Presentation is loading. Please wait.

Presentation is loading. Please wait.

Dr Linda Cornwall STFC/RAL EGI OMB 27th September 2013

Similar presentations


Presentation on theme: "Dr Linda Cornwall STFC/RAL EGI OMB 27th September 2013"— Presentation transcript:

1 Dr Linda Cornwall STFC/RAL EGI OMB 27th September 2013
EGI CSIRT Procedure for Compromised Certificates and Central Security Emergency Suspension – request for approval Dr Linda Cornwall STFC/RAL EGI OMB 27th September 2013 7/29/2019

2 Contents Why a procedure – reminder Main changes to document
Central Security Emergency suspension Why is it so difficult to agree Request for approval Linda Cornwall.

3 Why a procedure? When a situation occurs, and a certificate is compromised, EGI CSIRT needs to have a procedure in place Act in an agreed manner Saves time, know what to do Protects sites quickly We are now on 11th version of this procedure

4 Types of Certificate which may be compromised
User certificate Most common case Emergency suspension may apply Host or service certificate Robot certificate Similar to the User certificate CA compromise 7/29/2019

5 Document re-structured
Section 2 contains the Compromised User Certificate procedure Includes Central Security Emergency Suspension Also applies to compromised Robot certificates ‘Short’ - refers to details and explanations in other sections Section 3 contains Compromised Host or Service certificate procedure Section 4 compromised CA

6 Section 5 – Central Security Emergency Suspension
This is now discussed in section 5. The need for security emergency suspension to be carried out by EGI CSIRT is to protect sites from malicious and other mis-use Most likely reason is the certificate is linked to malicious jobs or a security incident Also if certificate has been exposed, e.g. proxy placed on a web page

7 Central security emergency suspension (2)
For proper incident response EGI-CSIRT needs a mechanism to quickly suspend a DN involved in an incident Infrastructure wide Central security emergency suspension provides this Sites are protected quickly, e.g. during an incident which occurs out of hours Suspension list under the control of EGI CSIRT and WLCG CSIRT – no involvement of 3rd parties A DN can be re-instated quickly 7/29/2019

8 Central Security emergency suspension (3)
Emergency suspension must be at CSIRT discretion, cannot think of all possible criteria. Use common sense. Carried out in conjunction with the EGI Security incident handling procedure Info on types of criteria in document Emphasize this is separate from certificate revocation

9 NOT a ‘blacklist’ of users
Central Security Emergency suspension does NOT imply fault on the certificate owner’s part A system may have been compromised containing the certificate A proxy may have been exposed by a vulnerability and used by a malicious user 7/29/2019

10 Emergency suspension vs. revocation
Some comments said we were confusing these two Clear in our minds, probably not clear enough in document Emphasized the difference EGI CSIRT may carry out central security emergency suspension CAs carry out revocation But it may be necessary for certificate to be revoked and re-issued before restoring access to a user 7/29/2019

11 Main changes to document - contd
Section 6 provides more details and info on handling compromised user certificates Section 7 provides more details and info on compromised robot and multi-user certificates These sections are referred to in the ‘shorter’ procedures.

12 Why is it so difficult to agree?
Some want certainty Defined procedure always follow Some want discretion There are likely to be emergencies/situations which have not been anticipated So - Simple procedure usually carried out steps may be ‘skipped’ if not appropriate Incident handling people have to have discretion to do what is necessary to contain incident

13 Why is it so difficult to agree (2)?
Some want certainty that an ‘innocent’ user is never suspended Can’t guarantee this System containing credentials may have been compromised Emphasize that suspension does NOT imply user at fault Imagine Central Security Emergency Suspension is likely to be quite rare a few incidents per year

14 Now we think the document:-
Clearer after the re-structuring Especially section 2 Taken account of comments from OMB members and discussed widely within CSIRT/OMB It’s well iterated And Central Security Emergency Suspension is (almost) ready

15 Request for approval Therefore, approval of this document is requested

16 Comments, questions…. ?? 7/29/2019

17 Notes. 7/29/2019


Download ppt "Dr Linda Cornwall STFC/RAL EGI OMB 27th September 2013"

Similar presentations


Ads by Google