yes

S2.f Interim Operational Security Plan Delivered as stated on time. On time Yes Yes

S2.g Review and Update of Aggregate Provider Agreement

Document updated on time & sent to PO. Call for review scheduled post-annual review.

On time No No

QSR: 4Q2009 We had a late start date. N/A No No

QSR: 1Q2010 It is on the wiki. On time Yes Yes

QSR: 2Q2010 It is on the wiki. < 2 mo. late

No No

Sponsored by the National Science Foundation 4INSERT PROJECT REVIEW DATE

Accomplishments 1: Advancing GENI Spiral 2 Goals

• Our security work is only indirectly related to the main primary Spiral 2 goals– More directly focused on prep for Spiral 3 goals

• Continuous Experimentation Goal:– A more secure environment resulting from the contribution of this project

will lead to increased participation and uptime • Lack of security plans discourage campus IT from becoming involved

– Unmitigated incidents are harmful to this goal.

• Integration Goal:– Our work is not aimed at technical integration. – The agreements we develop do address higher-level social integration

• Helps to define roles and responsibilities• Sets expectations• Lays out methods of communication

Sponsored by the National Science Foundation 5INSERT PROJECT REVIEW DATE

Accomplishments 2:Other Project Accomplishments

• Aggregate Provider Agreement Draft– Important to have in place as we move to operations– Forces discussion of important issues that need to be addressed

• E.g., roles and responsibilities, what it means to be a part of the GENI federation, etc.

• Interim Operational Security Plan– Based on an initial threat assessment of WiMAX and OpenFlow

build-outs– First draft security incident response plan that includes cross-site

collaboration– Identifies roles & responsibilities of the proposed team

Sponsored by the National Science Foundation 6INSERT PROJECT REVIEW DATE

Issues

• Challenging to get community feedback outside GEC– Mass emailing has not proven effective & phone calls are only moderately

more effective

• Difficult environment to present at GECs– Interruptions often prevent even short presentations from finishing

• Other presentations get bumped off schedule completely

– Conversation / feedback is often dominated by a few individuals, but it is hard to gauge broad public opinion

– Difficult to pick-up and finish these conversations offline after GEC

• Solutions– Work harder (and with GPO) to get ALL the interested parties on calls– Make sure participants read docs before the call to be more productive

• Perhaps have homework? Everyone submit at least 2 comments on wiki agenda before the call?• Can test this for Aggregate Provider Agreement v0.2

– Polling to get broader opinion?– Saving comment period till after a presentation– Stricter enforcement of time limits by chairs to keep agenda moving

Sponsored by the National Science Foundation 7INSERT PROJECT REVIEW DATE

Plans

• Our focus changed mid-year and the SOW was reworked– Less on formal threat and risk analysis, more on agreements and security plans– Driven by immediate needs for plans with major build-outs

• Original SOW focused most on formal analysis, little focus on policy, nothing about agreements– Long time till any concrete plans would be developed

• Also the realization that a lot of the hardest operational security problems are social and not technical

– Managed by focusing the scope of threat & risk analysis activities• Focus on large projects & deployments• GENI too large and diverse for a formal threat & risk assessment of the entire project even if the full 40% of an FTE is

dedicated to that goal

• In the future, adjusting to a more pragmatic needs for the project– Establish sound agreements, procedures and protocols to handle security incidents– A major goal is to lay the foundation of guidelines and plans for a future operational

incident response team– Provide a smooth transition from this development phase to normal operations of

infrastructure

• Spiral 4 milestones will need to be reworked– E.g, developing plans for a large IDS is less relevant and unlikely to be built– Anticipate the need for additional agreements and policies

• For example nothing much has been said about privacy issues