Tom Barton (WG Chair) University of Chicago and Internet2

Slides:



Advertisements
Similar presentations
Identifying and Responding to Security Incidents in the Law Firm
Advertisements

Disaster Recovery and Business Continuity Ensuring Member Service in Times of Crisis.
Security Incident Response Trust Framework for Federated Identity (Sir-T-Fi) David Kelsey (STFC-RAL) REFEDS, Indianapolis 26 Oct 2014 and now abbreviated.
Trust and Security for FIM (Sirtfi/SCI) David Kelsey (STFC-RAL) FIM4R at CERN 4 Feb 2015.
INFSO-RI Enabling Grids for E-sciencE Incident Response Policies and Procedures Carlos Fuentes
Operational Security Working Group Topics Incident Handling Process –OSG Document Review & Comments:
Sirtfi David Kelsey (STFC-RAL) REFEDS at TNC15 14 June 2015.
1 Unit 4 – PEMS roles and Responsibilities. Unit 4PEMS Roles and Responsibilities Goals: Understanding roles and responsibilities of emergency preparedness.
Overview – Indistar® SSOS Online Web Tool in comparison to the publication “ Evaluating the Statewide System of Support” Assessment Process Planning Process.
INTRODUCTION: THE FIRST TRY InCommon eduGAIN Policy and Community Working Group.
Data Governance 101. Agenda  Purpose  Presentation (Elijah J. Bell) Data Governance Data Policy Security Privacy Contracts  FERPA—The Law  Q & A.
Compliance Monitoring and Enforcement Audit Program - The Audit Process.
SecSDLC Chapter 2.
1 CREATING AND MANAGING CERT. 2 Internet Wonderful and Terrible “The wonderful thing about the Internet is that you’re connected to everyone else. The.
INTRODUCTION: THE FIRST TRY InCommon eduGAIN Policy and Community Working Group.
California Department of Public Health / 1 CALIFORNIA DEPARTMENT OF PUBLIC HEALTH Standards and Guidelines for Healthcare Surge during Emergencies How.
INTRODUCTION TO IDENTITY FEDERATIONS Heather Flanagan, NSRC.
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 17 – IT Security.
SCI & Sirtfi David Kelsey (STFC-RAL) EGI Conference, Lisbon 19 May 2015.
Security Incident Response Trust Framework for Federated Identity (Sir-T-Fi) David Kelsey (STFC-RAL) REFEDS, Indianapolis 26 Oct 2014.
Building Global CSIRT Capabilities Barbara Laswell, Ph. D
WISE Information Security for Collaborating E-Infrastructures
Security Management Geant SIG-SIM – Alf Moens
WISE 2016 WISE: a global trust community where security experts share information and work together, creating collaboration among different e- infrastructures.
David Kelsey STFC-RAL 4th WISE workshop, Nikhef 27 March 2017
Clerks’ Briefing Spring 2016.
Office 365 Security Assessment Workshop
WISE WG STAA Awareness and Training
Cross-sector and user-centric AAI
The Policy Puzzle Many groups and (proposed) policies, but leaving many open issues AARC “NA3” is tackling a sub-set of these “Levels of Assurance” –
WISE 2017 Collaborating Communities
Learning objective Understand how to safeguard children in relation to legislation, frameworks, policies and procedures. Identify current.
Ticket Handling, Queue Management and QlikView Dashboard Workshop
AARC Update What’s been happening in AARC which matters for GÉANT
Data Architecture World Class Operations - Impact Workshop.
Certification of Trusted Repositories
LCG Security Status and Issues
Ian Bird GDB Meeting CERN 9 September 2003
12.2 Conduct Procurements The process of obtaining seller responses, selecting a seller and awarding the contract The team applies selection criteria.
David Kelsey STFC-RAL 2nd WISE workshop, XSEDE16, Miami 18 July 2016
LCG/EGEE Incident Response Planning
By: W.P. Daeng Beta Yusri Heni Asep S.H. Syaifulloh
Are you ready for a federated security incident?
Incident Response for Federated Identities
Minimal Level of Assurance (LoA)
GÉANT 4-2 JRA3 T1 and T2 Federations and Campus (CaFe) e-Infrastructures and Service Providers (RASP) Daniela Pöhn JRA3 T1 LRZ/DFN-AAI Technology Exchange.
Policy in harmony: our best practice
Stepping Forward Together Financially
Policy and Best Practice … in practice
OIDC Federation for Infrastructures
Update - Security Policies
AARC Blueprint Architecture and Pilots
Supporting communities with harmonized policy
EUGridPMA Status and Current Trends and some IGTF topics March 2018 APGridPMA ISGC Meeting David Groep, Nikhef & EUGridPMA.
OIDC Federation for Infrastructures
Risk Management: why and how to protect your health center
David Kelsey (STFC-RAL)
WP3: Policy and Best Practice Harmonisation
GÉANT 4-2 JRA3 Daniela Pöhn JRA3 T1 LRZ/DFN-AAI
David Groep for the entire AARC Policy Team AARC2 AHM4 meeting
Computer Emergency Response Team
BUSINESS CONTINUITY PLAN
Guidance on Effective Practices in Broader Distribution
Stewardship in biotechnology
What is IT audit? An examination of how IT systems where implemented to ensure that they meet the organization’s business needs without compromising.
WISE Information Security for collaborating e-Infrastructures David Kelsey (STFC-RAL, UK Research and Innovation) ISGC2019, Taipei, 2 April 2019 In collaboration.
Baseline Expectations for Trust in Federation
Federated Incident Response
Future GridPP Security
BUSINESS CONTINUITY PLAN
Presentation transcript:

