SEC05 Security Resource Centre Certification Procedure
Main | EGI.eu operations services | Support | Documentation | Tools | Activities | Performance | Technology | Catch-all Services | Resource Allocation | Security |
Documentation menu: | Home • | Manuals • | Procedures • | Training • | Other • | Contact ► | For: | VO managers • | Administrators |
Title | Security Resource Centre Certification Procedure |
Document link | https://wiki.egi.eu/wiki/SEC05_Security_Resource_Centre_Certification_Procedure |
Last modified | 1.1 - 30 September 2014 |
Policy Group Acronym | Provide the acronym of the group creating this procedure ! |
Policy Group Name | EGI CSIRT |
Contact Group | EGI CSIRT |
Document Status | Approved |
Approved Date | November 27 2014 |
Procedure Statement | Security Resource Centre Certification Procedure applies to Resource Centres under certification process and re-certification of suspended Resource Centres (sites). This step of the security certification procedure checks that the resources under certification do not contain known CRITICAL software vulnerabilities. |
Owner | Owner of procedure |
Introduction
This page provides steps to certify Resource Centre from security point of view, as part of PROC09 Resource Centre Registration and Certification procedure. The monitoring is performed using the tools used by the EGI CSIRT and enabled upon request of Resource Centre.
This step of the security certification procedure checks that the resources under certification do not contain known CRITICAL software vulnerabilities.
Steps
HTC (Grid) Resource Center
Responsible | Action | Prerequisites, if any | |
---|---|---|---|
1 |
RC |
Ask the ARGO/SAM EGI Support (through GGUS http://ggus.eu/) to enable security monitoring of the site. |
|
2 | RC |
Once monitoring is enabled, RC asks EGI CSIRT (by sending a mail to csirt@rt.egi.eu) for security assessment. |
|
3 | EGI CSIRT | If no security alert is raised via the monitoring over 3 consecutive calendar days period, the EGI CSIRT will communicate back a positive assessment. |
Cloud Resource Center
Responsible | Action | Prerequisites, if any | |
---|---|---|---|
1 |
RC |
Fill the EGI security survey and inform EGI Operations (operations@egi.eu)
|
|
2 | EGI Operations |
Send filled in survey to EGI CSIRT |
|
3 |
EGI CSIRT |
the EGI CSIRT will communicate back an assessment result. In case of issues EGI CSIRT contact RC to better understand situation. |
Revision history
Version | Authors | Date | Comments |
---|---|---|---|