Lessons Learned from disaster recovery Jinny Chien April 20, 2009 6 th APGridPMA in Taipei.

Slides:



Advertisements
Similar presentations
Usage of PGP in TACAR 19th OGF Meeting Chapel Hill, USA February 1, 2007 Licia Florio Project Development Officer
Advertisements

Updates of the APGrid PMA Catania March 3, 2009 Yoshio Tanaka APGridPMA Chair, AIST, Japan.
© 2007 Open Grid Forum CAOPS-WG Christos Kanellopoulos - Yoshio Tanaka Security Area coordination & outreach OGF25, Catania March 2 nd – 3 rd, 2009.
Academia Sinica Grid Computing Certification Authority (ASGCCA) Jinny Chien.
1 ASGCCA Self-Audit Report APGridPMA Jinny Chien March
CNIC Grid CA/SDG CA Self Audit Kejun (Kevin) Dong Computer Network Information Center (CNIC) Chinese Academy of Sciences APGridPMA F2F.
EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI EGI - Identity Management Steven Newhouse Director, EGI.eu Federated Identity.
Authorization WG Update David Kelsey EU Grid PMA, Copenhagen 27 May 2008.
4 th APGrid PMA F2F Meeting Academia Sinica, Taipei, Taiwan April 8, 2008 Agendahttp:// Call for note takers!
1 REUNA Certificate Authority Juan Carlos Martínez REUNA Chile Rio de Janeiro,27/03/2006, F2F meeting, TAGPMA.
National Institute of Advanced Industrial Science and Technology Auditing, auditing template and experiences on being audited Yoshio Tanaka
Summer School Certificates Diego Romano & Gilda Team.
CVE , lessons learned and actions David Groep, Nov 7 nd, 2008.
EGI-Engage Recent Experiences in Operational Security: Incident prevention and incident handling in the EGI and WLCG infrastructure.
What if you suspect a security incident or software vulnerability? What if you suspect a security incident at your site? DON’T PANIC Immediately inform:
INFSO-RI Enabling Grids for E-sciencE Incident Response Policies and Procedures Carlos Fuentes
CILogon OSG CA Mine Altunay Jim Basney TAGPMA Meeting Pittsburgh May 27, 2015.
NECTEC-GOC CA APGrid PMA face-to-face meeting. October, Sornthep Vannarat National Electronics and Computer Technology Center, Thailand.
OSG Security Review Mine Altunay June 19, June 19, Security Overview Current Initiatives  Incident response procedure – top priority (WBS.
How to evaluate ICT use for small organisations Session 2.
What if you suspect a security incident or software vulnerability? What if you suspect a security incident at your site? DON’T PANIC Immediately inform:
The CA Distribution Process David Groep, July 2007.
Blueprint Meeting Notes Feb 20, Feb 17, 2009 Authentication Infrastrusture Federation = {Institutes} U {CA} where both entities can be empty TODO1:
SECURITY MANAGEMENT Key Management in the case of public-key cryptosystems, we assumed that a sender of a message had the public key of the receiver at.
Deployment Issues David Kelsey GridPP13, Durham 5 Jul 2005
OSG Security Review Mine Altunay December 4, 2008.
WLCG Security: A Trust Framework for Security Collaboration among Infrastructures David Kelsey (STFC-RAL, UK) CHEP2013, Amsterdam 17 Oct 2013.
IHEP Grid CA Status Report Gongxing Sun F2F Meeting 20 Apr Computing Centre, IHEP,CAS,China.
IHEP Grid CA Status Report Wei F2F Meeting 8 Mar Computing Centre, IHEP,CAS,China.
User Certificate Application: ASGCCA. Agenda Introduction ASGCCA User Responsibilities Certificate application form RA verify identity of users User generate.
EGEE-III INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks David Kelsey RAL/STFC,
Training and Dissemination Enabling Grids for E-sciencE Jinny Chien, ASGC 1 Training and Dissemination Jinny Chien Academia Sinica Grid.
Profile for Portal-based Credential Services (POCS) Yoshio Tanaka International Grid Trust Federation APGrid PMA AIST.
Sam Morrison APAC CA – APGridPMA - ISGC2010 APAC CA Self Audit and status update Sam Morrison ARCS.
Academia Sinica Grid Computing Certification Authority (ASGCCA)
KISTI Grid CA Operation KISTI Supercomputing Center Sangwan Kim, Soonwook Hwang CA Operators Contact: Jan. 8, 2007.
Academia Sinica Grid Computing Certification Authority (ASGCCA) Jinny Chien.
National Institute of Advanced Industrial Science and Technology Some topics from the OGF20 and the EUGrid PMA F2F Meeting Yoshio Tanaka Grid Technology.
Academia Sinica Grid Computing Certification Authority (ASGCCA) Jinny Chien April 20, th APGridPMA in Taipei.
A Trust Framework for Security Collaboration among Infrastructures David Kelsey (STFC-RAL, UK) 1 st WISE, Barcelona 20 Oct 2015.
A Trust Framework for Security Collaboration among Infrastructures David Kelsey (STFC-RAL, UK) WLCG GDB, CERN 10 Jul 2013.
Opening Remarks and Updates of the APGrid PMA 5 th APGridPMA September 16, 2008 Yoshio Tanaka APGridPMA Chair, AIST, Japan.
APGrid PMA face-to-face meeting, 9/16/2008 PRAGMA-UCSD CA Team Pacific Rim Application and Grid Middleware Assembly
Security Policy Update WLCG GDB CERN, 14 May 2008 David Kelsey STFC/RAL
WLCG Authentication & Authorisation LHCOPN/LHCONE Rome, 29 April 2014 David Kelsey STFC/RAL.
Training and Dissemination Enabling Grids for E-sciencE Jinny Chien, ASGC 1 Training and Dissemination Jinny Chien Academia Sinica Grid.
Monitoring Guy Warner NeSC Training.
FP6−2004−Infrastructures−6-SSA E-infrastructure shared between Europe and Latin America The Latin American Catch-all Grid Certification.
Update of APGridPMA APGridPMA Meeting Academia Sinica, Taiwan 22 March,
Baltic Grid Certification Authority 15th EUGridPMA, January 28th 2009, Nicosia1 Self-audit Hardi Teder EENet.
TR-GRID CA Self-Auditing Results and Status Update EUGridPMA Meeting September 12-14, 2011 Marrakesh Feyza Eryol, Onur Temizsoylu TUBITAK-ULAKBIM
BG.ACAD CA HTTP :// CA. ACAD. BG S ELF - AUDIT REPORT 2014 Vladimir Dimitrov IICT-BAS ( 32 nd EUGridPMA Meeting Poznan, 8-10.
EGEE-II INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks Security aspects (based on Romain Wartel’s.
Security Bob Cowles
18 th EUGridPMA, Dublin / SRCE CA Self Audit SRCE CA Self Audit Emir Imamagić SRCE Croatia.
Academia Sinica Grid Computing Certification Authority F2F interview (Malaysia )
Update of APGridPMA Eric Yen 25 th EUGridPMA & IGTF All Hands Meeting KIT, Germany 7 May, 2012.
Dr. Gerry Firmansyah CID Business Continuity and Disaster Recovery Planning for IT (W-XI)
Updates of APGrid PMA 18 th EUGridPMA Meeting 18 th EUGridPMA Meeting 18 January, 2010 Eric Yen ASGCCA Taiwan.
IRAN-GRID CA Self Audit IRAN-GRID CA Self Audit Report Shahin Rouhani IRAN-GRID Tehran Iran Shahin Rouhani Grid Computation Group IPM, Tehran, Iran May.
AEGIS Certification Authority
LCG Security Status and Issues
Guidelines for auditing Grid CAs
EGEE Asia Pacific Regional Operation Center
The IGTF Charter Name uniqueness throughout the IGTF is anchored in the Charter Current Charter assigns a namespace to an Authority, implying that the.
SHA-2 Migration status David Groep Nikhef Nikhef, Amsterdam
Emir Imamagić University Computing Centre (Srce)
Bill Yau HKU Grid Certificate Authority (HKU Grid CA) Self Audit & Status Report Bill Yau
Program of IGTF All-Hands Meeting on 1 April 2019
BG.ACAD CA Self-audit report 2018
Presentation transcript:

