Difference between revisions of "EGI Core activities:2015-bidding Security Incident Response Coordination"
Line 1: | Line 1: | ||
{{Template:Op menubar}} {{TOC_right}} | {{Template:Op menubar}} {{TOC_right}} '''Go back to the [[Core EGI Activities|activity list]].''' | ||
'''Go back to the [[Core EGI Activities|activity list]].''' | |||
*Service name: Security Incident Response Coordination | *Service name: Security Incident Response Coordination | ||
*Service category: Operations | *Service category: Operations | ||
*Service type: Coordination | *Service type: Coordination | ||
Security Incident Response Coordination is part of [[ | Security Incident Response Coordination is part of [[Core EGI Activities#Security_coordination|Security Coordination]] service in the EGI.eu coordination function. | ||
= Introduction = | = Introduction = | ||
Line 18: | Line 17: | ||
== Security Incident Response Coordination == | == Security Incident Response Coordination == | ||
Coordination of incident response activities in collaboration with the Incident Response Task Force. The primary responsibility for basic incident response and forensics still lies with each NGI, while the EGI Global IRTF will coordinate incident response and information exchange. For complex multi-site incidents and in cases where advanced forensics is needed, the EGI Global IRTF will step in and take an active part, to protect the continued integrity of the EGI infrastructure as a whole | Coordination of incident response activities in collaboration with the Incident Response Task Force. The primary responsibility for basic incident response and forensics still lies with each NGI, while the EGI Global IRTF will coordinate incident response and information exchange. For complex multi-site incidents and in cases where advanced forensics is needed, the EGI Global IRTF will step in and take an active part, to protect the continued integrity of the EGI infrastructure as a whole. This task will also liaise with other CSIRTs via for example TF-CSIRTS and FIRST. EGI Global IRTF coordination needs to be performed in collaboration with the IRTF development activity inside EGI-Engage project. <br> |
Revision as of 11:23, 23 February 2015
Main | EGI.eu operations services | Support | Documentation | Tools | Activities | Performance | Technology | Catch-all Services | Resource Allocation | Security |
Go back to the activity list.
- Service name: Security Incident Response Coordination
- Service category: Operations
- Service type: Coordination
Security Incident Response Coordination is part of Security Coordination service in the EGI.eu coordination function.
Introduction
Security is recognised as an important aspect of e-Infrastructures and requires co-ordination between the EGI participants at various levels, in particular for the prevention and handling of incidents.
Technical description
This service includes the following components.
Security Incident Response Coordination
Coordination of incident response activities in collaboration with the Incident Response Task Force. The primary responsibility for basic incident response and forensics still lies with each NGI, while the EGI Global IRTF will coordinate incident response and information exchange. For complex multi-site incidents and in cases where advanced forensics is needed, the EGI Global IRTF will step in and take an active part, to protect the continued integrity of the EGI infrastructure as a whole. This task will also liaise with other CSIRTs via for example TF-CSIRTS and FIRST. EGI Global IRTF coordination needs to be performed in collaboration with the IRTF development activity inside EGI-Engage project.