Presentation is loading. Please wait.

Presentation is loading. Please wait.

Incident Response Plan for the Open Science Grid Grid Operations Experience Workshop – HEPiX 22 Oct 2004 Bob Cowles – Work.

Published byKathlyn Paul Modified over 8 years ago

Similar presentations

Presentation on theme: "Incident Response Plan for the Open Science Grid Grid Operations Experience Workshop – HEPiX 22 Oct 2004 Bob Cowles – Work."— Presentation transcript:

1 Incident Response Plan for the Open Science Grid Grid Operations Experience Workshop – HEPiX 22 Oct 2004 Bob Cowles – bob.cowles@slac.stanford.edu Work supported by U. S. Department of Energy contract DE-AC02-76SF00515

2 22 Oct 2004 OSG Incident Response 2 Principles OSG is a with little central control or resources – almost everything has to be done by the sites or the VOs Sites security personnel will need to feel comfortable with grid use of resources –limited additional risks –local control over decisions

3 22 Oct 2004 OSG Incident Response 3 Centrally Provided List of site security points of contact Secure email communications Incident Tracking system Functions of the Grid Operations Center (GOC) Coordinate with other GOCs

4 22 Oct 2004 OSG Incident Response 4 Site Responsibilities – 1 Have a site incident response plan in place (logs, evidence) Report grid-related incidents (hi- priority list) Remove compromised servers Refer press contacts to OSG Public Relations

5 22 Oct 2004 OSG Incident Response 5 Site Responsibilities – 2 Report follow-up to email discussion list and Incident Tracking System Take appropriate care with sensitive material collected Provide appropriate law enforcement with materials for coordination, investigation and prosecution

6 22 Oct 2004 OSG Incident Response 6 Incident Classification Potential to compromise grid infrastructure Potential to compromise grid service or VO Potential to compromise grid user

7 22 Oct 2004 OSG Incident Response 7 Response Teams Self-organized body of volunteers Mailing list maintained by GOC Team organized for severe or complex incidents Team leader to coordinate efforts and maintain information flow with GOC and public relations

8 22 Oct 2004 OSG Incident Response 8 Incident Handling – 1 Discovery and reporting –local procedures & GOC list notified Triage –verify incident and perform classification Containment –remove resources, services, users Initial notification –record known information in tracking system Analysis and Response

9 22 Oct 2004 OSG Incident Response 9 Incident Handling – 2 Tracking and progress notification –updates on discussion list & tracking system Escalation –form IRT if complex or widespread Reporting –CERTs, law enforcement, other GOCs, etc. Public Relations Post-incident analysis

10 22 Oct 2004 OSG Incident Response 10 Timeline Jun 04– Security TG formed Jul 04– IR Activity formed Sep 04– First draft of plan reviewed Oct 04– Coordinate with EGEE/LCG Nov 04– Present plan at 2 nd EGEE mtg Dec 04– Implementation Jan 05– Implementation & testing Feb 05– OSG-0; EGEE Review

11 22 Oct 2004 OSG Incident Response 11 The Plan http://computing.fnal.gov/docdb/osg_documents//Static/Lists//FullLi st.html www.opensciencegrid.org click on “Documents” click on “Search the database and read documents” click on “OSG Secuirty Incident Handling and Response”

Download ppt "Incident Response Plan for the Open Science Grid Grid Operations Experience Workshop – HEPiX 22 Oct 2004 Bob Cowles – Work."

Similar presentations

LCG/EGEE/OSG Security Incident Response Grid Operations workshop CERN, 2 November 2004 David Kelsey CCLRC/RAL, UK

LCG/EGEE/OSG Security Incident Response Grid Operations workshop CERN, 2 November 2004 David Kelsey CCLRC/RAL, UK
SL21 Information Security Board Mission, Goals and Guiding Principles.

SL21 Information Security Board Mission, Goals and Guiding Principles.
Grid Security Users, VOs, Sites OSG Collaboration Meeting University of Washington Bob Cowles August 23, 2006 Work supported.

