SCI & Sirtfi David Kelsey (STFC-RAL) EGI Conference, Lisbon 19 May 2015.

Slides:



Advertisements
Similar presentations
EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI AAI in EGI Status and Evolution Peter Solagna Senior Operations Manager
Advertisements

Federated Identity Management for Research Communities (FIM4R) David Kelsey (STFC-RAL) EGI TF, AAI workshop 19 Sep 2012.
Information Resources and Communications University of California, Office of the President UCTrust Implementation Experiences David Walker, UCOP Albert.
Security Incident Response Trust Framework for Federated Identity (Sir-T-Fi) David Kelsey (STFC-RAL) REFEDS, Indianapolis 26 Oct 2014 and now abbreviated.
Trust and Security for FIM (Sirtfi/SCI) David Kelsey (STFC-RAL) FIM4R at CERN 4 Feb 2015.
BoF: Federated Identity Management for Researchers David Kelsey (STFC-RAL) TNC2014, Dublin 20 May 2014.
Authentication and Authorization in a federated environment Jules Wolfrat (SARA)
Sirtfi David Kelsey (STFC-RAL) REFEDS at TNC15 14 June 2015.
Federated Identity Management for HEP David Kelsey WLCG GDB 9 May 2012.
Security Update WLCG GDB CERN, 12 June 2013 David Kelsey STFC/RAL.
European Life Sciences Infrastructure for Biological Information Life science community update for the 7 th Federated Identity Management.
Federated Identity Management for Research Communities (FIM4R) David Kelsey (STFC-RAL) EGI CF, FIM workshop 11 Apr 2013.
WLCG Security: A Trust Framework for Security Collaboration among Infrastructures David Kelsey (STFC-RAL, UK) CHEP2013, Amsterdam 17 Oct 2013.
EResearchers Requirements the IGTF model of interoperable global trust and with a view towards FIM4R AAI Workshop Presenter: David Groep, Nikhef.
Authentication and Authorisation for Research and Collaboration Licia Florio REFEDS Meeting The AARC Project I2 Technology Exchange.
Security Policy Update David Kelsey UK HEP Sysman, RAL 1 Jul 2011.
A Trust Framework for Security Collaboration among Infrastructures David Kelsey (STFC-RAL, UK) 1 st WISE, Barcelona 20 Oct 2015.
A Trust Framework for Security Collaboration among Infrastructures David Kelsey (STFC-RAL, UK) WLCG GDB, CERN 10 Jul 2013.
Federated Identity Management for HEP David Kelsey HEPiX, IHEP Beijing 18 Oct 2012.
Security Policy: From EGEE to EGI David Kelsey (STFC-RAL) 21 Sep 2009 EGEE’09, Barcelona david.kelsey at stfc.ac.uk.
Additional Services: Security and IPv6 David Kelsey STFC-RAL.
EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI EGI SPG future work EGI Technical Forum Lyon, 21 Sep 2011 David Kelsey, STFC/RAL.
Federated Identity Management for Scientific Collaborations The Common Vision David Kelsey (STFC) 3 Nov 2011.
JSPG Update David Kelsey MWSG, Zurich 31 Mar 2009.
b2access.eudat.eu B2ACCESS The simple and secure authorisation and authentication platform of EUDAT This work is licensed under the Creative.
Networks ∙ Services ∙ People Marina Adomeit FIM4R meeting Virtual Organisation Platform as a Service VOPaaS Nov 30, 2015, Austria Task Leader,
Traceability WLCG GDB Amsterdam, 7 March 2016 David Kelsey STFC/RAL.
Who doesn’t need to be WISE? Bringing into reality global information security collaboration Alessandra Scicchitano GÉANT - Project Development Officer.
Networks ∙ Services ∙ People Marina Adomeit TNC16 Conference, Prague Towards a platform for supporting collaboration GÉANT VOPaaS
PRACE security Jules Wolfrat, SURFsara, The Netherlands April 25, 2013, EGI CSIRT meeting, Linköping, Sweden 10 May Montpellier.
Authentication and Authorisation for Research and Collaboration David Kelsey AARC AHM Utrecht NA3 Task 4 – Scalable Policy Negotiation.
Cloud Security Session: Introduction 25 Sep 2014Cloud Security, Kelsey1 David Kelsey (STFC-RAL) EGI-Geant Symposium Amsterdam 25 Sep 2014.
Security Policy Update WLCG GDB CERN, 11 June 2008 David Kelsey STFC/RAL
Security in the wider world David Kelsey (STFC-RAL) GridPP37 – Ambleside 2 Sep 2016.
Research Community Requirements (FIM4R) David Kelsey (STFC-RAL) VAMP Workshop 6 Sep 2012.
Security Incident Response Trust Framework for Federated Identity (Sir-T-Fi) David Kelsey (STFC-RAL) REFEDS, Indianapolis 26 Oct 2014.
Building Trust for Research and Collaboration
Welcome to 11th FIM4R 11th Meeting, Montréal September 2017
WISE Information Security for Collaborating E-Infrastructures
Security Management Geant SIG-SIM – Alf Moens
WISE 2016 WISE: a global trust community where security experts share information and work together, creating collaboration among different e- infrastructures.
David Kelsey STFC-RAL 4th WISE workshop, Nikhef 27 March 2017
Boosting AAI for research and collaboration
The Policy Puzzle Many groups and (proposed) policies, but leaving many open issues AARC “NA3” is tackling a sub-set of these “Levels of Assurance” –
Bring the WLCG federation Home
David Kelsey STFC-RAL 2nd WISE workshop, XSEDE16, Miami 18 July 2016
Federated Identity Management for Researchers (FIM4R)
EGI Security Policy Update
Boosting AAI for research and collaboration
Incident Response Hannah Short Sirtfi and Beyond
Incident Response for Federated Identities
Federated Identity Management for Scientific Collaborations
The AARC Project Licia Florio (GÉANT) Christos Kanellopoulos (GRNET)
The AARC Project Licia Florio AARC Coordinator GÉANT
Minimal Level of Assurance (LoA)
Policy in harmony: our best practice
Policy and Best Practice … in practice
OIDC Federation for Infrastructures
Updated (VO) Community Security Policies
AARC Blueprint Architecture and Pilots
Supporting communities with harmonized policy
EUGridPMA Status and Current Trends and some IGTF topics March 2018 APGridPMA ISGC Meeting David Groep, Nikhef & EUGridPMA.
OIDC Federation for Infrastructures
David Kelsey (STFC-RAL)
WP3: Policy and Best Practice Harmonisation
David Groep for the entire AARC Policy Team I2TechEX18 meeting
WISE Information Security for collaborating e-Infrastructures David Kelsey (STFC-RAL, UK Research and Innovation) ISGC2019, Taipei, 2 April 2019 In collaboration.
UmbrellaID in the EOSC era ?
Federated Incident Response
WISE, SCI & policy templates David Kelsey (STFC-RAL, UK Research and Innovation) FIM4R & TIIME, Vienna, 11 February 2019.
Presentation transcript:

