GDB July 2015 Jeremy’s quick summary notes Also refer to the meeting minutes https://twiki.cern.ch/twiki/bin/view/LCG/GDBMeetingNotes20150708.

Slides:

Advertisements

Similar presentations

WLCG Cloud Traceability Working Group progress Ian Collier Pre-GDB Amsterdam 10th March 2015.

Advertisements

WebFTS as a first WLCG/HEP FIM pilot

HEPiX IPv6 Working Group David Kelsey (STFC-RAL, UK) 4 May 2011 HEPiX, GSI, Darmstadt david.kelsey at stfc.ac.uk.

EGI-Engage Recent Experiences in Operational Security: Incident prevention and incident handling in the EGI and WLCG infrastructure.

SWITCHaai Team Federated Identity Management.

EduGAIN Code of Conduct Workshop, , Brussels GEANT eduGAIN Data Protection "Code of Conduct" Workshop Dieter Van Uytvanck

EGI-InSPIRE RI EGI-InSPIRE RI EGI-InSPIRE EGI services for the long tail of science Peter Solagna Senior Operations.

AARC Overview Licia Florio, David Groep 21 Jan 2015 presented by David Groep, Nikhef.

EGI-Engage Recent Experiences in Operational Security: Incident prevention and incident handling in the EGI and WLCG infrastructure.

Federated Identity Management for HEP David Kelsey WLCG GDB 9 May 2012.

European Grid Initiative Federated Cloud update Peter solagna Pre-GDB Workshop 10/11/

2005 © SWITCH Perspectives of Integrating AAI with Grid in EGEE-2 Christoph Witzig Amsterdam, October 17, 2005.

News from the HEPiX IPv6 Working Group David Kelsey (STFC-RAL) GridPP35, Liverpool 11 Sep 2015.

Authentication and Authorisation for Research and Collaboration Licia Florio (GÉANT) Christos Kanellopoulos (GRNET) Service orientation.

WLCG Cloud Traceability Working Group face to face report Ian Collier 11 February 2015.

EGEE-III INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks David Kelsey RAL/STFC,

LCG Introduction John Gordon, STFC-RAL GDB September 9 th, 2008.

RI EGI-InSPIRE RI EGI Future activities Peter Solagna – EGI.eu.

Machine/Job Features Update Stefan Roiser. Machine/Job Features Recap Resource User Resource Provider Batch Deploy pilot Cloud Node Deploy VM Virtual.

Using Social Media for Fundraising and Communication with Supporters Lindsay Boyle – Communications & Research Coordinator Claire Chapman – Information.

Grid Security Vulnerability Group Linda Cornwall, GDB, CERN 7 th September 2005

WebFTS File Transfer Web Interface for FTS3 Andrea Manzi On behalf of the FTS team Workshop on Cloud Services for File Synchronisation and Sharing.

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI (Present and) Future of the EGI Services for WLCG Peter Solagna – EGI.eu.

Authentication and Authorisation for Research and Collaboration Licia Florio AARC Workshop The AARC Project Brussels, 26 October.

Security Policy Update David Kelsey UK HEP Sysman, RAL 1 Jul 2011.

LCG Introduction John Gordon, STFC-RAL GDB May 2, 2007.

A Trust Framework for Security Collaboration among Infrastructures David Kelsey (STFC-RAL, UK) WLCG GDB, CERN 10 Jul 2013.

LCG Introduction John Gordon, STFC GDB June 8 th 2011.

Getting Started. Package Overview (GradeQuick)‏ Web-based grade book –Access Anywhere –Always Current Paper grade book “look and feel” Flexible grading.

Federated Identity Management for HEP David Kelsey HEPiX, IHEP Beijing 18 Oct 2012.

GDB Introduction Ian Collier STFC Rutherford Appleton Laboratory Group info (if required) GDB, January 13 th 2016.

Additional Services: Security and IPv6 David Kelsey STFC-RAL.

Evolving Security in WLCG Ian Collier, STFC Rutherford Appleton Laboratory Group info (if required) 1 st February 2016, WLCG Workshop Lisbon.

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI EGI SPG future work EGI Technical Forum Lyon, 21 Sep 2011 David Kelsey, STFC/RAL.

LCG Introduction John Gordon, STFC GDB July8th 2009.

Federated Identity Management for Scientific Collaborations The Common Vision David Kelsey (STFC) 3 Nov 2011.

JSPG Update David Kelsey MWSG, Zurich 31 Mar 2009.

Connect communicate collaborate Trust & Identity EC meets GÉANT 19 June 2014 Brussels Valter Nordh, NORDUnet Federation as a Service Task Leader Trust.

Enabling Grids for E-sciencE INFSO-RI Enabling Grids for E-sciencE Gavin McCance GDB – 6 June 2007 FTS 2.0 deployment and testing.

WLCG/DPHEP workshops in Lisbon Andrea Sciabà On behalf of the workshop organisers WLCG GDB December 9, 2015.

WLCG Operations Coordination report Maria Alandes, Andrea Sciabà IT-SDC On behalf of the WLCG Operations Coordination team GDB 9 th April 2014.

Ian Collier, STFC, Romain Wartel, CERN Maintaining Traceability in an Evolving Distributed Computing Environment Introduction Security.

HEPiX report Spring 2015 HEPiX meeting Oxford University, UK Helge Meinhard, CERN-IT Grid Deployment Board 10-Jun Helge Meinhard (at) CERN.ch.

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI EGI Federated Cloud and Software Vulnerabilities Linda Cornwall, STFC 20.

