Difference between revisions of "EGI-InSPIRE:Plan 2013 SA1.2"

From EGIWiki
Jump to: navigation, search
(Plans for 2012)
Line 15: Line 15:
 
*
 
*
  
= Plans for 2012 =
+
= Plans for 2013 =
 
<!-- add or remove entries below as needed -->
 
<!-- add or remove entries below as needed -->
  
 
==Cross Security Teams Activities==
 
==Cross Security Teams Activities==
  
*  
+
* MS235 Security Activity within EGI Month 34 Report detailing the non-operational security activity within EGI including SCG, SVG, EUGridPMA and IGTF.
 +
* EGI Security Threat risk assessment - Report on what is being done concerning threats of highest risk value and highest impact value.
 +
* Also we should look at Clouds and implications for the various security groups, what needs to be done. Since in the 6th highest risk threat was clouds - and so many seem to assume all the security problems go away and they can ignore us all.
 +
 
  
 
==EGI CSIRT Activities==
 
==EGI CSIRT Activities==
Line 70: Line 73:
 
====Security procedures====
 
====Security procedures====
  
*  
+
* EGI CSIRT operational procedure for compromised certificates. (1st quarter)
  
 
====Other Activities====
 
====Other Activities====
Line 85: Line 88:
 
===Revise and improve Vulnerability Issue handing procedure ===
 
===Revise and improve Vulnerability Issue handing procedure ===
  
*  
+
* Revise EGI Software Vulnerability Handling procedure for Post EMI/IGE. (Also submitted an abstract to present this at the CF.)
  
 
===Continue Vulnerability issue handling===
 
===Continue Vulnerability issue handling===
Line 93: Line 96:
 
===Vulnerability Assessments===
 
===Vulnerability Assessments===
  
*
+
* Completion of WMS vulnerability Assessment (asked Elisa to confirm)
  
 
==Coordination EUGridPMA==
 
==Coordination EUGridPMA==

Revision as of 16:31, 19 February 2013

Main EGI.eu operations services Support Documentation Tools Activities Performance Technology Catch-all Services Resource Allocation Security


Inspire reports menu: Home SA1 weekly Reports SA1 Task QR Reports NGI QR Reports NGI QR User support Reports


Assessment of progress in 2012

Completed Activities and Milestones

Milestones not accomplished

Plans for 2013

Cross Security Teams Activities

  • MS235 Security Activity within EGI Month 34 Report detailing the non-operational security activity within EGI including SCG, SVG, EUGridPMA and IGTF.
  • EGI Security Threat risk assessment - Report on what is being done concerning threats of highest risk value and highest impact value.
  • Also we should look at Clouds and implications for the various security groups, what needs to be done. Since in the 6th highest risk threat was clouds - and so many seem to assume all the security problems go away and they can ignore us all.


EGI CSIRT Activities

CSIRT meetings

RTIR ticketing system

Incident Response

Daily security operations

Security drills


Security monitoring tools

Security Dashboard

Pakiti

Site wide security monitoring

Nagios security monitoring

Security Training&Dissemination

Security procedures

  • EGI CSIRT operational procedure for compromised certificates. (1st quarter)

Other Activities

EGI SVG Activities

SVG meetings

Revise and improve Vulnerability Issue handing procedure

  • Revise EGI Software Vulnerability Handling procedure for Post EMI/IGE. (Also submitted an abstract to present this at the CF.)

Continue Vulnerability issue handling

Vulnerability Assessments

  • Completion of WMS vulnerability Assessment (asked Elisa to confirm)

Coordination EUGridPMA