Www.egi.eu EGI-InSPIRE RI-261323 EGI-InSPIRE www.egi.eu EGI-InSPIRE RI-261323 EGI Security Threat Risk Assessment Dr Linda Cornwall Rutherford Appleton.

Slides:



Advertisements
Similar presentations
EGEE-II INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks Grid Security Vulnerabilities Dr Linda Cornwall,
Advertisements

Risk Assessment What is RISK?  requires vulnerability  likelihood of successful attack  amount of potential damage Two approaches:  threat modeling.
Chapter 5: Asset Classification
EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI EGI Security Policy Group Summary EGI TF David Kelsey 6/28/
Computer Security: Principles and Practice
Risk Management.
WLCG Security TEG, risks and Identity Management David Kelsey GridPP28, Manchester 18 Apr 2012.
EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI The EGI Software Vulnerability Group and EMI Dr Linda Cornwall, STFC, Rutherford.
EGI-Engage Recent Experiences in Operational Security: Incident prevention and incident handling in the EGI and WLCG infrastructure.
Security Incident Response Trust Framework for Federated Identity (Sir-T-Fi) David Kelsey (STFC-RAL) REFEDS, Indianapolis 26 Oct 2014 and now abbreviated.
EGI-InSPIRE The EGI Software Vulnerability Group (SVG) What is a Software Vulnerability?SVG membership and interaction with other groups Most people are.
Project Risk Management. The Importance of Project Risk Management Project risk management is the art and science of identifying, analyzing, and responding.
What if you suspect a security incident or software vulnerability? What if you suspect a security incident at your site? DON’T PANIC Immediately inform:
EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI EGI Security Policy Group EGI Technical Forum Sep 2010 David Kelsey.
EGI-InSPIRE RI EGI-InSPIRE RI EGI-InSPIRE EGI services for the long tail of science Peter Solagna Senior Operations.
EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI Future support of EGI services Tiziana Ferrari/EGI.eu Future support of EGI.
The Grid Services Security Vulnerability and Risk Assessment Activity in EGEE-II Enabling Grids for E-sciencE EGEE-II INFSO-RI
EGI-Engage Recent Experiences in Operational Security: Incident prevention and incident handling in the EGI and WLCG infrastructure.
EGEE-II INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks Handling Grid Security Vulnerabilities in.
What if you suspect a security incident or software vulnerability? What if you suspect a security incident at your site? DON’T PANIC Immediately inform:
Security Update WLCG GDB CERN, 12 June 2013 David Kelsey STFC/RAL.
EGEE-III INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks Grid Security Vulnerability Handling and.
EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI EGI Federated Cloud F2F Security Issues in the cloud Introduction Linda Cornwall,
CC3020N Fundamentals of Security Management CC3020N Fundamentals of Security Management Lecture 2 Risk Identification and Risk Assessment.
EGEE-II INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks GSVG issues handling Dr Linda Cornwall CCLRC.
Security Vulnerabilities Linda Cornwall, GridPP15, RAL, 11 th January 2006
EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI EGI Federated Cloud Security - what is needed Linda Cornwall (STFC) and the.
Grid Security Vulnerability Group Linda Cornwall, GDB, CERN 7 th September 2005
EGI-Engage Recent Experiences in Operational Security: Incident prevention and incident handling in the EGI and WLCG infrastructure.
A Trust Framework for Security Collaboration among Infrastructures David Kelsey (STFC-RAL, UK) 1 st WISE, Barcelona 20 Oct 2015.
EGEE-III INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks Vulnerability handling, Risk management,
A Trust Framework for Security Collaboration among Infrastructures David Kelsey (STFC-RAL, UK) WLCG GDB, CERN 10 Jul 2013.
Security Vulnerability Identification and Reduction Linda Cornwal, JRA1, Brno 20 th June 2005
EGEE-II INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks Grid Services Security Vulnerability and.
Risk Identification and Risk Assessment
EGI-InSPIRE RI EGI EGI-InSPIRE RI Service Operations Security Policy the new generalised site operations security policy.
EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI EGI SPG future work EGI Technical Forum Lyon, 21 Sep 2011 David Kelsey, STFC/RAL.
EGI-InSPIRE RI EGI EGI-InSPIRE RI Establishing Identity in EGI the authentication trust fabric of the IGTF and EUGridPMA.
WLCG Authentication & Authorisation LHCOPN/LHCONE Rome, 29 April 2014 David Kelsey STFC/RAL.
Security Policy Update WLCG GDB CERN, 8 Dec 2010 David Kelsey STFC/RAL david.kelsey AT stfc.ac.uk.
Planning for LCG Emergencies HEPiX, Fall 2005 SLAC, 13 October 2005 David Kelsey CCLRC/RAL, UK
EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI Draft Security Virtualisation Policy (for Romain Wartel – CERN) EGI Technical.
INFSO-RI Enabling Grids for E-sciencE Joint Security Policy Group David Kelsey, CCLRC/RAL, UK 3 rd EGEE Project.
EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI EGI CSIRT Procedure for Compromised Certificates and Central Security Emergency.
EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI VOMS Proxy Lifetime UCB 21 Aug 2012 David Kelsey STFC.
EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI EGI Federated Cloud and Software Vulnerabilities Linda Cornwall, STFC 20.
INFORMATION ASSURANCE POLICY. Information Assurance Information operations that protect and defend information and information systems by ensuring their.
EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI Enabling SSO capabilities in the EGI Cloud services Peter Solagna – EGI.eu.
EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI Questionnaires to Cloud technology providers and sites Linda Cornwall, STFC,
Component D: Activity D.3: Surveys Department EU Twinning Project.
News from EUGridPMA EGI OMB, 22 Jan 2013 David Kelsey (STFC) Using notes from David Groep 22/01/20131EUGridPMA News.
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 17 – IT Security.
15-Jun-04D.P.Kelsey, LCG-GDB-Security1 LCG/GDB Security Update (Report from the LCG Security Group) CERN 15 June 2004 David Kelsey CCLRC/RAL, UK
Cloud Security Session: Introduction 25 Sep 2014Cloud Security, Kelsey1 David Kelsey (STFC-RAL) EGI-Geant Symposium Amsterdam 25 Sep 2014.
EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI SA1.2 Plans 2013 Security Operations David Kelsey (STFC) 26/02/2013 Operations.
EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI D4.4 and the EGI review Dr Linda Cornwall 19 th Sept 2011 D4.41.
EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI EGI SVG F2F Virtual Machines VM images, software run on VMS. 3 rd March 2015.
ISSeG Integrated Site Security for Grids WP2 - Methodology
Directory/Inventory – info sharing for security people
EGI Software Vulnerability Group (SVG) report to CSIRT F2F
David Kelsey STFC-RAL 2nd WISE workshop, XSEDE16, Miami 18 July 2016
COMP3357 Managing Cyber Risk
OSG Computer Security Plans
Romain Wartel EGEE08 Conference, Istanbul, 23rd September 2008
EGI Security Risk Assessment
IS4550 Security Policies and Implementation
Software Vulnerability Group Status update
David Kelsey (STFC-RAL)
Prevention is better than Cure
Dr Linda Cornwall STFC/RAL EGI OMB 27th September 2013
Presentation transcript:

