Presentation is loading. Please wait.

Presentation is loading. Please wait.

EGEE04 Pisa 27 Oct 2005 - 1 Planning for emergencies Grid security, just another case for emergency preparation? Pål S. Anderssen CERN - IT.

Published byHubert Hamilton Modified over 9 years ago

Similar presentations

Presentation on theme: "EGEE04 Pisa 27 Oct 2005 - 1 Planning for emergencies Grid security, just another case for emergency preparation? Pål S. Anderssen CERN - IT."— Presentation transcript:

1 EGEE04 Pisa 27 Oct 2005 - 1 Planning for emergencies Grid security, just another case for emergency preparation? Pål S. Anderssen CERN - IT

2 EGEE04 Pisa 27 Oct 2005 - 2 Planning for emergencies The LHC Computing Grid (LCG) will be an important element for the processing of the data from the detectors of the LHC accelerator The agreement between the collaborating institutes and CERN are laid down in a Memorandum of Understanding (MoU) During LHC data taking, the MoU requires 99% uptime for the links which connect CERN to 12 Grid sites Security is perceived as one significant risk factor Provoked a discussion in the Joint Security Policy Group (JSPG) Motivation

3 EGEE04 Pisa 27 Oct 2005 - 3 LHC T1 Planning for emergencies yearly availability up-time down- time lingo[%][hour] [min][day] 1008760--- 5 x 999.9998759.9-5 - 4 x 999.998759.1152- 3 x 999.98751.28.765250.4 2 x 9998672.487.652563.7 1 x 99078848765256036.5 The layman’s availability sheet Availability is a component of the service level agreement Reliance on human intervention possible Redundant self–healing infrastructure Do we have the means to match the requirements with our service model in case of possible types of incidents?

4 EGEE04 Pisa 27 Oct 2005 - 4 Planning for emergencies Overview of possible types incidents: Outages of supporting services Supply of electricity Environmental control Destruction Physical force Heat, fire Chemicals Water Abuse Broken confidentiality Compromised integrity Denial of access Unauthorized use of resources Grid information assets are at risk

5 EGEE04 Pisa 27 Oct 2005 - 5 Planning for emergencies Outages of supporting services Many sites have been hit Can be caused by off-site events Can be mitigated by redundant supply lines and redundant on-site installations Impact on reputation and budget - Downtime Call for contingency services Extra cost for restoration of service Extra cost for transition back to normal service

6 EGEE04 Pisa 27 Oct 2005 - 6 Planning for emergencies Destruction Rare, mostly unpredictable Catches the operation utterly unprepared Effects can be disastrous when several factors are combined Injury to people Permanent damage to infrastructure Access to premises may be restricted

7 EGEE04 Pisa 27 Oct 2005 - 7 Planning for emergencies Abuse Management controls include safeguards and countermeasures to protect – Integrity Confidentiality Availability - of the information assets Are the controls effective on the Grid today? Breaches of security may go un-noticed Confusing motivation of intruding party – Hamper operation, denial of service Enrichment, theft of information Unauthorized use of infrastructure Can controls be automated in order to enhance availability? Perhaps security vulnerabilities are of a different, more complex nature Severe security breaches reinforce the call for an emergency strategy to be prepared in advance

8 EGEE04 Pisa 27 Oct 2005 - 8 Planning for emergencies Scale of impact from incidents in a publicly funded research establishment Injury Major impact on Reputation and Budget Minor impact on Reputation or Budget Impact of disasters

9 EGEE04 Pisa 27 Oct 2005 - 9 LCG/EGEE Planning for emergency Brief from the September 2005 meeting of the Joint Security Policy Group (JSPG)

10 EGEE04 Pisa 27 Oct 2005 - 10 JSPG September 2005 Emergency procedures are required to cover the following cases: Incident response plans cannot be followed: critical parts of the infrastructure are unavailable (e.g. mailing lists) Incident response plans are inappropriate: E.g. need to rapidly inform large parts of the community, beyond the security contacts, and incident communication channels are compromised Examples Major power cut at Site A lasted several days Cable cut network access to Site B Major worm disrupted network access at Site C Security incident blocks user access to accounts at Site D Wide area exploit of the (homogeneous) security fabric When are emergency procedures required?

11 EGEE04 Pisa 27 Oct 2005 - 11 JSPG September 2005 Out-of-band communication channels Alternative service providers (Internet, telephony) Alternative contact details (e-mail, chat, …) Alternative technology Clear decision-making roles There is no time for consensus during a crisis Usual decision making process needs to be bypassed Clear information flow and roles For at least management, users, the press Reduce the risk of mis-communication Disaster Recovery Plan Definition of critical infrastructure to be kept running or repaired quickly Dependencies and sequence must be clear for restoring services Mailing lists (at CERN) are key to restoring communication What is needed in an emergency?

