Report on Computer and Network Security Tobias Haas, DESY for the HTASC Subcommittee on Computer and Network Security.

Slides:

Advertisements

Similar presentations

REPORT TO THE XXI INTER-AMERICAN CONGRESS OF MINISTERS AND HIGH-LEVEL AUTHORITIES OF TOURISM SEPTEMBER 5-6, 2013 Culture and Tourism Section, Department.

Advertisements

9-Apr-99D.P.Kelsey, HTASC report1 HTASC - Report to HEP-CCC David Kelsey, RAL rl.ac.uk 9 April 1999 (

HR 09 IB EN 02 – German Proposal, Zagreb, 10 June 2011 Page 1 April 12, Strengthening the Ministry of Nature Protection of the Republic of Armenia.

USG INFORMATION SECURITY PROGRAM AUDIT: ACHIEVING SUCCESSFUL AUDIT OUTCOMES Cara King Senior IT Auditor, OIAC.

The International Security Standard

SLS Tape metrics questionnaire WLCG MB phoneconf, 23/11/2010 German Cancio CERN Tape Operations team

Implementation Council Meeting Structure and Resources Background: The Implementation Council (Council) roles and responsibilities are described in the.

Exception for Informed Consent for Emergency Research and the IRB: Operationalizing It Ronald F. Maio DO, MS Director, Office of Human Research Compliance.

The Act Tab (Project). Please select a button to learn more. Welcome to the Project Act Tab. Here you can Add Team Members, provide and receive Feedback,

The UN Disability Convention Equality and Human Rights Commission Engagement with disabled people and disabled people’s organisations.

UBC Senate: Supporting an integrated approach to enhancing the mental health and wellbeing of students in the academic environment Lindsey Kovacevic Academic.

The 16 th Session of WIPO Standing Committee of the Law of Patents Catherine Eunkyeong Lee APAA Patent Committee Meeting November 13, 2011, Manila.

Katie Yurkewicz April 2013 InterAction Collaboration Business Meeting.

Focus Group on the Draft InTASC Model Core Teaching Standards.

10-Nov-00D.P.Kelsey, HTASC report1 HTASC - Report to HEP-CCC David Kelsey, RAL rl.ac.uk 10 November 2000, CERN (

S.L.LloydCNAPSlide 1 CNAP What is CNAP? CNAP Structure and Membership What does CNAP do? Interaction with Sysman What is the future of CNAP? S.L.Lloyd.

BFC Information and Communication Tools. Objective to facilitate communication and information flows, the sharing of technical and administrative resources.

TOS Operating Committee Report Al Badella Technical Operations Subcommittee Chair July 14th, 2015 W ESTERN E LECTRICITY C OORDINATING C OUNCIL.

HTASC - Report to HEP-CCC David Kelsey RAL rl.ac.uk 6 Nov 1998.

16-Mar-01D.P.Kelsey, HTASC report1 HTASC - Report to HEP-CCC David Kelsey, RAL rl.ac.uk 16 March 2001, CERN (

Report to RECFA, November 20 th 2014 Hans Peter Beck: IPPOG Co-chair, Bern University Marjorie Bardeen: IPPOG Co-chair, Fermilab.

New Public Debt Committee Website Benjamin Fuentes Castro Superior Audit Office Mexico June 22, 2007 Lisbon, Portugal.

Nov 1, 2000Site report DESY1 DESY Site Report Wolfgang Friebel DESY Nov 1, 2000 HEPiX Fall

26-Jun-99D.P.Kelsey, HTASC report1 HTASC - Report to HEP-CCC David Kelsey, RAL rl.ac.uk 26 June 1999, FNAL (

European & global networks for high-energy physics communications and outreach Arnaud Marsollier (CERN / IN2P3)

Discussion on HTASC Future Tobias Haas XV HTASC 3 October, 2003 CERN.

Other Issues Manpower J. Apostolakis Geant4  Review 2009.

8-Jul-00D.P.Kelsey, HTASC report1 HTASC - Report to HEP-CCC David Kelsey, RAL rl.ac.uk 8 July 2000, SLAC (

15-Apr-1999D.P.Kelsey - HEPNT update - HEPiX/RAL1 HEPNT an update David Kelsey CLRC Rutherford Appleton Lab, UK rl.ac.uk

16-Jun-01D.P.Kelsey, HTASC report1 HTASC - Report to HEP-CCC David Kelsey, RAL rl.ac.uk 16 June 2001, CNAF/INFN/Bologna (

Katie Yurkewicz November 2013 InterAction Collaboration Business Meeting.

17-Mar-00D.P.Kelsey, HTASC report1 HTASC - Report to HEP-CCC David Kelsey, RAL rl.ac.uk 17 March 2000, CERN (

November MOIMS AREA PLENARY NAVIGATION WG REPORT November 2004 CONSULTATIVE COMMITTEE FOR SPACE DATA SYSTEMS.

RSSO refresher meeting J. Pedersen M. Tavlet, T. Otto.

November 20, 2015 Digital Library Brown Bag Web Accessibility at Indiana University Margaret Londergan & Julie Hardesty.

CARE Steering Committee and Dissemination Board R. Aleksan CARE Steering Committee Paris, April 11, Introduction.

Scott Teeters, Jr. MicroSolved, Inc. in partnership with Sogeti USA How to Fail A Penetration Test Concepts in Securing a Network.

Student Surveys November Student Survey November 2012.

Workshop IVETTE institutional Policy recommendations University of Barcelona Division V- Science Education November, 2000.

Overview Strengths of parliamentary committees Overview of reformed committee system Example of previous road safety inquiry Becoming involved.

Computer Security Risks for Control Systems at CERN Denise Heagerty, CERN Computer Security Officer, 12 Feb 2003.

