UKI ROC/GridPP/EGEE Security Mingchao Ma Oxford 22 October 2008.

Slides:

Advertisements

Similar presentations

Joining the Grid Andrew McNab. 28 March 2006Andrew McNab – Joining the Grid Outline ● LCG – the grid you're joining ● Related projects ● Getting a certificate.

Advertisements

Computer Security: Principles and Practice

WLCG Security TEG, risks and Identity Management David Kelsey GridPP28, Manchester 18 Apr 2012.

INFSO-RI Enabling Grids for E-sciencE Operational Security OSCT JSPG March 2006 Ian Neilson, CERN.

EGI-Engage Recent Experiences in Operational Security: Incident prevention and incident handling in the EGI and WLCG infrastructure.

SSC2 and Update on Multi-user Pilot Jobs Framework Mingchao Ma, STFC – RAL HEPSysMan Meeting 20/06/2008.

INFSO-RI Enabling Grids for E-sciencE Incident Response Policies and Procedures Carlos Fuentes

Operational Security Working Group Topics Incident Handling Process –OSG Document Review & Comments:

EGEE-II INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks EGEE Operations Ian Bird, CERN IT/GD LHCC.

What if you suspect a security incident or software vulnerability? What if you suspect a security incident at your site? DON’T PANIC Immediately inform:

EGEE ARM-2 – 5 Oct LCG Security Coordination Ian Neilson LCG Security Officer Grid Deployment Group CERN.

Enabling Grids for E-sciencE EGEE III Security Training and Dissemination Mingchao Ma, STFC – RAL, UK OSCT Barcelona 2009.

GGF12 – 20 Sept LCG Incident Response Ian Neilson LCG Security Officer Grid Deployment Group CERN.

GGF Fall 2004 Brussels, Belgium September 20th, 2004 James Marsteller Pittsburgh Supercomptuing Center

Deployment Issues David Kelsey GridPP13, Durham 5 Jul 2005

Security Update Mingchao Ma HEPSYSMAN - Security 1 st July 2009.

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI EGI Federated Cloud F2F Security Issues in the cloud Introduction Linda Cornwall,

02/07/09 1 WLCG NAGIOS Kashif Mohammad Deputy Technical Co-ordinator (South Grid) University of Oxford.

Ali Pabrai, CISSP, CSCS ecfirst, chairman & ceo Preparing for a HIPAA Security Audit.

EGEE-III INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks ROD model assessment ROC UKI John Walsh.

GridPP Deployment & Operations GridPP has built a Computing Grid of more than 5,000 CPUs, with equipment based at many of the particle physics centres.

EGEE-III INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks David Kelsey RAL/STFC,

Training and Dissemination Enabling Grids for E-sciencE Jinny Chien, ASGC 1 Training and Dissemination Jinny Chien Academia Sinica Grid.

EGI – Security Training and Dissemination Mingchao Ma STFC – RAL, UK.

LCG/EGEE Security Operations HEPiX, Fall 2004 BNL, 22 October 2004 David Kelsey CCLRC/RAL, UK

15-Dec-04D.P.Kelsey, LCG-GDB-Security1 LCG/GDB Security Update (Report from the Joint Security Policy Group) CERN 15 December 2004 David Kelsey CCLRC/RAL,

INFSO-RI Enabling Grids for E-sciencE EGEE SA1 in EGEE-II – Overview Ian Bird IT Department CERN, Switzerland EGEE.

EGEE-II INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks Operational Security Coordination Team Ian.

EGEE-II INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks ROC Security Contacts R. Rumler Lyon/Villeurbanne.

Security Operations David Kelsey GridPP Deployment Board 3 Mar 2005

A Trust Framework for Security Collaboration among Infrastructures David Kelsey (STFC-RAL, UK) WLCG GDB, CERN 10 Jul 2013.

Reflections “from around the block.” (Security) Ian Neilson GridPP Security Officer STFC RAL.

INFSO-RI Enabling Grids for E-sciencE An overview of EGEE operations & support procedures Jules Wolfrat SARA.

Security Policy: From EGEE to EGI David Kelsey (STFC-RAL) 21 Sep 2009 EGEE’09, Barcelona david.kelsey at stfc.ac.uk.

1 CREATING AND MANAGING CERT. 2 Internet Wonderful and Terrible “The wonderful thing about the Internet is that you’re connected to everyone else. The.

Additional Services: Security and IPv6 David Kelsey STFC-RAL.

Quickly Establishing A Workable IT Security Program EDUCAUSE Mid-Atlantic Regional Conference January 10-12, 2006 Copyright Robert E. Neale This.

AEGIS Academic and Educational Grid Initiative of Serbia Antun Balaz (NGI_AEGIS Technical Manager) Dusan Vudragovic (NGI_AEGIS Deputy.

EGEE-III INFSO-RI Enabling Grids for E-sciencE COD20. June 2009 Helsinki R-COD in UKI Claire Devereux, Jeremy Coles & Co. COD-20,

Security EGEE/SA1 ROC Managers ARM-3 meeting Lyon, 17 March 2005 David Kelsey CCLRC/RAL, UK

EGEE ARM-2 – 5 Oct LCG/EGEE Security Coordination Ian Neilson Grid Deployment Group CERN.

Training and Dissemination Enabling Grids for E-sciencE Jinny Chien, ASGC 1 Training and Dissemination Jinny Chien Academia Sinica Grid.

