EGI-InSPIRE:MS108 Security

From EGIWiki
(Redirected from MS108 Security)
Jump to: navigation, search
EGI Inspire Main page

Notes to contributors

Assessment: (Provide an assessment of the delivery of services over the past year from a managerial perspective; highlight positive areas and areas for improvement; do not include future plans; text should be roughly 1-2 paragraphs)

Score: (assign a numerical score from 1 to 5 with a succinct explanation of what needs to be improved to increase your score – remove numerical description references upon completion) 1 = An unacceptable level of service was delivered

2 = A level of service that was below expectations was delivered

3 = An acceptable service level has been delivered

4 = A level of service that exceeded expectations was delivered, but there is scope for even further improvement

5 = An excellent service has been delivered that should be considered as best practice

Table 4: EGI Global task assessment:Security
# Name Assessment Score How to Improve
# Security The EGI CSIRT and EGI SVG are security teams responsable for operational security of EGI project. Both teams are well established and have sufficient workload due to the increasing number of NGIs. More effort from NGIs might be needed in the future. At the moment, 16 NGIs are contributing to EGI CSIRT activities.

However the coordination of EGI SVG activity is signifcantly underfunded, with only a fraction EGI funding. The EGI SVG activity is coordinated by UK NGI (Linda Cornwall). In the past, the UK NGI was able to provide some funding (0.5 FTE) through GridPP3 project, which will end by March 2011. There is no funding in GridPP4 specifically allocated to this activity.

The required effort for the operational implementation of the IGTF trust fabric in EGI was significantly more than anticipated, due to increased policy complexity prepared as the result of Council deliberations, and because the EGI Trust Anchor Distribution was the first product to be delivered through the EGI software release process to the NGIs and resource centres. It is expected that the excess effort will decrease over time and be more in line with the allocation. This also means that - in line with the bid - the operational implementation should be devolved to the NGIs over time.

4 Although both teams are able to handle various security issues efficiently, there is still room for improvment. Both teams are looking into internal procedures and ways of automating various tasks.