The wiki is deprecated and due to be decommissioned by the end of September 2022.
The content is being migrated to other supports, new updates will be ignored and lost.
If needed you can get in touch with EGI SDIS team using operations @ egi.eu.
SEC01
| Main | EGI.eu operations services | Support | Documentation | Tools | Activities | Performance | Technology | Catch-all Services | Resource Allocation | Security |
| Documentation menu: | Home • | Manuals • | Procedures • | Training • | Other • | Contact ► | For: | VO managers • | Administrators |
 This page is under construction.
|
| Title | EGI CSIRTSecurity Incident Handling Procedure |
| Document link | https://documents.egi.eu/public/ShowDocument?docid=710 |
| Last modified | V4 |
| Policy Group Acronym | EGI-CSIRT |
| Policy Group Name | EGI-CSIRT |
| Contact Group | EGI-CSIRT IRTF irtf@mailman.egi.eu |
| Document Status | DRAFT |
| Approved Date | |
| Procedure Statement | |
| Owner | Owner of procedure |
Overview
This procedure is aimed at minimising the impact of security incidents by encouraging post- mortem analysis and promoting cooperation between grid sites. It is based on the EGI Incident Response policy [R1].
Definitions
Please refer to the EGI Glossary for the definitions of the terms used in this procedure.
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", “MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119.
Entities involved in the procedure
- IRTF: Overall incident coordination
- Resource Center : Incident Response on Resource Center level
- NGI Security Contacts: Incident Coordination on NGI level (if requested from IRTF)
- VO-Security Contacts
- VM Endorsers
Requirements
Steps
The following table describes
| Step# | Responsible | Action | Prerequisites, if any | |
|---|---|---|---|---|
Revision History
| Version | Authors | Date | Comments |
|---|---|---|---|
| V4.0 | Sven Gabriel | 15. July 2015 |