Www.egi.eu EGI-InSPIRE RI-261323 SPG Tasks for Year 2011 Jan 2011 Kelsey/Security Policy Group1.

Slides:

Advertisements

Similar presentations

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI GGUS user authentication Tiziana Ferrari/EGI.eu Peter Solagna/EGI.eu

Advertisements

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI EGI - Identity Management Steven Newhouse Director, EGI.eu Federated Identity.

INFSO-RI Enabling Grids for E-sciencE Update on LCG/EGEE Security Policy and Procedures David Kelsey, CCLRC/RAL, UK

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI EGI Security Policy Group Summary EGI TF David Kelsey 6/28/

EGI-Engage Recent Experiences in Operational Security: Incident prevention and incident handling in the EGI and WLCG infrastructure.

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI EGI Security Policy Group EGI Technical Forum Sep 2010 David Kelsey.

EGI-InSPIRE RI EGI-InSPIRE RI EGI-InSPIRE EGI services for the long tail of science Peter Solagna Senior Operations.

EGI-Engage Recent Experiences in Operational Security: Incident prevention and incident handling in the EGI and WLCG infrastructure.

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI EG recent developments T. Ferrari/EGI.eu ADC Weekly Meeting 15/05/

Security Update WLCG GDB CERN, 12 June 2013 David Kelsey STFC/RAL.

EGEE-III INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks David Kelsey RAL/STFC,

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI Vision for European DCIs Steven Newhouse Project Director, EGI-InSPIRE 15/09/2010.

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI EGI Federated Cloud F2F Security Issues in the cloud Introduction Linda Cornwall,

Security Policy Update LCG GDB Prague, 4 Apr 2007 David Kelsey CCLRC/RAL

EGEE-III INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks David Kelsey RAL/STFC,

Virtualised Worker Nodes Where are we? What next? Tony Cass GDB /12/12.

15-Dec-04D.P.Kelsey, LCG-GDB-Security1 LCG/GDB Security Update (Report from the Joint Security Policy Group) CERN 15 December 2004 David Kelsey CCLRC/RAL,

GDB July 2015 Jeremy’s quick summary notes Also refer to the meeting minutes

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI Enforcement of the personal data retention policy Peter Solagna, EGI.eu WLCG.

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI EGI Federated Cloud Security - what is needed Linda Cornwall (STFC) and the.

9-Oct-03D.P.Kelsey, LCG-GDB-Security1 LCG/GDB Security (Report from the LCG Security Group) FNAL 9 October 2003 David Kelsey CCLRC/RAL, UK

Summary of AAAA Information David Kelsey Infrastructure Policy Group, Singapore, 15 Sep 2008.

EGI-Engage Recent Experiences in Operational Security: Incident prevention and incident handling in the EGI and WLCG infrastructure.

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI (Present and) Future of the EGI Services for WLCG Peter Solagna – EGI.eu.

Trusted Virtual Machine Images a step towards Cloud Computing for HEP? Tony Cass on behalf of the HEPiX Virtualisation Working Group October 19 th 2010.

Security Policy Update David Kelsey UK HEP Sysman, RAL 1 Jul 2011.

A Trust Framework for Security Collaboration among Infrastructures David Kelsey (STFC-RAL, UK) 1 st WISE, Barcelona 20 Oct 2015.

A Trust Framework for Security Collaboration among Infrastructures David Kelsey (STFC-RAL, UK) WLCG GDB, CERN 10 Jul 2013.

Security Policy: From EGEE to EGI David Kelsey (STFC-RAL) 21 Sep 2009 EGEE’09, Barcelona david.kelsey at stfc.ac.uk.

Security Policy Update WLCG GDB CERN, 14 May 2008 David Kelsey STFC/RAL

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI Accounting Old and New Requirements John Gordon Revised 22/3/12.

EGI-InSPIRE RI EGI EGI-InSPIRE RI Service Operations Security Policy the new generalised site operations security policy.

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI EGI SPG future work EGI Technical Forum Lyon, 21 Sep 2011 David Kelsey, STFC/RAL.

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI Evolution of AAI for e- infrastructures Peter Solagna Senior Operations Manager.

JSPG Update David Kelsey MWSG, Zurich 31 Mar 2009.

Security Policy Update WLCG GDB CERN, 8 Dec 2010 David Kelsey STFC/RAL david.kelsey AT stfc.ac.uk.

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI Draft Security Virtualisation Policy (for Romain Wartel – CERN) EGI Technical.

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI Accounting Requirements Stuart Pullinger STFC 09/04/2013 EGI CF – Accounting.

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI Policy Development in EGI.eu/EGI-InSPIRE Damir Marinovic (EGI.eu)

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI Plans for PY2 Steven Newhouse Project Director, EGI.eu 30/05/2011 Future.