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI EGI Security Threat Risk Assessment Dr Linda Cornwall Rutherford Appleton Laboratory /STFC 1/3/2016 EGI TF12 – 18 th September 20121

EGI-InSPIRE RI Contents D4.4 – Security Risk Assessment of the EGI Infrastructure EGI Security Threat Risk Assessment – Description EGI Security Threat Risk Assessment – Results Still to do/EGI Review /3/2016 EGI Security Threat Risk Assessment – Linda Cornwall EGI TF12 2

EGI-InSPIRE RI D4.4 Security Risk Assessment of the EGI Infrastructure D4.4 is a public document at: ment?docid=863 Completed at the end of January /3/2016 EGI Security Threat Risk Assessment – Linda Cornwall EGI TF12 3

EGI-InSPIRE RI D4.4 What we considered Possibly the reviewers last year were not fully aware of the security activities taking place in EGI D4.4 aimed to be a comprehensive document describing the groups and activities As well as a plan for a Security Threat Risk Assessment. 1/3/2016 EGI Security Threat Risk Assessment – Linda Cornwall EGI TF12 4

EGI-InSPIRE RI Scope and aims of EGI security Where we give our answer to the question “what does it mean to be secure in the Grid” The EGI Ecosystem Service and RPs, funding bodies, SW providers, User community. EGI’s Assets Aims and Role of EGI.eu 1/3/2016 EGI Security Threat Risk Assessment – Linda Cornwall EGI TF12 5

EGI-InSPIRE RI Scope and aims (cont.) Users and EGI Security Including assurances they can expect/not expect and obligations Resource providers Again assurances they can expect and obligations Data and information security Including what types of data EGI infrastructure is/is not suitable for 1/3/2016 EGI Security Threat Risk Assessment – Linda Cornwall EGI TF12 6

