Download presentation
Presentation is loading. Please wait.
Published byAnn Patterson Modified over 9 years ago
1
OSG Security Review Mine Altunay December 4, 2008
2
31 Jan 2008 2 Security Overview Current Initiatives OSG Security Roadmap AuthN: Certificate Authorities distribution problem(WBS 2.1.1 and 2.1.9 and 2.1.9.1) AuthZ needs: MyProxy certificate renewal and lifetimes, Additional Banning Features and ca mgmt tool – requests from site admins at SLAC Technical and operational needs for long and short term (WBS 2.1.4) Incident Mitigation Plans (WBS 2.3). Comm. with site admins (Aashish) Monitoring, security related RSV probes More fire drills and site education (WBS 2.1). Aashish and Igor will set up fire drills. Policy work Top-level Grid Policy, OSG Registration Policy and procedures Risk assessment (WBS 2.1.4, 2.3) Accomplishments Since Last Report Privacy Policy & Approval of CA Policy have been completed and sent to EB. Jim set up periodic meetings with Miron and Ruth to discuss fundamental security issues Security plan revision against NIST guidelines completed. Security controls are being completed. New surveys for core assets are partially completed CA management tool for OSG site admins are completed, tested and integrated into VDT. Ready for next release Banning capability into GUMS is implemented. Ready for the release. Great feedback at SLAC on CA mgmt tool and banning feature
3
31 Jan 2008 3 Security Overview Accomplishments Since Last Report Security oriented RSV probes are defined. Central probes are almost finished (Anand). Site probes are Arvind’s. Weekly gratia reports to VO admins are generated and sent each week. This is being transitioned to Gratia soon Proxy clean-up work has completed and initiated similar work in EGEE Operational work continues CA distribution service transfer. February is set as a deadline. Has not finalized yet Education was assigned to Doug, but he was out so this is stalled Desired security interactions with software providers is written CHEP Review Committee, reviewed 12 submissions and sent a submission on behalf of OSG Incident Response procedure is set up and is ready to sent to EB IGTF CA incident response team and evaluation (Jim)
4
31 Jan 2008 Security Overview Issues / Concerns Effort is not an issue. It was when Doug first left for medical leave. Jim does RA work. Aashish and Anand helped greatly I spend time in software tools group. I have to be careful Igor, Aashish and Anand helps. Total of 2.50 FTE. 4
5
31 Jan 2008 5 Security Overview Current Initiatives (6/08) Incident response procedure – top priority (WBS 2.1.2 and 2.3.) OSG Registration Policy and Requirements from members (WBS 2.3.1) OSG Core Assets/Software in VDT Stack (WBS 2.1.7) DOEGrids RA workflow – introducing requested notifications (WBS 2.2) VO incident response teams (WBS 2.1.1 and 2.1.2) Command Line Security Management Tools (WBS 2.1.1) Banning tool requirements. With CDIGS. (WBS 2.1.9) Including OSG Staff contact info into OIM (WNBS 2.1.1 and 2.1.2) Grid Tactical Plan (FNAL) and MOU with VO services/Privilege Project (WBS 2.1.9) ST&E control deadlines are approaching (WBS 2.1.1) Current Initiatives (3/08) OSG Security roadmap Technical and operational needs for long and short term (WBS 2.1.4) Incident Mitigation Plans (WBS 2.3) AuthN needs: GSI auth problems, CRLs, proxy clean up and VOMS-GUMS authN AuthZ needs: Banning tool, Uniform FQAN, MyProxy, AC validation More fire drills and site education (WBS 2.1) Forensics -- splunk, incident training Certify tool Policy work JSPG and OSG policies – incident response policy has priority (WBS 2.1.2 and 2.3.) Revising old security plan against NIST guidelines (WBS 2.1.4) Risk assessment (WBS 2.1.4, 2.3)
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.