Tom Barton (WG Chair) University of Chicago and Internet2 SIRTFI WG Update Tom Barton (WG Chair) University of Chicago and Internet2

SIRTFI - security incident response trust framework for federated identity Be willing to collaborate in responding to a federated security incident. Apply basic operational security protections to your federated entities in line with your organization’s priorities. Self-assert SIRTFI “tag” so that others will know to trust this about you.

Overall arc of work1 Sirtfi v1.0 and related Done Establish means to indicate compliance and how to contact Define roles and responsibilities of the various parties in managing federated security incidents, information sharing guidelines, tools, procedures, and templates In process Establish means for proactive notification of an account compromise when it can be expected to produce a substantial impact to an at-risk SP organisation Queued [1] https://wiki.refeds.org/display/GROUPS/SIRTFI

Current deliverables Incident Response in R&E Federations Handbook intended to minimise time to mount an effective response to an incident increase sharing of useful non-confidential info Per-role documents Provide people with the details they need when they need it, material from the handbook by role Template IR policies for fed operators Give federations (& other orgs?) a starting point if they need it SIRTFI website Where to go for everything IR in R&E Feds

Incident Response for R&E Federations: Outline Intro What Triggers an Incident Response? Stages of Federated Incident Response On-Going Preparatory Activities Handling the “Something’s Odd” Report and Opening an Incident Adding New Members to the IR Team Identify, Contain, and Eradicate Recovery Incident Wrap-Up Table of All Roles and All Responsibilities Appendices (sharing guidelines, templates, preparation guides)

Incident Response Team Support Organisation An actual organisation is needed to anchor Fed IR processes, pay license costs, provide support staffing: Maintain readiness of IR Team collaboration tools Secure chat Secure file drop On-board persons to an IR Team Coordination of “Something’s Odd” report and opening an incident Incident coordinator, or identify each incident’s coordinator Maintain SIRTFI website Queued: possible role in implementing proactive notification

Related activities Sirtfi+ Registry incubation GÉANT-developed security contact checking tool InCommon POC for keeping security contacts fresh eduGAIN security team Security Communications Challenge Coordination Joint Working Group WISE, SIG-ISM, IGTF, REFEDS, anyone who wants to pitch in Any others, besides SIRTFI? Established sharing and response centers: REN-ISAC, CSIRTs, ...

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.