Presentation is loading. Please wait.

Presentation is loading. Please wait.

New OSG Virtual Organization Security Training OSG Security Team.

Published byGloria Howard Modified over 7 years ago

Similar presentations

Presentation on theme: "New OSG Virtual Organization Security Training OSG Security Team."— Presentation transcript:

1 New OSG Virtual Organization Security Training OSG Security Team

2 OSG Security Team Goals Operational Security  Identify software vulnerabilities  observing the practices of our VOs and sites, and sending alerts when we detect abnormalities;  performing fire drills to measure readiness and security awareness Interoperability with other grids Education  security training of our members  teaching best practices  learning from our users about difficulties of security practices

3 What to do if you have a Security Incident Report to local Security Team + OSG GOC. https://twiki.grid.iu.edu/bin/view/Documentatio n/IncidentDiscoveryReporting https://twiki.grid.iu.edu/bin/view/Documentatio n/IncidentDiscoveryReporting Compromised credentials most common issue. Certificates revoked, CRL’s can take 6 hours or more to propagate. Also ban users via GUMS, SAZ, or gridmap files, as appropriate for the site.

4 Software vulnerabilities If a security related software vulnerability is discovered, report it to the OSG GOC, which will contact the Security and Software teams.  https://ticket.opensciencegrid.org https://ticket.opensciencegrid.org  Or send email to goc@opensciencegrid.orggoc@opensciencegrid.org SSL, Java, tomcat, most common suspects these days.

5 OSG Certificates OSG provides certificates signed by Digicert. Registration Agents (RAs) approve certs for individuals. Grid Admins (GAs) approve certs for hosts/services. https://twiki.grid.iu.edu/bin/view/Operations/O SGPKITrustedAgent https://twiki.grid.iu.edu/bin/view/Operations/O SGPKITrustedAgent https://www.opensciencegrid.org/bin/view/Sec urity/NewOSGPKI https://www.opensciencegrid.org/bin/view/Sec urity/NewOSGPKI

6 Fire Drills Selected sites are sent pseudo malicious jobs and asked to treat as a regular security incident. Upcoming drill will test jobs submitted via Glide-in WMS.

7 Tools Security team provides OSG CA cert bundles. Also looking at other security tools to provide. Open to suggestions for new tools!

8 Additional help If a VO needs additional help with managing their users, access control management and/or identity management, they can contact the OSG Security team. OSG Security team can either work on the problem with them or put them in touch with experts in this area depending on the VO’s needs. A guidance document that summarizes the trust relationship models that VOs can implement is available at http://osg- docdb.opensciencegrid.org/cgi- bin/ShowDocument?docid=1199http://osg- docdb.opensciencegrid.org/cgi- bin/ShowDocument?docid=1199

Download ppt "New OSG Virtual Organization Security Training OSG Security Team."

Similar presentations

Introduction of Grid Security

Introduction of Grid Security
Role Based VO Authorization Services Ian Fisk Gabriele Carcassi July 20, 2005.

Role Based VO Authorization Services Ian Fisk Gabriele Carcassi July 20, 2005.
OSG PKI RA Training Mine Altunay, Jim Basney OSG PKI Team October 1, 2012.

OSG PKI RA Training Mine Altunay, Jim Basney OSG PKI Team October 1, 2012.
PKI Implementation in the Real World

PKI Implementation in the Real World
Andrew McNab - EDG Access Control - 14 Jan 2003 EU DataGrid security with GSI and Globus Andrew McNab University of Manchester

Andrew McNab - EDG Access Control - 14 Jan 2003 EU DataGrid security with GSI and Globus Andrew McNab University of Manchester
OSG Area Coordinators Meeting Security Team Report Mine Altunay 05/15/2013.

OSG Area Coordinators Meeting Security Team Report Mine Altunay 05/15/2013.
INFSO-RI-508833 Enabling Grids for E-sciencE Update on LCG/EGEE Security Policy and Procedures David Kelsey, CCLRC/RAL, UK

INFSO-RI Enabling Grids for E-sciencE Update on LCG/EGEE Security Policy and Procedures David Kelsey, CCLRC/RAL, UK
Open Science Grid Use of PKI: Wishing it was easy A brief and incomplete introduction. Doug Olson, LBNL PKI Workshop, NIST 5 April 2006.

Open Science Grid Use of PKI: Wishing it was easy A brief and incomplete introduction. Doug Olson, LBNL PKI Workshop, NIST 5 April 2006.
Security Mechanisms The European DataGrid Project Team

Security Mechanisms The European DataGrid Project Team
\ 2008-11-13Grid Security and Authentication1. David Groep Physics Data Processing group Nikhef.

\ Grid Security and Authentication1. David Groep Physics Data Processing group Nikhef.
Joining the Grid Andrew McNab. 28 March 2006Andrew McNab – Joining the Grid Outline ● LCG – the grid you're joining ● Related projects ● Getting a certificate.

Joining the Grid Andrew McNab. 28 March 2006Andrew McNab – Joining the Grid Outline ● LCG – the grid you're joining ● Related projects ● Getting a certificate.
Getting grid-enabled Steps involved: personal grid certificate  Request a certificate from:

Getting grid-enabled Steps involved: personal grid certificate  Request a certificate from:
Www.egi.eu EGI-Engage www.egi.eu Recent Experiences in Operational Security: Incident prevention and incident handling in the EGI and WLCG infrastructure.

EGI-Engage Recent Experiences in Operational Security: Incident prevention and incident handling in the EGI and WLCG infrastructure.
Key Accomplishments and Work Plans OSG Security Team July 11, 2012.

Key Accomplishments and Work Plans OSG Security Team July 11, 2012.
OSG Area Coordinators Meeting Security Team Report Mine Altunay 01/29/2014.

OSG Area Coordinators Meeting Security Team Report Mine Altunay 01/29/2014.
CLICK ONTO THE SHARYLAND WEB PAGE  www.sharylandisd.orgwww.sharylandisd.org  Find and select the Sign-In tab located at top right.

CLICK ONTO THE SHARYLAND WEB PAGE   Find and select the Sign-In tab located at top right.
OSG PKI Grid Admin (GA) Training Mine Altunay, Jim Basney OSG PKI Team October 8, 2012.

OSG PKI Grid Admin (GA) Training Mine Altunay, Jim Basney OSG PKI Team October 8, 2012.
CILogon OSG CA Mine Altunay Jim Basney TAGPMA Meeting Pittsburgh May 27, 2015.

CILogon OSG CA Mine Altunay Jim Basney TAGPMA Meeting Pittsburgh May 27, 2015.
OSG Security Review Mine Altunay June 19, 2008. June 19, 2008 2 Security Overview Current Initiatives  Incident response procedure – top priority (WBS.

OSG Security Review Mine Altunay June 19, June 19, Security Overview Current Initiatives  Incident response procedure – top priority (WBS.
OSG Area Coordinators Meeting Security Team Report Mine Altunay 12/21/2011.

OSG Area Coordinators Meeting Security Team Report Mine Altunay 12/21/2011.

Similar presentations

Ads by Google