HEPiX IPv6 Working Group David Kelsey david DOT kelsey AT stfc DOT ac DOT uk (STFC-RAL) HEPiX, Vancouver 26 Oct 2011.

David Groep Nikhef Amsterdam PDP & Grid AARC Authentication and Authorisation for Research and Collaboration an impression of the road ahead.

News from the HEPiX IPv6 Working Group David Kelsey (STFC-RAL) HEPIX, BNL 13 Oct 2015.

Outcome should be a documented strategy Not everything needs to go back to square one! – Some things work! – Some work has already been (is being) done.

Networks ∙ Services ∙ People Licia Florio TNC, Lisbon Consuming identities across e- Infrastructures 16 June 2015 PDO GÈANT.

EGI-Engage EGI-Engage WP3 e-Infrastructure Commons Diego Scardaci EGI.eu/INFN 6/18/2016 EGI-Engage – First.

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI Questionnaires to Cloud technology providers and sites Linda Cornwall, STFC,

Authentication and Authorisation for Research and Collaboration Licia Florio AARC CORBEL Workshop The AARC Project Paris, 31 May.

LCG Introduction John Gordon, STFC-RAL GDB June 11 th, 2008.

LCG Introduction John Gordon, STFC-RAL GDB November 7th, 2007.

EGI-InSPIRE EGI-InSPIRE RI The European Grid Infrastructure Steven Newhouse Director, EGI.eu Project Director, EGI-InSPIRE 29/06/2016CoreGrid.

WLCG Operations Coordination Andrea Sciabà IT/SDC GDB 11 th September 2013.

HEPiX spring 2013 report HEPiX Spring 2013 CNAF Bologna / Italy Helge Meinhard, CERN-IT Contributions by Arne Wiebalck / CERN-IT Grid Deployment Board.

WLCG workshop in Lisbon Andrea Sciabà On behalf of the WLCG workshop organisers WLCG MB December 8, 2015.

GDB Introduction Ian Collier STFC Rutherford Appleton Laboratory GDB, May 11 th 2016.

WLCG Update Hannah Short, CERN Computer Security.

Jeremy Coles, STFC-RAL GDB April 4, 2007

LCG Security Status and Issues

John Gordon, STFC-RAL GDB June 6, 2007

WLCG Collaboration Workshop;

GÉANT 4-2 JRA3 T1 and T2 Federations and Campus (CaFe) e-Infrastructures and Service Providers (RASP) Daniela Pöhn JRA3 T1 LRZ/DFN-AAI Technology Exchange.

GÉANT 4-2 JRA3 Daniela Pöhn JRA3 T1 LRZ/DFN-AAI

Building a minimum viable Security Operations Centre

GEANT Data protection Code of Conduct 2.0 REFEDS meeting 16 June 2019

Federated Incident Response

Check-in Identity and Access Management solution that makes it easy to secure access to services and resources.

Presentation transcript:

GDB July 2015 Jeremy’s quick summary notes Also refer to the meeting minutes

Introduction Topics review Meetings: Dates in indico. October a grid/cloud day co- organised with HEPiX. ARGUS: EL7/Java8 first tests no problems. PEPD problem identified at CERN. Multicore accounting: Good progress. Some (UK) sites not yet publishing. Please check. Workshop: ISCTE, Lisbon. First week February. Actions: Machine/Job features needs testers. Security class 2 services list. Storage create protocol/implementation list.

Update on identity federation AARC (H2020). Issues identity federation – make it work! Sirtfi: Incident response for federations (CERN, InCommon, LIGO, Surfeit, Sunet). Register contacts in EduGain. WLCG pilot: Can authenticate without x509 and get x509 for backend services. More Vos welcome. User identity mapping complicated. Next steps: Several including lobbying for eduPersonUniqueID.

News from the front Linux=Windows. Ie. Large attacks target both. Data Center compromises occur (admin credentials). Conferences being targeted. Take care with links. Exploitation chain Competition between EK: eg. Angler EK Cryptolocker: Make backups! Raise the bar on dealing with adversary

Security policies Last update GDB June User AUP: generalise; acknowledgements; liability; new version few comments; data protection under advisement. VM endorsement and operation: use case. Personal data protection: have something on job accounting but need to expand to monitoring, logs etc. GEANT Data Protection Code of Conduct Transfer outside of the EU; evaluating the use of a single policy. Federated Identity and IGTF IOTA

Spring 2015 HEPiX meeting Reports on progress and plans 134 registered participants. Tracks & trends: security & networking. Storage & file systems: CEPH. Ethernet drives. Not simplifying Grids/clouds IT facilities/business continuity. Basic IT services: ELK, Kibana, Puppet…. Site reports Next meeting: th October

ARGO Service Monitoring Argoeu.github.io (GRNET) A flexible and scalable framework that replaces SAM. Status and avail for services. Customer defined profiles. Flexible deployment models. Site: Open source development approach.

IPv6 Review of exhaustion of addresses. Depends on definition. Some updates from the IPv6 group on site developments and experiment tests. Testbed data transfer issues often shows areas problematic eg. FTS3 Work needed on (SAM3) monitoring to get it working with IPv6. Focus from September. Experiment IPv6 requirements.

EGI Cloud Principles: Hybrid cloud federation. Multi tenant model. Services: AAI. Accounting. Monitoring. Registry. EGI endorsed VM. VM image management. Federated service management. Definitions: Cloud federation; realm; Community platform (examples given) Other integration efforts.