Grid Security Users, VOs, Sites OSG Collaboration Meeting University of Washington Bob Cowles August 23, 2006 Work supported.
INFSO-RI-508833 Enabling Grids for E-sciencE Update on LCG/EGEE Security Policy and Procedures David Kelsey, CCLRC/RAL, UK

INFSO-RI Enabling Grids for E-sciencE Update on LCG/EGEE Security Policy and Procedures David Kelsey, CCLRC/RAL, UK
Sandia is a multi-program laboratory operated by Sandia Corporation, a Lockheed Martin Company, for the United States Department of Energy’s National Nuclear.

Sandia is a multi-program laboratory operated by Sandia Corporation, a Lockheed Martin Company, for the United States Department of Energy’s National Nuclear.
Fermi Computer Incident Response Team Computer Security Awareness Day March 8, 2005 Michael Diesburg.

Fermi Computer Incident Response Team Computer Security Awareness Day March 8, 2005 Michael Diesburg.
INFSO-RI-508833 Enabling Grids for E-sciencE Incident Response Policies and Procedures Carlos Fuentes

INFSO-RI Enabling Grids for E-sciencE Incident Response Policies and Procedures Carlos Fuentes
Operational Security Working Group Topics Incident Handling Process –OSG Document Review & Comments:

Operational Security Working Group Topics Incident Handling Process –OSG Document Review & Comments:
CILogon OSG CA Mine Altunay Jim Basney TAGPMA Meeting Pittsburgh May 27, 2015.

CILogon OSG CA Mine Altunay Jim Basney TAGPMA Meeting Pittsburgh May 27, 2015.
OSG Operations and Interoperations Rob Quick Open Science Grid Operations Center - Indiana University EGEE Operations Meeting Stockholm, Sweden - 14 June.

OSG Operations and Interoperations Rob Quick Open Science Grid Operations Center - Indiana University EGEE Operations Meeting Stockholm, Sweden - 14 June.
EGEE ARM-2 – 5 Oct 2004 - 1 LCG Security Coordination Ian Neilson LCG Security Officer Grid Deployment Group CERN.

EGEE ARM-2 – 5 Oct LCG Security Coordination Ian Neilson LCG Security Officer Grid Deployment Group CERN.
Publication and Protection of Site Sensitive Information in Grids Shreyas Cholia NERSC Division, Lawrence Berkeley Lab Open Source Grid.

Publication and Protection of Site Sensitive Information in Grids Shreyas Cholia NERSC Division, Lawrence Berkeley Lab Open Source Grid.
GGF12 – 20 Sept 2004 - 1 LCG Incident Response Ian Neilson LCG Security Officer Grid Deployment Group CERN.

GGF12 – 20 Sept LCG Incident Response Ian Neilson LCG Security Officer Grid Deployment Group CERN.
GGF Fall 2004 Brussels, Belgium September 20th, 2004 James Marsteller Pittsburgh Supercomptuing Center

GGF Fall 2004 Brussels, Belgium September 20th, 2004 James Marsteller Pittsburgh Supercomptuing Center
Office of the CIO EITS The University of Georgia.

Office of the CIO EITS The University of Georgia.
Security Policy Update LCG GDB Prague, 4 Apr 2007 David Kelsey CCLRC/RAL

Security Policy Update LCG GDB Prague, 4 Apr 2007 David Kelsey CCLRC/RAL
EGEE-III INFSO-RI-222667 Enabling Grids for E-sciencE EGEE and gLite are registered trademarks David Kelsey RAL/STFC,

EGEE-III INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks David Kelsey RAL/STFC,
CU – Boulder Security Incidents Jon Giltner. Our Challenge.

CU – Boulder Security Incidents Jon Giltner. Our Challenge.
LCG/EGEE Security Operations HEPiX, Fall 2004 BNL, 22 October 2004 David Kelsey CCLRC/RAL, UK

LCG/EGEE Security Operations HEPiX, Fall 2004 BNL, 22 October 2004 David Kelsey CCLRC/RAL, UK
15-Dec-04D.P.Kelsey, LCG-GDB-Security1 LCG/GDB Security Update (Report from the Joint Security Policy Group) CERN 15 December 2004 David Kelsey CCLRC/RAL,

15-Dec-04D.P.Kelsey, LCG-GDB-Security1 LCG/GDB Security Update (Report from the Joint Security Policy Group) CERN 15 December 2004 David Kelsey CCLRC/RAL,

Similar presentations

Ads by Google