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI EGI CSIRT Procedure for Compromised Certificates and Central Security Emergency.

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI Operations Portal Development Update on Requirements Cyril L'Orphelin IN2P3/CNRS.

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI VOMS Proxy Lifetime UCB 21 Aug 2012 David Kelsey STFC.

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI UMD Roadmap Steven Newhouse 14/09/2010.

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI EGI Federated Cloud and Software Vulnerabilities Linda Cornwall, STFC 20.

EGI-InSPIRE RI SPG Tasks for Year 2011 Jan 2011 Kelsey/Security Policy Group1.

RI EGI-InSPIRE RI Astronomy and Astrophysics Dr. Giuliano Taffoni Dr. Claudio Vuerli.

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI Resource allocation Małgorzata Krakowian 1.

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI Enabling SSO capabilities in the EGI Cloud services Peter Solagna – EGI.eu.

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI Questionnaires to Cloud technology providers and sites Linda Cornwall, STFC,

Trusted Virtual Machine Images the HEPiX Point of View Tony Cass October 21 st 2011.

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI EGI Technology Sustainability Discussion Points DCI Sustainability Meeting.

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI Accounting Requirements Stuart Pullinger STFC 09/04/2013 EGI CF – Accounting.

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI /04/14 1 EGI Community Forum 2014 Federated Cloud image management Marios.

Grid Security Policy: EGEE to EGI David Kelsey (RAL) 16 Sep 2009 JSPG meeting, DFN Berlin david.kelsey at stfc.ac.uk.

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI VO Services Activities VO Services Activities NA3 F2F Meeting (3/03/2011)

Authentication and Authorisation for Research and Collaboration David Kelsey AARC AHM Utrecht NA3 Task 4 – Scalable Policy Negotiation.

EGI-InSPIRE EGI-InSPIRE RI The European Grid Infrastructure Steven Newhouse Director, EGI.eu Project Director, EGI-InSPIRE 29/06/2016CoreGrid.

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI John Gordon EGI Virtualisation and Cloud Workshop Amsterdam 13 th May 2011.

The HEPiX Virtualisation Working Group Towards a Grid of Clouds Tony Cass CHEP 2012 May 24 th 2012.

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI John Gordon EGI Virtualisation and Cloud Workshop Amsterdam 12 th May 2011.

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI EGI Sustainability & Business Models Sergio Andreozzi EGI.eu Policy Development.

Security Policy Update WLCG GDB CERN, 11 June 2008 David Kelsey STFC/RAL

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI D4.4 and the EGI review Dr Linda Cornwall 19 th Sept 2011 D4.41.

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI Scientific Publications Repository

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI EGI SVG F2F Virtual Machines VM images, software run on VMS. 3 rd March 2015.

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI DCI Collaborations Steven Newhouse 15/09/2010 DCI Vision1.

WLCG Collaboration Workshop;

Updated (VO) Community Security Policies

Update - Security Policies

Presentation transcript:

EGI-InSPIRE RI SPG Tasks for Year 2011 Jan 2011 Kelsey/Security Policy Group1

EGI-InSPIRE RI Work for year 1 To date there have been no formal requests from EGI management for SPG to study particular policy issues –Except for some comments from EB –And Steven talking about Virtualisation at SCG meeting Jan 2011 Kelsey/Security Policy Group2

EGI-InSPIRE RI Policy issues from EB Comments received during EB review –Definition of Pseudonymous Web User not clear In VO Portal Policy –Top-Level policy uses different approach to references from other documents –Some use RFC2119 “MUST”, “SHOULD” etc, some do not Jan Kelsey/Security Policy Group

EGI-InSPIRE RI Document revision The oldest document is the top-level main Security Policy I think we should start with that –Avoid overlap with policy sub-documents –Make applicable to new EGI/NGI world –And of use to other DCIs –Review style of references (inline or not?) An important review –Sets approach for all our future work Jan Kelsey/Security Policy Group

EGI-InSPIRE RI VM Endorsement There is a particle physics (HEPiX) working group on Virtualisation This has produced a draft security policy on the Endorsement of Trusted Virtual Machine Images – Steven has suggested we look at this topic more generally Jan Kelsey/Security Policy Group

EGI-InSPIRE RI Policy framework During the last year of JSPG Discussed the development of a policy framework for collaborating Grids A way of defining policy standards required for trustworthy interoperation –Not policy words –List of policy components that must be addressed We should do more on this –Good way of interacting with many DCIs –WLCG is looking at Security Incident Response Jan Kelsey/Security Policy Group

EGI-InSPIRE RI Other areas of weakness Clear definition of responsibility and liability Treatment of data protection, data privacy –Some have asked for policy on storage accounting What can we do to improve policies for VRCs? Others? Jan Kelsey/Security Policy Group

EGI-InSPIRE RI Discussion Jan Kelsey/Security Policy Group