Download presentation
Presentation is loading. Please wait.
1
www.egi.eu EGI-InSPIRE RI-261323 EGI-InSPIRE www.egi.eu EGI-InSPIRE RI-261323 EGI Security Policy Group Summary EGI TF David Kelsey 6/28/2015 1
2
www.egi.eu EGI-InSPIRE RI-261323 SPG session See slides at SPG session today https://www.egi.eu/indico/sessionDisplay.py?se ssionId=55&slotId=0&confId=48#2010-09-16https://www.egi.eu/indico/sessionDisplay.py?se ssionId=55&slotId=0&confId=48#2010-09-16 Many more details available there
3
www.egi.eu EGI-InSPIRE RI-261323 Status and history The current EGI Security Policy is available on the SPG wiki https://wiki.egi.eu/wiki/SPG https://wiki.egi.eu/wiki/SPG Policies from the Joint (EGEE/WLCG) Security Policy Group have been imported into new EGI templates –No change to wording –Except for titles of and links to documents Adopted by EGI (from 1 st May 2010) 16/9/2010 3Kelsey/Security Policy Group
4
www.egi.eu EGI-InSPIRE RI-261323 7 Mar 2010 Kelsey, Security Policy Security Policy Site & VO Policies Certification Authorities Traceability and Logging Security Incident Response Accounting Data Privacy Pilot Jobs and VO Portals Grid & VO AUPs JSPG Security Policies
5
www.egi.eu EGI-InSPIRE RI-261323 SPG Terms of Reference and Procedures 16/9/2010 Kelsey/Security Policy Group5
6
www.egi.eu EGI-InSPIRE RI-261323 Terms of Reference Draft SPG Terms of Reference have been produced See... https://wiki.egi.eu/wiki/SPGhttps://wiki.egi.eu/wiki/SPG Discussed today New version soon Comments and suggestions are welcome 16/9/2010 6Kelsey/Security Policy Group
7
www.egi.eu EGI-InSPIRE RI-261323 Terms of Ref (2) SPG Purpose and Responsibilities Develop and maintain Security Policy –For use by EGI and NGIs –Defines expected behaviour of NGIs, Sites, Users and others –To facilitate the operation of a secure and trustworthy DCI May also provide policy advice on any security matter related to operations 16/9/2010 7Kelsey/Security Policy Group
8
www.egi.eu EGI-InSPIRE RI-261323 Terms of Ref (3) Where possible SPG should prepare simple and general policies –Of use to other Grids and DCIs (global) –Adoption of common policies eases interoperability SPG does not formally approve policy –EGI.eu Executive Board (and Council?) –And management bodies of NGIs Topics for consideration can be specified either by EGI management or SPG SPG may create focused sub-groups 16/9/2010 8Kelsey/Security Policy Group
9
www.egi.eu EGI-InSPIRE RI-261323 SPG Procedures To produce a new/revised policy (MS209) Tasks: –Write internal draft (editorial team) –Discuss within SPG –Prepared updated external draft –Consult stakeholders –Prepare updated final call draft –SPG agrees version for approval –Policy approval 16/9/2010 9Kelsey/Security Policy Group
10
www.egi.eu EGI-InSPIRE RI-261323 SPG Tasks for Year 1 16/9/2010 Kelsey/Security Policy Group10
11
www.egi.eu EGI-InSPIRE RI-261323 Immediate work Firm up SPG membership –Nominated by NGIs and EIROs –Other DCIs, experts welcome –Please contact me Populate mail list Complete ToR and MS209 procedures Both will be sent to the mail list for final comment 16/9/2010 11Kelsey/Security Policy Group
12
www.egi.eu EGI-InSPIRE RI-261323 Work for year 1 To date there have been no requests from EGI management for SPG to study particular policy issues –Except for some comments from EB Revise top-level policy document Trustworthy Virtual Machines? Policy Framework (standards) –Security incident response Discussed other possible topics –Data protection/privacy, Liability,... 16/9/2010 Kelsey/Security Policy Group12
13
www.egi.eu EGI-InSPIRE RI-261323 Questions?
Similar presentations
