Traceability WLCG GDB Amsterdam, 7 March 2016 David Kelsey STFC/RAL.

Slides:



Advertisements
Similar presentations
Grid Security Policy GridPP18, Glasgow David Kelsey 21sr March 2007.
Advertisements

5-Dec-02D.P.Kelsey, GridPP Security1 GridPP Security UK Security Workshop 5-6 Dec 2002, NeSC David Kelsey CLRC/RAL, UK
CERN Summary Ian Bird eInfrastructure Workshop 9 December, 2003.
TEG next steps Ian Bird, CERN GDB CERN, 9 th May 2012.
WLCG Cloud Traceability Working Group progress Ian Collier Pre-GDB Amsterdam 10th March 2015.
WLCG Security TEG, risks and Identity Management David Kelsey GridPP28, Manchester 18 Apr 2012.
HEPiX IPv6 Working Group David Kelsey (STFC-RAL, UK) 4 May 2011 HEPiX, GSI, Darmstadt david.kelsey at stfc.ac.uk.
Ian Bird WLCG Management Board CERN, 17 th February 2015.
Security Incident Response Trust Framework for Federated Identity (Sir-T-Fi) David Kelsey (STFC-RAL) REFEDS, Indianapolis 26 Oct 2014 and now abbreviated.
Trust and Security for FIM (Sirtfi/SCI) David Kelsey (STFC-RAL) FIM4R at CERN 4 Feb 2015.
David Groep Nikhef Amsterdam PDP & Grid Traceability in the face of Clouds EGI-GEANT Symposium – cloud security track With grateful thanks for the input.
Federated Identity Management for HEP David Kelsey WLCG GDB 9 May 2012.
INFSO-RI Enabling Grids for E-sciencE SA1: Cookbook (DSA1.7) Ian Bird CERN 18 January 2006.
LCG and HEPiX Ian Bird LCG Project - CERN HEPiX - FNAL 25-Oct-2002.
EGEE-III INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks David Kelsey RAL/STFC,
JSPG: User-level Accounting Data Policy David Kelsey, CCLRC/RAL, UK LCG GDB Meeting, Rome, 5 April 2006.
Preliminary Conclusions VO Box Task Force GDB Meeting 5 april 2006.
Workshop summary Ian Bird, CERN WLCG Workshop; DESY, 13 th July 2011 Accelerating Science and Innovation Accelerating Science and Innovation.
WLCG Security: A Trust Framework for Security Collaboration among Infrastructures David Kelsey (STFC-RAL, UK) CHEP2013, Amsterdam 17 Oct 2013.
WLCG Cloud Traceability Working Group face to face report Ian Collier 11 February 2015.
EGEE-III INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks David Kelsey RAL/STFC,
8-Jul-03D.P.Kelsey, LCG-GDB-Security1 LCG/GDB Security (Report from the LCG Security Group) RAL, 8 July 2003 David Kelsey CCLRC/RAL, UK
Ian Bird GDB; CERN, 8 th May 2013 March 6, 2013
LCG Pilot Jobs + glexec John Gordon, STFC-RAL GDB 7 November 2007.
15-Dec-04D.P.Kelsey, LCG-GDB-Security1 LCG/GDB Security Update (Report from the Joint Security Policy Group) CERN 15 December 2004 David Kelsey CCLRC/RAL,
Apr 26, 20071/3 OSG Executive Board Meeting Gabriele Garzoglio OSG Executive Board Meeting Gabriele Garzoglio VO Services, PL Computing Division, Fermilab.
Grid Security Vulnerability Group Linda Cornwall, GDB, CERN 7 th September 2005
Summary of AAAA Information David Kelsey Infrastructure Policy Group, Singapore, 15 Sep 2008.
Trusted Virtual Machine Images a step towards Cloud Computing for HEP? Tony Cass on behalf of the HEPiX Virtualisation Working Group October 19 th 2010.
Security Policy Update David Kelsey UK HEP Sysman, RAL 1 Jul 2011.
A Trust Framework for Security Collaboration among Infrastructures David Kelsey (STFC-RAL, UK) 1 st WISE, Barcelona 20 Oct 2015.
Ian Bird GDB CERN, 9 th September Sept 2015
A Trust Framework for Security Collaboration among Infrastructures David Kelsey (STFC-RAL, UK) WLCG GDB, CERN 10 Jul 2013.
VO Box Issues Summary of concerns expressed following publication of Jeff’s slides Ian Bird GDB, Bologna, 12 Oct 2005 (not necessarily the opinion of)
LCG Report from GDB John Gordon, STFC-RAL MB meeting February24 th, 2009.
GDB Introduction Ian Collier STFC Rutherford Appleton Laboratory Group info (if required) GDB, January 13 th 2016.
LCG Support for Pilot Jobs John Gordon, STFC GDB December 2 nd 2009.
Security Policy: From EGEE to EGI David Kelsey (STFC-RAL) 21 Sep 2009 EGEE’09, Barcelona david.kelsey at stfc.ac.uk.
Workload management, virtualisation, clouds & multicore Andrew Lahiff.