List of Decisions #Decision for the Board 1 Does the Board agree to its composition? The Board requested that its composition be considered “proposed”

January 20, 2006Rod Janssen EC Green Paper on Energy Efficiency Rod Janssen Energy Consultant.

Taikan Suehara, LLR-Kyushu meeting, 20 June 2014 page 1 Discussion on DAQ: my prospects Taikan Suehara (Kyushu University)

HEPiX 2 nd Nov 2000 Alan Silverman Proposal to form a Large Cluster SIG Alan Silverman 2 nd Nov 2000 HEPiX – Jefferson Lab.

Charges in South African Retirement Funds Marilyn Kamp 19 August 2013.

Agenda: A very brief history of the SDP Responsibilities of participants Responsibilities of mentor/advisors Responsibilities of supervisors General questions.

Procedures, Experiences and Suggestions API/EI Joint Work Groups.

January 2013 Action Plan Skills Building: Module 4 Implementing and Evaluating the Action Plan.

Progress Report Performance Audit Subcommittee - PAS INTOSAI Governing Board meeting Mexico City, November 2 and 3, 2006.

Configuring, Managing and Maintaining Windows Server® 2008 Servers Course 6419A.

Computer Security Status C5 Meeting, 2 Nov 2001 Denise Heagerty, CERN Computer Security Officer.

Italy Report HTASC Meeting DESY, October 8-9, 2001 Francesco Forti, INFN-Pisa.

Randall Sobie University of Victoria IHEPCCC - HEPiX April International HEP Computing Coordination Committee Randall Sobie.

100 th ACCU meeting – 25 Years of ACCU Michael Hauschild - CERN - 4 June 2013, page 1 25 Years of ACCU Some historical view back in time.

16-Nov-01D.P.Kelsey, HTASC report1 HTASC - Report to HEP-CCC David Kelsey, RAL rl.ac.uk 16 November 2001, CERN ( )

Unit 8: Implementation, Part II Seminar Wednesday pm ET.

12-Nov-99D.P.Kelsey, HTASC report1 HTASC - Report to HEP-CCC David Kelsey, RAL rl.ac.uk 12 November 1999, CERN (

XXIII HTASC Meeting – CERN March 2003 LIP and the Traveling Physicist Jorge Gomes LIP - Computer Centre.

Tobias Haas: HTASC HTASC: A Technical Advisory Subcommittee for HEPCCC Tobias Haas Chairperson of HTASC 1 st iHEPCCC, 17 May, 2004.

#ICANN50 Standing Committee on Improvements Implementation (SCI) Activities Update to the GNSO Council ICANN-50 London Meeting 21 June 2014.

November | 1 CONTINUING CARE COUNCIL Report to Forum Year

Committee – June 30, News from CERN Erik Gottschalk June 30, 2005.

Monitoring Forest Resources for SFM in the UNECE Region

David Kelsey CCLRC/RAL, UK

Industry Numbering Committee (INC) Report to the NANC

INSPIRE fitness for purpose – Analysis

West Virginia Title I Committee of Practitioners

Access to resources by using Groups

International Training Centre of the ILO

Presentation transcript:

Report on Computer and Network Security Tobias Haas, DESY for the HTASC Subcommittee on Computer and Network Security

Mandate Advise HTASC/HEPCCC on Computer and Network Security needs and to suggest policies to meet those needs for HEP laboratories and institutes by defining computer/network security guidelines for HEP institutions, estimating the resources needed to implement such guidelines, suggesting means of communication between the institutions in case of security incidents.

Membership R. Cecchini, INFN, Firenze, (R. Cowles, SLAC) A. Flavell, University of Glasgow, W. Friebel, DESY, Zeuthen, J. Gamble, CERN, Geneva, T. Haas, DESY, Hamburg, (Chairperson) D. Heagerty, CERN, Geneva, (J. Kadleczik, Institute of Physics, Budapest) P. Moroni, CERN, Geneva, B. Perrot, IN2P3, Orsay, M. Rott, Institute of Physics, Prague E. Wassenaar, NIKHEF, Amsterdam

History Subcommittee founded by HEPCCC on the recommendation of HTASC in their 11/98 meeting. Working meeting at DESY, May Draft report to HTASC, June 1999 at the NIKHEF meeting. Proposal for final report this meeting.

What has happened since 6/99? Draft report was generally well received. A number of comments on these topics: –X11 –SSH –WINDOWS

X11 Any discussion on X11 was essentially missing. Section added: –Point out that X11 is a generically insecure protocol –Two specific remedies are pointed out: SSH tunnelling MXCONNS monitoring

SSH Initial recommendation on SSH was rather weak - strongly influenced by the CERN postion After a number of discussion via with a number of committee members: Strengthen the SSH recommendation.

WINDOWS Situation here is rather unclear and debated: –One view: WINDOWS protocols should never be allowed over border routers –Another view: NTFS most secure wide are file system. Problem that MS has a very unsatisfactory information policy.

Shortcomings Completeness!! Fast moving nature of the subject. Limited involvement of various labs that should probably have a say in this. Limits imposed by coming to a consensus on some controversial issues.

(Imperfect) Final Report My Proposal: Come to a final report for HEPCCC in November: –Include some pending comments –Point out shortcomings of the report in the introduction –Point out the need to review the subject regularly

Thanks To all members of the committee: –in particular those who went to the trouble to travel to Hamburg for the discussion meeting (J. Gamble, D. Heagarty, R. Cecchini, W. Friebel) –and those who went to the trouble to read the document very carefully and to write lengthy messages (A. Flavell, B. Perrot) D. Moenkemeyer (DESY Security Officer)