The wiki is deprecated and due to be decommissioned by the end of September 2022.
The content is being migrated to other supports, new updates will be ignored and lost.
If needed you can get in touch with EGI SDIS team using operations @ egi.eu.
Difference between revisions of "EGI-InSPIRE:SA1.2-QR3"
(Created page with '= Task Meetings = {| border="1" cellspacing="0" cellpadding="5" align="center" ! style="width: 25%" | Date dd/mm/yyyy ! style="width: 25%" | Url Indico Agenda ! style="width: 10…') |
|||
| (11 intermediate revisions by 3 users not shown) | |||
| Line 1: | Line 1: | ||
= Task Meetings = | {{Template:EGI-Inspire menubar}} | ||
{{Template:Inspire_reports_menubar}} | |||
{{TOC_right}} | |||
= 1. Task Meetings = | |||
<!-- | |||
Notes. Report here all task-specific meetings held. This includes (a) face-to-face meetings and (b) phone meetings. Make sure that for all task meetings participants are ALWAYS recorded either on indico from the registrants’ list, or in the minutes. | |||
OMB meeting will be reported under task TSA1.1 only. Monday Operations meetings need to be reported under task TSA1.3 only. Training events will be recorded in the training event registry and need not be mentioned here. | |||
--> | |||
{| border="1" cellspacing="0" cellpadding="5" align="center" | {| border="1" cellspacing="0" cellpadding="5" align="center" | ||
! style="width: 25%" | Date dd/mm/yyyy | ! style="width: 25%" | Date (dd/mm/yyyy) | ||
! style="width: 25%" | Url Indico Agenda | ! style="width: 25%" | Url Indico Agenda | ||
! style="width: 10%" | Title | ! style="width: 10%" | Title | ||
! style="width: 10%" | Outcome | ! style="width: 10%" | Outcome | ||
|- | |- | ||
| | |18/11/2010 | ||
| | |https://www.egi.eu/indico/conferenceDisplay.py?confId=218 | ||
| | |EGI CSIRT team monthly meeting | ||
| | |Review previous month activities and plan for the coming month | ||
|- | |- | ||
| | |21/12/2010 | ||
| | |https://www.egi.eu/indico/conferenceDisplay.py?confId=241 | ||
| | |EGI CSIRT team monthly meeting | ||
| | |Review previous month activities and plan for the coming month | ||
|- | |||
|20/01/2011 | |||
|https://www.egi.eu/indico/conferenceDisplay.py?confId=298 | |||
|EGI CSIRT team monthly meeting | |||
|Review previous month activities and plan for the coming month | |||
|- | |||
|} | |||
EGI CSIRT also has a weekly operational meeting on EVO. The minutes is recorded in EGI CSIRT private wiki (not publicly accessable) | |||
= 2. Main Achievements = | |||
<!-- | |||
Note. This is a detailed account of progress over the previous quarter of activities within the task. | |||
--> | |||
A CSIRT disclosure policy has been drafted and is available at [[EGI_CSIRT_Information_Disclosure_Policy_(draft)]] | |||
A Critical Security operational procedure has been produced. This is a brief document describing the procedure for dealing with Critical Security Issues where action needs to be taken by a single site or multiple sites. Failure of sites to act on this or respond may lead to site suspension. Approval from the OMB is sought for this procedure. https://documents.egi.eu/secure/ShowDocument?docid=283 | |||
A more detailed Critical Vulnerability Handling procedure has also been drafted, this is a joint SVG/CSIRT document for handling Software vulnerabilities (whether in Grid middleware or other software) which have been assessed as critical. | |||
A list of objectives of TSA1.2 in 2011 was produced, which is part of the overall SA1 2011 roadmap. | |||
EGI SVG has handled 8 vulnerabilities reported through the vulnerability issue handling process, including 2 that require patches in Grid Middleware to resolve. | |||
EGI CSIRT has handled one security incident and issued three security advisories on Linux vulnerabilities, of which one is critical two are high risk. | |||
EGI CSIRT assissted all EGI sites to mitigate the critical vulnerability (CVE-2010-4170) within 7 days deadline, no site was suspended. | |||
= 3. Issues and Mitigation = | |||
<!-- fill the table below --> | |||
{| border="1" cellspacing="0" cellpadding="2" | |||
|- | |||
!scope="col"| Issue Description | |||
!scope="col"| Mitigation Description | |||
|- | |||
|Issue description || Issue mitigation | |||
|- | |- | ||
|} | |} | ||
= 4. Plans for the next period = | |||
