EGI Core activities:2013-bidding Security coordination
Go back to the activity list.
- Service name: Security coordination
- Service category: Operations
- Service type: Coordination
Security coordination is part of the EGI.eu coordination function.
Security is recognised as an important aspect of e-Infrastructures and requires co-ordination between the EGI participants at various levels, in particular for the prevention and handling of incidents.
This service includes the following components.
Security Operations Coordination
Central coordination of the security activities ensures that policies, operational security, and maintenance are compatible amongst all partners, improving availability and lowering access barriers for use of the infrastructure. This coordination ensures that incidents are promptly and efficiently handled, that common policies are followed by providing services such as security monitoring, and by training and dissemination with the goal of improving the response to incidents. This includes liaison with external security organisations, coordination security training, of security service challenges and of security threat risk assessment.
Security Policy Coordination
Security policy development covers diverse aspects, including operational policies (agreements on vulnerability management, intrusion detection and prevention, regulation of access, and enforcement), incident response policies (governing the exchange of information and expected actions), participant responsibilities (including acceptable use policies, identifying users and managing user communities), traceability, legal aspects, and the protection of personal data. Since research is global, such policies must be coordinated with peer infrastructures in Europe and elsewhere, such as PRACE, Open Science Grid, XSEDE, and like efforts in the Asia Pacific. Coordination mechanisms such as the FIM4R group, TERENA REFEDS, SCI, Open Grid Forum and the IGTF will need to be employed.
Security Incident Response Coordination
Coordination of incident response activities in collaboration with the Incident Response Task Force. The primary responsibility for basic incident response and forensics still lies with each NGI, while the EGI Global IRTF will coordinate incident response and information exchange. For complex multi-site incidents and in cases where advanced forensics is needed, the EGI Global IRTF will step in and take an active part, to protect the continued integrity of the EGI infrastructure as a whole. Validation of EGI Globus incident response capability is done by coordinating security service challenges that both assess readiness of infrastructure operations and verify adequate traceability features in the software used. This task will also liaise with other CSIRTs via for example TF-CSIRTS and FIRST.
Software Vulnerability Group Coordination
The Software Vulnerability Group aims to eliminate existing software vulnerabilities from the deployed infrastructure and prevent the introduction of new ones, and runs a process for handling software vulnerabilities reported. This depends on investigation and risk assessment by a collaborative team drawn from technology providers and other security groups, known as the Risk Assessment Team (RAT).
International Grid Trust Federation (IGTF) and EUGridPMA
A common authentication trust domain is required to persistently identify all EGI participants. This task is about the representation of EGI in IGTF and EUGridPMA. This representation will bring operational and policy needs of EGI to the attention of the PMA, bring issues raised by the PMA to the attention of the appropriate groups within EGI, and keep the EGI Council informed of progress and policies of the EUGridPMA. This task is also responsible for the coordination of the provision of EGI versions of the IGTF Certification Authority distributions as required by the EGI Council.