SCI & Sirtfi David Kelsey (STFC-RAL) EGI Conference, Lisbon 19 May 2015

Security for Collaborating Infrastructures (SCI) A collaborative activity of information security officers from large-scale infrastructures –EGI, OSG, PRACE, EUDAT, CHAIN, WLCG, XSEDE, … Developed out of EGEE – security policy group We are developing a Trust framework –Enable interoperation (security teams) –Manage cross-infrastructure security risks –Develop policy standards –Especially where not able to share identical security policies Version 1 of SCI document 19 May 2015SCI & Sirtfi, Kelsey2

SCI: areas addressed Operational Security Incident Response Traceability Participant Responsibilities –Individual users –Collections of users –Resource providers, service operators Legal issues and Management procedures Protection and processing of Personal Data/Personally Identifiable Information 19 May 2015SCI & Sirtfi, Kelsey3

Security Incident Response Trust Framework for Federated Identity (Sirtfi) Start with some background 19 May 2015SCI & Sirtfi, Kelsey4

Federated IdM for Research (FIM4R) Includes photon & neutron facilities, social science & humanities, high energy physics, climate science, life sciences and ESA Aim: define common vision, requirements and best practices Vision and requirements paper published 19 May 2015SCI & Sirtfi, Kelsey5

FIM4R paper Operational requirements include: Traceability. Identifying the cause of any security incident is essential for containment of its impact and to help prevent re-occurrence. The audit trail needs to include the federated IdPs. Appropriate Security Incident Response policies and procedures are required which need to include all IdPs and SPs. 19 May 2015SCI & Sirtfi, Kelsey6

19 May 2015SCI & Sirtfi, Kelsey7

19 May 2015SCI & Sirtfi, Kelsey8

19 May 2015SCI & Sirtfi, Kelsey9

19 May 2015SCI & Sirtfi, Kelsey10

Sirtfi - Aims Abstract The Sirtfi group (Security Incident Response Trust Framework for Federated Identity) is a collaborative activity of information security professionals from national identity federations and distributed IT infrastructures in the research & education sector. Its aim is to simplify the management of cross-infrastructure operational security risks, to build trust and develop policy standards for collaboration in security incident response. 19 May 2015SCI & Sirtfi, Kelsey11

Sirtfi Builds on SCI document Coordinated response to a security incident –in a federated context No centralised authority or governance structure Document defines a set of capabilities and roles IdP or SP organisation self-asserts. Organisations asserting conformance –will coordinate their response to security incidents –processes to be defined elsewhere To be taken forward in REFEDS and EU H2020 AARC 19 May 2015SCI & Sirtfi, Kelsey12

Questions? 19 May 2015SCI & Sirtfi, Kelsey13

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.