Security Policy Update WLCG GDB CERN, 14 May 2008 David Kelsey STFC/RAL
Additional Services: Security and IPv6 David Kelsey STFC-RAL.
Evolving Security in WLCG Ian Collier, STFC Rutherford Appleton Laboratory Group info (if required) 1 st February 2016, WLCG Workshop Lisbon.
EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI EGI SPG future work EGI Technical Forum Lyon, 21 Sep 2011 David Kelsey, STFC/RAL.
Data management demonstrators Ian Bird; WLCG MB 18 th January 2011.
Ian Bird LCG Project Leader Updating the Resource Planning for 2009/2010.
Federated Identity Management for Scientific Collaborations The Common Vision David Kelsey (STFC) 3 Nov 2011.
JSPG Update David Kelsey MWSG, Zurich 31 Mar 2009.
Ian Bird Overview Board; CERN, 8 th March 2013 March 6, 2013
Criteria for Deploying gLite WMS and CE Ian Bird CERN IT LCG MB 6 th March 2007.
Ian Bird WLCG MB 16 th February Feb 2016
LCG Pilot Jobs + glexec John Gordon, STFC-RAL GDB 7 December 2007.
Ian Collier, STFC, Romain Wartel, CERN Maintaining Traceability in an Evolving Distributed Computing Environment Introduction Security.
EGEE-II INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks Security aspects (based on Romain Wartel’s.
The HEPiX IPv6 Working Group David Kelsey (STFC-RAL) EGI OMB 19 Dec 2013.
Grid Security Policy: EGEE to EGI David Kelsey (RAL) 16 Sep 2009 JSPG meeting, DFN Berlin david.kelsey at stfc.ac.uk.
15-Jun-04D.P.Kelsey, LCG-GDB-Security1 LCG/GDB Security Update (Report from the LCG Security Group) CERN 15 June 2004 David Kelsey CCLRC/RAL, UK
Cloud Security Session: Introduction 25 Sep 2014Cloud Security, Kelsey1 David Kelsey (STFC-RAL) EGI-Geant Symposium Amsterdam 25 Sep 2014.
Traceability & isolation evolution Vincent BRILLAULT, CERN/EGI-CSIRT GDB Mars 2015, Amsterdam.
Ian Bird, CERN WLCG Project Leader Amsterdam, 24 th January 2012.
Traceability & Isolation WG Vincent BRILLAULT, CERN/EGI-CSIRT GDB June 2016, CERN.
SCI & Sirtfi David Kelsey (STFC-RAL) EGI Conference, Lisbon 19 May 2015.
Security Incident Response Trust Framework for Federated Identity (Sir-T-Fi) David Kelsey (STFC-RAL) REFEDS, Indianapolis 26 Oct 2014.
Evolution of storage and data management
Status of Task Forces Ian Bird GDB 8 May 2003.
David Kelsey CCLRC/RAL, UK
Ian Bird GDB Meeting CERN 9 September 2003
Summary of Lisbon Workshop
Summary from last MB “The MB agreed that a detailed deployment plan and a realistic time scale are required for deploying glexec with setuid mode at WLCG.
Federated Identity Management for Scientific Collaborations
Ian Bird LCG Project - CERN HEPiX - FNAL 25-Oct-2002
Presentation transcript:

Traceability WLCG GDB Amsterdam, 7 March 2016 David Kelsey STFC/RAL

Ian Bird – Lisbon Summary Security, AAA, etc Fully address traceability: –Freeze deployment of glexec – keep it supported for the exisiting use, but no point to expend further effort in deployment –Need full traceability solutions and tools: Experiment frameworks –Work needed to get VO traceability info into CERN SoC (or to …) Use of VMs/containers helps Invest in deploying ‘big data’ tools for managing traceability data –SoC capability, appliances?  Traceability working group needed?  This is a reflection of the trust of VO’s now, rather than trying to trust many individuals 16 Feb 2016

Policy on Traceability & Logging Management of Risk Identify cause of incidents –essential to prevent re-occurrence Contain the impact of an incident –keep services operational Response commensurate with scale of the problem Identify the source of all actions –and the individual who initiated them Fine-grained controls –block the originating us er Essential to understand cause –fix problems before re-enabling access for the user 16 Feb 2016

Aims today What can we change to improve traceability? –Especially with new technology –Change in trust models Replacement for gLexec in the longer term Do we need a working group? 16 Feb 2016

Agenda 16 Feb 2016

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.