EGI-InSPIRE RI EGI D4.4 other contents Security Groups and activities in EGI Practices and standards This includes standards for information management e.g. ISO series and how some procedures are already partially compliant Possible further future usage of standards and conclusions Operational Security during EGI Plans for the Security Threat Risk Assessment 1/3/2016 EGI Security Threat Risk Assessment – Linda Cornwall EGI TF12 7

EGI-InSPIRE RI EGI Security Threat Risk Assessment Threats are seen as threats to EGI’s assets, whether they be technical threats or social threats Assets are listed Defined Steps for carrying out the Security Threat Risk Assessment Starting with establishing a team to carry out the work 1/3/2016 EGI Security Threat Risk Assessment – Linda Cornwall EGI TF12 8

EGI-InSPIRE RI The team “The EGI Security Assessment group” Riccardo Brunetti Eygene Ryabinkin Linda Cornwall Adam Smutnicki Carlos Fuentes Bermejo Virginia Martin Rubio Pascual Sven Gabriel Peter Solagna David Groep Elisa Heymann David Kelsey Observers/for info: Maarten Litmaath Mingchao Ma Romain Wartel Giuseppe Misurelli Tiziana Ferrari Leif Nixon David O’Callaghan THANKS TO ALL OF THESE PEOPLE!! For work on D4.4 and the Security threat risk assessment 1/3/2016 EGI Security Threat Risk Assessment – Linda Cornwall EGI TF12 9

EGI-InSPIRE RI How the team worked Series of EVO meetings Discussed and came to a consensus on methods we used Most of the work carried out in a spreadsheet 1/3/2016 EGI Security Threat Risk Assessment – Linda Cornwall EGI TF12 10

EGI-InSPIRE RI Assessment not public Not all the information should be public The assessment inevitably includes a list of weaknesses within the existing infrastructure and planned mitigations; if it were public it would be a valuable source of information to potential attackers 1/3/2016 EGI Security Threat Risk Assessment – Linda Cornwall EGI TF12 11

EGI-InSPIRE RI Threat categories Defined 20 threat categories, examples Threats due to software vulnerabilities Physical Security Threats to the infrastructure Scientific and User data reliability Illegal and general misuse Threats to external parties Security Threats from installation of new software and technologies 1/3/2016 EGI Security Threat Risk Assessment – Linda Cornwall EGI TF12 12

EGI-InSPIRE RI Selection of Threats Each team member given 1 or 2 categories, and asked to identify threats and establish the current situation/mitigation in place Total of 75 threats identified Mostly high level threats, not technology dependent 1/3/2016 EGI Security Threat Risk Assessment – Linda Cornwall EGI TF12 13

EGI-InSPIRE RI Threat Category example Threats due to software vulnerabilities Incident due to exploit of vulnerability in grid middleware Incident due to exploit of vulnerability in commonly deployed software other than middleware widely used in the EGI infrastructure (e.g. Linux) Incident due to vulnerabilities in other software installed on the infrastructure (e.g. VO software) 1/3/2016 EGI Security Threat Risk Assessment – Linda Cornwall EGI TF12 14

EGI-InSPIRE RI Computation of Risk Risk is usually the product of the likelihood and impact/cost Actuarial computation of risk This is the typical method used by insurance companies based on statistics (e.g. death rates at a given age) We have no suitable statistics So we looked for a way of providing a numerical value based on judgment 1/3/2016 EGI Security Threat Risk Assessment – Linda Cornwall EGI TF12 15

EGI-InSPIRE RI Method chosen for computation of Risk We decided to ask all members to rate the ‘likelihood’ and ‘impact’ of each risk between 1 and 5. Risk = ‘Likelihood’ x ‘Impact’ That gives a max risk value of 25. Ratings based on current situation and mitigation in place We recognize that people’s ratings are always a bit subjective, so we tried to add some objectivity 1/3/2016 EGI Security Threat Risk Assessment – Linda Cornwall EGI TF12 16

EGI-InSPIRE RI ‘Likelihood’ guidelines 1.Unlikely to happen 2.May happen 2-3 times every 5 years 3.Expected to happen once a year or so 4.Happens every few months 5.Happens once a month or more 1/3/2016 EGI Security Threat Risk Assessment – Linda Cornwall EGI TF12 17