EGEE-II INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks Best Practice and Training Mingchao Ma Operation.

Planning for LCG Emergencies HEPiX, Fall 2005 SLAC, 13 October 2005 David Kelsey CCLRC/RAL, UK

Recent lessons learned: Operational Security David Kelsey CCLRC/RAL, UK GDB Meeting, BNL, 5 Sep 2006.

26/01/2007Riccardo Brunetti OSCT Meeting1 Security at The IT-ROC Status and Plans.

Why a Commercial Provider should Join the Academic Cloud Federation David Blundell Managing Director 100 Percent IT Ltd Simple, Flexible, Reliable.

INFSO-RI Enabling Grids for E-sciencE Joint Security Policy Group David Kelsey, CCLRC/RAL, UK 3 rd EGEE Project.

Incident Response Christian Seifert IMT st October 2007.

EGEE-II INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks EGEE Operational Procedures (Contacts, procedures,

EGEE-II INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks Security aspects (based on Romain Wartel’s.

INFSO-RI Enabling Grids for E-sciencE Operational Security Coordination Team OSCT report EGEE-4, Pisa Ian Neilson, CERN.

Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 17 – IT Security.

15-Jun-04D.P.Kelsey, LCG-GDB-Security1 LCG/GDB Security Update (Report from the LCG Security Group) CERN 15 June 2004 David Kelsey CCLRC/RAL, UK

Cloud Security Session: Introduction 25 Sep 2014Cloud Security, Kelsey1 David Kelsey (STFC-RAL) EGI-Geant Symposium Amsterdam 25 Sep 2014.

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI SA1.2 Plans 2013 Security Operations David Kelsey (STFC) 26/02/2013 Operations.

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI EGI SVG F2F Virtual Machines VM images, software run on VMS. 3 rd March 2015.

Bob Jones EGEE Technical Director

EGI – Round table discussion

SA1 Status Report EGEE Grid Operations & Management

Responding to Intrusions

LCG Security Status and Issues

Ian Bird GDB Meeting CERN 9 September 2003

LCG/EGEE Incident Response Planning

Report on SLA progress Ioannis Liabotis <ilaboti at grnet.gr>

The CCIN2P3 and its role in EGEE/LCG

Romain Wartel EGEE08 Conference, Istanbul, 23rd September 2008

Securing Cisco Networks with Threat Detection and Analysis practice-questions.html.

Nordic ROC Organization

Securing Cisco Networks with Threat Detection and Analysis practice-questions.html.

Presentation transcript:

UKI ROC/GridPP/EGEE Security Mingchao Ma Oxford 22 October 2008

Security Policy 22 Oct Mingchao Ma, Oxford 2 Security Policy Site & VO Policies Certification Authorities Traceability and Logging Incident Response Accounting Data Privacy (draft) Pilot Jobs and other Grid Services Grid & VO AUPs

EGEE Security Groups 22 Oct. 2008Mingchao Ma, Oxford3

OSCT 22 Oct. 2008Mingchao Ma, Oxford4 Operational Security Coordination Team (OSCT) Regional Operation Centre (ROC) Day-to-day coordination ……… Site … … … … Grid Security On-Duty

OSCT Activities Weekly telephone meeting; Twice F2F meeting per year Work together with other security groups to improve Grid security; Provide security expertise to sites; Handling and mitigating Grid security incidents –Procedures; Incident tracking; IR Channel (list, IM) and Security Service Challenges; Best practice, training and dissemination –Security RSS feed; OSCT website/Wiki; Training events Security Tools (monitoring, detection and prevention ) –Pakiti; SAM security tests Analysing and evaluating security risks/vulnerabilities (together with GSVG) 22 Oct. 2008Mingchao Ma, Oxford5

UKI ROC and GridPP Security officer, deputy security officer and production manager Quarterly report to PMB; Day to day operational security issues Run security service challenges (SSC) Best practices, recommendations, Procedure; –Wiki, GridPP security page; OSCT-DC rota; Handle and response security incident/vulnerability … 22 Oct. 2008Mingchao Ma, Oxford6

Incident Handling – UKI ROC Policy & Procedure –Detect, Contain, Analysis and Restore Communication Channels –Copy of security contacts ( & tel. in GOCDB) –Tier2 technical coordinators –Production manager –PMB –JANET CSIRTs and University CSIRTS ?? 22 Oct. 2008Mingchao Ma, Oxford7

Security Incidents So far no “grid incident”... but will happen (where the grid is the attack vector)‏ A few incidents per year within the grids From a site perspective, the incidents are often caused by: – Failure to apply security patches provided by vendors – Poor access control management (ex: root password)‏ – Incidents at other sites – Unresolved past security incidents (lack of traceability)‏ – Incorrect risk assessment (threats were not correctly identified) – Shared user community, staff and computing resources between grids and HEP sites make propagation easier 22 Oct. 2008Mingchao Ma, Oxford8

NGS Security Policy –Regulations for Use of the UK National Grid Service (2005) –NGS Security Incident Response policy (2005) Security incident handling –Building up security contact list –NGS-Operation mailing list ?? 22 Oct. 2008Mingchao Ma, Oxford9

Links Policy – OSCT – GridPP – NGS – 22 Oct. 2008Mingchao Ma, Oxford10

More links EGEE Security OSCT Wiki Security RSS feed Vulnerability reporting Incident reporting –Incident response procedure 22 Oct. 2008Mingchao Ma, Oxford11