<!-- provide your text below --> | |||
New version of detailed Critical Vulnerability Handling procedure to match some details of the Critical Security operational procedure. | |||
SVG will improve the handling of software vulnerabilities in the EGI RT to improve automation, including automatic reminders. Also define search criteria to provide input for SVG issue handling matrices, and better reporting of activities. | |||
SVG will also start holding routine monthly SVG meetings, (by phone/evo) as planned in the SVG policy document. | |||
An security assessment plan of Grid middleware is being drafted by EGI SVG and exteral partners, the plan will be finalised in next quarter. | |||
A ticketing system for incident response (RTIR) is being setup and will be in operation in next quarter. | |||
A EGI CSIRT face to face meeting is being planned, the provisional date is 6-7 April 2011. | |||
Both teams will continue handling any security issue reported and ensure the EGI security | |||
Latest revision as of 18:44, 6 January 2015
| EGI Inspire Main page |
| Inspire reports menu: | Home • | SA1 weekly Reports • | SA1 Task QR Reports • | NGI QR Reports • | NGI QR User support Reports |
1. Task Meetings
| Date (dd/mm/yyyy) | Url Indico Agenda | Title | Outcome |
|---|---|---|---|
| 18/11/2010 | https://www.egi.eu/indico/conferenceDisplay.py?confId=218 | EGI CSIRT team monthly meeting | Review previous month activities and plan for the coming month |
| 21/12/2010 | https://www.egi.eu/indico/conferenceDisplay.py?confId=241 | EGI CSIRT team monthly meeting | Review previous month activities and plan for the coming month |
| 20/01/2011 | https://www.egi.eu/indico/conferenceDisplay.py?confId=298 | EGI CSIRT team monthly meeting | Review previous month activities and plan for the coming month |
EGI CSIRT also has a weekly operational meeting on EVO. The minutes is recorded in EGI CSIRT private wiki (not publicly accessable)
2. Main Achievements
A CSIRT disclosure policy has been drafted and is available at EGI_CSIRT_Information_Disclosure_Policy_(draft)
A Critical Security operational procedure has been produced. This is a brief document describing the procedure for dealing with Critical Security Issues where action needs to be taken by a single site or multiple sites. Failure of sites to act on this or respond may lead to site suspension. Approval from the OMB is sought for this procedure. https://documents.egi.eu/secure/ShowDocument?docid=283
A more detailed Critical Vulnerability Handling procedure has also been drafted, this is a joint SVG/CSIRT document for handling Software vulnerabilities (whether in Grid middleware or other software) which have been assessed as critical.
A list of objectives of TSA1.2 in 2011 was produced, which is part of the overall SA1 2011 roadmap.
EGI SVG has handled 8 vulnerabilities reported through the vulnerability issue handling process, including 2 that require patches in Grid Middleware to resolve.
EGI CSIRT has handled one security incident and issued three security advisories on Linux vulnerabilities, of which one is critical two are high risk.
EGI CSIRT assissted all EGI sites to mitigate the critical vulnerability (CVE-2010-4170) within 7 days deadline, no site was suspended.
3. Issues and Mitigation
| Issue Description | Mitigation Description |
|---|---|
| Issue description | Issue mitigation |
4. Plans for the next period
New version of detailed Critical Vulnerability Handling procedure to match some details of the Critical Security operational procedure.
SVG will improve the handling of software vulnerabilities in the EGI RT to improve automation, including automatic reminders. Also define search criteria to provide input for SVG issue handling matrices, and better reporting of activities.
SVG will also start holding routine monthly SVG meetings, (by phone/evo) as planned in the SVG policy document.
An security assessment plan of Grid middleware is being drafted by EGI SVG and exteral partners, the plan will be finalised in next quarter.
A ticketing system for incident response (RTIR) is being setup and will be in operation in next quarter.
A EGI CSIRT face to face meeting is being planned, the provisional date is 6-7 April 2011.
Both teams will continue handling any security issue reported and ensure the EGI security