|EGI Inspire Main page|
|Inspire reports menu:||Home •||SA1 weekly Reports •||SA1 Task QR Reports •||NGI QR Reports •||NGI QR User support Reports|
1. Task Meetings
|Date (dd/mm/yyyy)||Url Indico Agenda||Title||Outcome|
|17/02/2011||https://www.egi.eu/indico/conferenceDisplay.py?confId=354||EGI CSIRT team monthly meeting||Review previous month activities and plan for the coming month|
|17/03/2011||https://www.egi.eu/indico/conferenceDisplay.py?confId=430||EGI CSIRT team monthly meeting||Review previous month activities and plan for the coming month|
|6-7/04/2011||https://www.egi.eu/indico/conferenceDisplay.py?confId=298||EGI CSIRT team face to face meeting||Review Y1 activities and plan for the coming 6 months (until next f2f meeting)|
EGI CSIRT also has a weekly operational meeting on EVO. The minutes is recorded in EGI CSIRT private wiki (not publicly accessable)
2. Main Achievements
EGI CSIRT held an face to face meeting at KIT in Germany 6-7 April 2011. Work and activities of last 11 months had been reviewed and discussed. A plan for next 6 months is discussed and agreed. A list of actions is also agreed and produced. The next face to face meeting will be at next EGI TF in September 2011.
A ticketing system for incident response (RTIR) has been setup and a brief internal training was given at the face to face meeting.
Completed and finalized the EGI-CSIRT critical vulnerability operational procedure which describes the procedure for dealing with Critical Security Issues where action needs to be taken by a single site or multiple sites. This has been approved by the EGI OMB.
EGI SVG, jointly with EMI representatives, has produced a Security assessment plan which identifies which software components within EMI are going to be assessed and when the assessments are going to take place. It also states which software packages that have been assessed so far.
On behalf of EGI SCG, SVG chair (Linda) has presented a poster at the EGI User Forum summarising what the security groups do, including SVG and CSIRT.
EGI CSIRT has handled 3 security incidents and issued two security alerts, of which one is high risk, another is critical.
EGI SVG has handled 11 new vulnerabilities reported, including 8 concerning Grid Middleware.
3. Issues and Mitigation
|Issue Description||Mitigation Description|
|Came cross first [CRITICAL middleware vulnerability EGI_CSIRT:Alerts/dCache-2011-03-30, the current critical vulnerability procedure might need to be updated to cover some missing points||This issue has been noted and will be addressed when the procedure being revised|
4. Plans for the next period
The Security Service Challenge 5 (SSC5) is sheduled to start later May and early June 2011. The final preparation is on the way. SSC5 is a cross NGI security challenge. The Security Service Challenge 4 (SSC4), which is a challenge per NGI, is still planned. SSC4 will probably start in quarter 6 or thereafter.
SVG will improve the handling of software vulnerabilities in the EGI RT to improve automation, including automatic reminders. Also define search criteria to provide input for SVG issue handling matrices, and better reporting of activities.
SVG will also start holding routine monthly SVG meetings, (by phone/evo) as planned in the SVG policy document.
Both teams will continue handling any security issue reported and ensure the EGI security