Download presentation
Presentation is loading. Please wait.
Published byJerome Newton Modified over 8 years ago
1
www.egi.eu EGI-InSPIRE RI-261323 SPG Tasks for Year 2011 Jan 2011 Kelsey/Security Policy Group1
2
www.egi.eu EGI-InSPIRE RI-261323 Work for year 1 To date there have been no formal requests from EGI management for SPG to study particular policy issues –Except for some comments from EB –And Steven talking about Virtualisation at SCG meeting Jan 2011 Kelsey/Security Policy Group2
3
www.egi.eu EGI-InSPIRE RI-261323 Policy issues from EB Comments received during EB review –Definition of Pseudonymous Web User not clear In VO Portal Policy –Top-Level policy uses different approach to references from other documents –Some use RFC2119 “MUST”, “SHOULD” etc, some do not Jan 2011 3Kelsey/Security Policy Group
4
www.egi.eu EGI-InSPIRE RI-261323 Document revision The oldest document is the top-level main Security Policy I think we should start with that –Avoid overlap with policy sub-documents –Make applicable to new EGI/NGI world –And of use to other DCIs –Review style of references (inline or not?) An important review –Sets approach for all our future work Jan 2011 4Kelsey/Security Policy Group
5
www.egi.eu EGI-InSPIRE RI-261323 VM Endorsement There is a particle physics (HEPiX) working group on Virtualisation This has produced a draft security policy on the Endorsement of Trusted Virtual Machine Images –https://edms.cern.ch/document/1080777/https://edms.cern.ch/document/1080777/ Steven has suggested we look at this topic more generally Jan 2011 5Kelsey/Security Policy Group
6
www.egi.eu EGI-InSPIRE RI-261323 Policy framework During the last year of JSPG Discussed the development of a policy framework for collaborating Grids A way of defining policy standards required for trustworthy interoperation –Not policy words –List of policy components that must be addressed We should do more on this –Good way of interacting with many DCIs –WLCG is looking at Security Incident Response Jan 2011 6Kelsey/Security Policy Group
7
www.egi.eu EGI-InSPIRE RI-261323 Other areas of weakness Clear definition of responsibility and liability Treatment of data protection, data privacy –Some have asked for policy on storage accounting What can we do to improve policies for VRCs? Others? Jan 2011 7Kelsey/Security Policy Group
8
www.egi.eu EGI-InSPIRE RI-261323 Discussion Jan 2011 8Kelsey/Security Policy Group
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.