12 EGEE04 Pisa 27 Oct 2005 - 12 JSPG September 2005 Define an emergency advisory committee? Members, mandate Goal is to ensure rapid and appropriate decisions Assure information flow E.g. update DNS servers to point to temporary (web) servers Pre-record messages on telephone help services Prepare alternative communication channels E.g. commercial conference call facilities Alternative Internet providers (e-mail addresses, chat, phone,…) When/do we return to normal Incident Response? Some ideas to stimulate discussion

13 EGEE04 Pisa 27 Oct 2005 - 13 Planning for emergencies Incidents will occur Over time, responses to re-occurring incidents find their way into operational procedures This is also the case for security breaches Sites have in place procedures to handle minor, local cases of abuse LCG/EGEE Grid security problems, above a certain level of severity, call for the formal Incident Response Handling (IRH) The incident may have impact beyond the local site Reporting channels are prepared in advance The IRH relies on a minimum of the infrastructure being operational In the event of a disaster, the operational procedures and the predefined response handling may not work In extreme cases they may even be counterproductive

14 EGEE04 Pisa 27 Oct 2005 - 14 Planning for emergencies Prepare for disaster recovery Assemble a knowledge team Look for common elements of disasters Identify services and their criticality Review impact of service disruptions Analyze vulnerabilities Analyze dependencies of services Review contingency options Develop a plan Analyze requirements for an alternate service location Identify resources required for service restoration Identify people who are likely to contribute to the restoration Identify people/functions/roles that will constitute the emergency management team Define the extent of authority of the management team Some specific suggestions

15 EGEE04 Pisa 27 Oct 2005 - 15 Planning for emergencies I thank you for the attention…

Download ppt "EGEE04 Pisa 27 Oct 2005 - 1 Planning for emergencies Grid security, just another case for emergency preparation? Pål S. Anderssen CERN - IT."

Similar presentations

Museum Presentation Intermuseum Conservation Association.

Museum Presentation Intermuseum Conservation Association.
GOVERNMENT IMPACT AND PREPARATION. The United States Federal Government takes actions that are in the best interests of the nation and are not likely.

GOVERNMENT IMPACT AND PREPARATION. The United States Federal Government takes actions that are in the best interests of the nation and are not likely.
OSG Computer Security Plans Irwin Gaines and Don Petravick 17-May-2006.

OSG Computer Security Plans Irwin Gaines and Don Petravick 17-May-2006.
Planning for the Future Disaster Recovery Plan / Business Continuity Plan Jim Zukowski, Ed.D. Texas State Board of Dental Examiners 2006 Annual ConferenceAlexandria,

Planning for the Future Disaster Recovery Plan / Business Continuity Plan Jim Zukowski, Ed.D. Texas State Board of Dental Examiners 2006 Annual ConferenceAlexandria,
DISASTER CENTER Study Case DEMIRBANK ROMANIA “Piata Financiara” ConferenceJanuary 29, 2002 C 2002.

DISASTER CENTER Study Case DEMIRBANK ROMANIA “Piata Financiara” ConferenceJanuary 29, 2002 C 2002.
1 Continuity Planning for transportation agencies.

1 Continuity Planning for transportation agencies.
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch

Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
(Geneva, Switzerland, September 2014)

(Geneva, Switzerland, September 2014)
Computer Security: Principles and Practice

Computer Security: Principles and Practice
1 Secure Your Business PATCH MANAGEMENT STRATEGY.

1 Secure Your Business PATCH MANAGEMENT STRATEGY.
Stephen S. Yau CSE 465-591, Fall 2006 1 Security Strategies.

Stephen S. Yau CSE , Fall Security Strategies.
Disaster Recovery and Business Continuity Ensuring Member Service in Times of Crisis.

Disaster Recovery and Business Continuity Ensuring Member Service in Times of Crisis.
Session 3 – Information Security Policies

Session 3 – Information Security Policies
John Graham – STRATEGIC Information Group Steve Lamb - QAD Disaster Recovery Planning MMUG Spring 2013 March 19, 2013 Cleveland, OH 03/19/2013MMUG Cleveland.

John Graham – STRATEGIC Information Group Steve Lamb - QAD Disaster Recovery Planning MMUG Spring 2013 March 19, 2013 Cleveland, OH 03/19/2013MMUG Cleveland.
Irish League of Credit Unions, 2012 W E L O O K A T T H I N G S D I F F E R E N T L Y Risk Management for Credit Unions September 2013 Risk Management.

Irish League of Credit Unions, 2012 W E L O O K A T T H I N G S D I F F E R E N T L Y Risk Management for Credit Unions September 2013 Risk Management.
1 2003-05-19 Experiences from establishing a national Centre for Information Security in Norway TERENA Networking Conference 2003 Maria Bartnes Dahl &

Experiences from establishing a national Centre for Information Security in Norway TERENA Networking Conference 2003 Maria Bartnes Dahl &
IAEA International Atomic Energy Agency EPR-Public Communications L-011 Good Practices for PIOs.

IAEA International Atomic Energy Agency EPR-Public Communications L-011 Good Practices for PIOs.
Care Home Forum 19 th May 2015 Sarah Chittock – Merton Civil Contingencies Officer Taryn Milton – Emergency Planning Manager – Epsom St. Helier.

Care Home Forum 19 th May 2015 Sarah Chittock – Merton Civil Contingencies Officer Taryn Milton – Emergency Planning Manager – Epsom St. Helier.
RBTC: Business Continuity 101 July 18, 2013. What is Business Continuity? Scenario Part 1 Why is BC important? What types of plans are needed? How do.

RBTC: Business Continuity 101 July 18, What is Business Continuity? Scenario Part 1 Why is BC important? What types of plans are needed? How do.
Module 3 Develop the Plan Planning for Emergencies – For Small Business –

Module 3 Develop the Plan Planning for Emergencies – For Small Business –

Similar presentations

Ads by Google