Lessons Learned from disaster recovery Jinny Chien April 20, th APGridPMA in Taipei

Motivation ASGCCA encountered the accident in February and how to avoid the same situation happening Do we have sufficient backup procedure Is our CA server at the safe place Do we have the standard policy or incident response procedure to introduce the recovery

ASGCCA Event Time : 9:00 Feb UTC Event description : the unexpected accident on the part of data center at ASGC, all on-line services were shut down including ASGCCA web server. Result : ASGCCA certificate activities were down. CRL did not publish in time.

Process  9:00 Feb 25 UTC : Sent an EGEE broadcast to all ROC managers, VO managers, WLCG users, APGridPMA members, ASGCCA users  2:00 Feb 26 UTC : Sent an announcement to IGTF-RAT and IGTF-general lists. Try to recover ASGCCA web page  12:00 Feb 26 UTC: Moved ASGCCA web and CA server (offline) to the safe place and connected to the Internet.  16:00 Feb 26 UTC : ASGCCA web site was up. Sent the announcement to IGTF-RAT, IGTF-general and ASGCCA user lists

Review the process  Feb UTC ASGCCA web was down and sent an announcement to APGridPMA, ASGCCA users, IGTF-RAT, IGTF-general  Feb 26 UTC : Recovered and ASGCCA web site was up. Sent the final announcement and checked all CA activities well.  Total process is two days

Basic Recovery procedure Evaluate the scope of this disaster and how many days to recover Send the notification to IGTF-RAT, IGTF-general, APGridPMA members and your end entities. The matter should be described the disaster and schedule Recovery activities Check all CA activities well and CRL will be published regularly Re-work and send the final announcement to IGTF-RAT, APGridPMA member, IGTF and your end entities.

IGTF-RAT The International Grid Trust Federation (IGTF) Risk Assessment Team (RAT) is responsible for assessing risk and setting time and deadlines for response and action for concerns and vulnerabilities.International Grid Trust Federation address: Members: APGridPMA: Yoshio Tanaka, Jinny Chien EUGridPMA: Jens Jensen, Willy Weisz, David Groep, Sajjad Asghar TAGPMA: Jim Basney, Vinod Rebello, Jim Marsteller Public webpage

Conclusion Please backup the CA server and web regularly The backup archive should be kept at the safe place Write down the recovery procedure for your CA activities

Discussion if the CA server and web destroy at the same time? To evaluate the disaster and plan a schedule Ask for help to IGTF-RAT Should we have the incident response procedure ? What is the time range if CA encounters any accident?

Thanks for your listening

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.