EGI-InSPIRE RI Impact guidelines based on WLCG Impact guidelines based on WLCG Computer Security Risks Assessment _teg/WLCG%20Risk%20Assessment.pdfhttp://rwartel.web.cern.ch/rwartel/security _teg/WLCG%20Risk%20Assessment.pdf Shortened description…. 1/3/2016 EGI Security Threat Risk Assessment – Linda Cornwall EGI TF12 18

EGI-InSPIRE RI ‘Impact’ guidelines 1.Minimal impact on EGI’s ability to deliver its services to users or on any asset 2.Minor impact, such as some operational or financial costs, local disruption 3.Serious localized disruption to some services for some users, for a week or more 4.Serious Multi-national disruption 5.Very serious disruption, damage to reputation and/or 3 rd parties 1/3/2016 EGI Security Threat Risk Assessment – Linda Cornwall EGI TF12 19

EGI-InSPIRE RI Team members ratings We received 9 sets of ratings on likelihood and impact. 2 were from 2 people jointly Therefore 11 members effectively provided responses. In some cases blanks or question marks were present for some threats These were not counted in the computation 1/3/2016 EGI Security Threat Risk Assessment – Linda Cornwall EGI TF12 20

EGI-InSPIRE RI Risk Computation Risk in each case computed by taking the product of likelihood and impact for each response Average risk computed – weighting those sets of results returned by 2 people twice Average impact also computed All is in a spreadsheet 1/3/2016 EGI Security Threat Risk Assessment – Linda Cornwall EGI TF12 21

EGI-InSPIRE RI Discussion on divergent ratings Then each member was asked to compare the result to their own ratings Members invited to highlight any threat they wished to discuss No numbers actually changed – but highlight some threats with higher risk or higher impact as a result of the discussions 1/3/2016 EGI Security Threat Risk Assessment – Linda Cornwall EGI TF12 22

EGI-InSPIRE RI Threats reported We reported threats having a risk value of 8 or more (out of max. of 25) - 18 found We reported threats having an impact value of 4 or more (max 5) - 3 found Plus one other highlighted as a result of discussion This is out of 75 threats identified 1/3/2016 EGI Security Threat Risk Assessment – Linda Cornwall EGI TF12 23

EGI-InSPIRE RI Threats of highest risk value New software or technology may be installed which leads to security problems History has shown that new technology or software comes with new set of problems Risk = 11.3 Incident due to exploit of vulnerability in software other than Grid middleware E.g. linux Risk = /3/2016 EGI Security Threat Risk Assessment – Linda Cornwall EGI TF12 24

EGI-InSPIRE RI Threats of highest risk value (2) Security problems arising from the move to IPv6 Risk = 10.9 Insufficient staff may be available to carry out security activities Risk = 10.6 Incident spreads across the Grid Risk = /3/2016 EGI Security Threat Risk Assessment – Linda Cornwall EGI TF12 25

EGI-InSPIRE RI Threats of highest risk value (3) The move to more use of Cloud technologies may lead to security problems Risk = 10.1 Un-patched software and host operating systems not updated Risk = 9.9 1/3/2016 EGI Security Threat Risk Assessment – Linda Cornwall EGI TF12 26

EGI-InSPIRE RI Threats of highest impact value Authentication and Authorization Infrastructure compromised Impact = 4.2 Resources used for on-line attacks to external parties Impact = 4.1 Reputation damage due to security incidents Impact = 4.0 1/3/2016 EGI Security Threat Risk Assessment – Linda Cornwall EGI TF12 27

EGI-InSPIRE RI Another threat highlighted After discussion Trusted staff, employees or ex-employees act in inappropriate manner We have tended to assume all trusted staff are trustworthy (site admins, CA admins etc.) Agree a lot of damage could be done if one wasn’t 1/3/2016 EGI Security Threat Risk Assessment – Linda Cornwall EGI TF12 28

EGI-InSPIRE RI Still to do – Tidy the spreadsheet and make more suitable for management/wider project distribution Consider distribution of final report Possibly to wider project audience Possibly distribute summary spreadsheet more widely More on mitigation of the highest risk and highest impact threats 1/3/2016 EGI Security Threat Risk Assessment – Linda Cornwall EGI TF12 29

EGI-InSPIRE RI EGI Review 2012 D4.4 approved Recommended that this document is kept under review and refined as circumstances change Security threat risk assessment Good first step Should be private We had thought we’d do another 18 months later This plan supported by the reviewers 1/3/2016 EGI Security Threat Risk Assessment – Linda Cornwall EGI TF12 30

EGI-InSPIRE RI Questions? ?? 1/3/2016 EGI Security Threat Risk Assessment – Linda Cornwall EGI TF12 31

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.