|Main||EGI.eu operations services||Support||Documentation||Tools||Activities||Performance||Technology||Catch-all Services||Resource Allocation||Security|
|Inspire reports menu:||Home •||SA1 weekly Reports •||SA1 Task QR Reports •||NGI QR Reports •||NGI QR User support Reports|
1. Task Meetings
|Date (dd/mm/yyyy)||Url Indico Agenda||Title||Outcome|
|16/05/2013||https://www.egi.eu/indico/conferenceDisplay.py?confId=1669||EGI SVG Monthly meeting||Review activities of the previous month and plan for the coming month|
|16/05/2013||https://www.egi.eu/indico/conferenceDisplay.py?confId=1668||EGI CSIRT team Monthly meeting||Review activities of the previous month and plan for the coming month|
|20/06/2013||https://www.egi.eu/indico/conferenceDisplay.py?confId=1725||EGI SVG Monthly meeting||Review activities of the previous month and plan for the coming month|
|27/06/2013||https://www.egi.eu/indico/conferenceDisplay.py?confId=1733||EGI CSIRT team monthly meeting||Review activities of the previous month and plan for the coming month|
|18/07/2013||https://www.egi.eu/indico/conferenceDisplay.py?confId=1774||EGI CSIRT team monthly meeting||Review activities of the previous month and plan for the coming month|
|Weekly Video conference meetings (every Monday)||Minutes recorded in EGI CSIRT private wiki (not publicly accessible)||IRTF weekly meeting||Operational security issues are reviewed weekly|
2. Main Achievements
The work of the EGI CSIRT (TSA1.2), as ever, is split into several sub-groups, each of which is reported on here. The whole team continued to meet monthly by video conference. It was agreed that a joint EGI/PRACE/EUDAT security workshop in the autumn of 2013 would be very useful. Planning for this has started.
In operational security in EGI, this was a quiet quarter in the sense that no security incidents were reported or handled. This did however enable the Incident Response Task Force (IRTF) to work on other longer term issues. The IRTF continued to track new security vulnerabilities in operating systems and other non-Grid software. Three "high-risk" advisories were issued to all site security contacts during the quarter.
For the Security Service Challenge (SSC) activity, the final report from the SSC of 11 sites in the UK NGI was successfully carried out in March. The German NGI will run the next SSC. Plans for training at EGI TF.
The security monitoring sub-group Developments were also made to security monitoring to track all SVG and CSIRT alerts and advisories as required. Training at EGI TF.
Progress was made on several security procedures during the quarter. A new release of the EGI CSIRT operational procedure for compromised certificates was produced and discussed at the OMB. The OMB has recently approved a new policy statement (from the Security Policy Group) on the need for sites and service operators to deploy a central security emergency suspension mechanism. This will allow the CSIRT to quickly suspend a credential involved in an ongoing security incident.
The Software Vulnerability Group (SVG) continues to handle all reported vulnerabilities. This quarter a revised handling procedure for use after both EMI and IGE have ended was prepared. This was presented at the EGI Community Forum. During the quarter, 12 new vulnerabilities were handled. Five SVG advisories were issued. The security assessment of the gLite WMS was completed and the final report on this is expected soon. The assessment of CREAM is underway and will hopefully be completed soon.
There was a lot of activity on security training and dissemination. A successful one-day security forensics training session was given at RAL in the UK. Several SA1.2 staff attended the EGI Community Forum to facilitate discussions on security issues. Two posters were presented at the Community Forum (Security best practice and incident/vulnerability reporting) and a talk on SVG after EMI/IGE was also given.
3. Issues and Mitigation
|Issue Description||Mitigation Description|