Presentation is loading. Please wait.

Presentation is loading. Please wait.

Security Incident Response Trust Framework for Federated Identity (Sir-T-Fi) David Kelsey (STFC-RAL) REFEDS, Indianapolis 26 Oct 2014.

Published byPatrick Cunningham Modified over 7 years ago

Similar presentations

Presentation on theme: "Security Incident Response Trust Framework for Federated Identity (Sir-T-Fi) David Kelsey (STFC-RAL) REFEDS, Indianapolis 26 Oct 2014."— Presentation transcript:

1 Security Incident Response Trust Framework for Federated Identity (Sir-T-Fi) David Kelsey (STFC-RAL) REFEDS, Indianapolis 26 Oct 2014

2 Outline Input FIM4R requirements TNC2014 BoF – Romain Wartel Security for Collaborating Infrastructures (SCI) Sir-T-Fi 1 st meeting - 18 June 2014 Mail list, wiki, document 2 nd F2F meeting this week – Friday morning 26 Oct 14SIRTFI, Kelsey2

3 Federated IdM for Research (FIM4R) Includes photon & neutron facilities, social science & humanities, high energy physics, climate science, life sciences and ESA Aim: define common vision, requirements and best practices Vision and requirements paper published https://cdsweb.cern.ch/record/1442597 26 Oct 14SIRTFI, Kelsey3

4 FIM4R paper Operational requirements include: Traceability. Identifying the cause of any security incident is essential for containment of its impact and to help prevent re-occurrence. The audit trail needs to include the federated IdPs. Appropriate Security Incident Response policies and procedures are required which need to include all IdPs and SPs. 26 Oct 14SIRTFI, Kelsey4

5 26 Oct 14SIRTFI, Kelsey5

6 26 Oct 14SIRTFI, Kelsey6

7 26 Oct 14SIRTFI, Kelsey7

8 26 Oct 14SIRTFI, Kelsey8

9 26 Oct 14SIRTFI, Kelsey9

10 Security for Collaborating Infrastructures (SCI) A collaborative activity of information security officers from large-scale infrastructures –EGI, OSG, PRACE, EUDAT, CHAIN, WLCG, XSEDE, … Developed out of EGEE – security policy group We are developing a Trust framework –Enable interoperation (security teams) –Manage cross-infrastructure security risks –Develop policy standards –Especially where not able to share identical security policies Version 1 of SCI document http://pos.sissa.it/archive/conferences/179/011/ISGC%202013_011.pdf 26 Oct 14SIRTFI, Kelsey10

11 SCI: areas addressed Operational Security Incident Response Traceability Participant Responsibilities –Individual users –Collections of users –Resource providers, service operators Legal issues and Management procedures Protection and processing of Personal Data/Personally Identifiable Information 26 Oct 14SIRTFI, Kelsey11

12 Sir-T-Fi – 1 st Meeting A Security Incident Response Trust Framework for Federated Identity (Sir-T-Fi) After discussions at TNC2014 Meeting at TERENA offices 18 th June –David Groep, Leif Johansson, Dave Kelsey, Leif Nixon, Romain Wartel –Remote: Tom Barton, Jim Basney, Jacob Farmer, Ann West –Apologies from Ann Harding, Von Welch, Scott Koranda, Licia Florio, Nicole Harris 26 Oct 14SIRTFI, Kelsey12

13 Meeting 18 th June Discussed general aims and thoughts –For now only address security incident response –Assurance profile to meet requirements on incident response –Needs to be light weight - IdPs self assert –Federation Operators act as conduits of information from IdP –Need a flag of compliance (for relying parties) In IdP metadata Could be per user –Use eduPersonAssurance or “SAMLAuthenticatonContextClassRef” in assertions from IdP First modifications to SCI document –Operational Security, Incident Response and Traceability 26 Oct 14SIRTFI, Kelsey13

14 Sir-T-Fi since June One phone/video meeting – 1 st Oct Mail list – sirtfi@terena.org Wiki https://refeds.terena.org/index.php/SIRTFI Doc moved to Google Docs Document evolving –Make public once we have a reasonable first draft 26 Oct 14SIRTFI, Kelsey14

15 Some text from document Abstract The Sir-T-Fi group (Security Incident Response Trust Framework for Federated Identity) is a collaborative activity of information security professionals from national identity federations and distributed IT infrastructures in the research & education sector. Its aim is to simplify the management of cross-infrastructure operational security risks, to build trust and develop policy standards for collaboration in security incident response. 26 Oct 14SIRTFI, Kelsey15

16 Example Text (2) Security Incident Response Each Claims Processor must: [IR1] Provide security contact information who will respond in a timely manner according to current best practice, e.g. one working day. [IR2] Have an established Incident Response procedure. This must address: roles, authority, and responsibilities; identification and assessment of an incident; minimising damage, response and recovery strategies; [IR3] The ability and the willingness to collaborate in the handling of a security incident with affected Claims Processors; [IR4] Respect and should use the TLP (ref) information disclosure policy. 26 Oct 14SIRTFI, Kelsey16

17 Next steps Sir-T-Fi meeting on Friday morning –How do we encourage deployment ACAMP this week Input from others, e.g. http://www.cic.net/docs/default- source/technology/federated_security_incident_response.pdf EU H2020 AARC –Can provide test use cases Activity is very much open –People welcome to join –Ask Nicole Harris if you wish to join mail list 26 Oct 14SIRTFI, Kelsey17

18 Questions? 26 Oct 14SIRTFI, Kelsey18

Download ppt "Security Incident Response Trust Framework for Federated Identity (Sir-T-Fi) David Kelsey (STFC-RAL) REFEDS, Indianapolis 26 Oct 2014."

Similar presentations

Federated Identity Management for Research Communities (FIM4R) David Kelsey (STFC-RAL) EGI TF, AAI workshop 19 Sep 2012.

Federated Identity Management for Research Communities (FIM4R) David Kelsey (STFC-RAL) EGI TF, AAI workshop 19 Sep 2012.
INFSO-RI-508833 Enabling Grids for E-sciencE www.eu-egee.org JRA3 2 nd EU Review Input David Groep NIKHEF.

INFSO-RI Enabling Grids for E-sciencE JRA3 2 nd EU Review Input David Groep NIKHEF.
WLCG Security TEG, risks and Identity Management David Kelsey GridPP28, Manchester 18 Apr 2012.

WLCG Security TEG, risks and Identity Management David Kelsey GridPP28, Manchester 18 Apr 2012.
Www.egi.eu EGI-Engage www.egi.eu Recent Experiences in Operational Security: Incident prevention and incident handling in the EGI and WLCG infrastructure.

EGI-Engage Recent Experiences in Operational Security: Incident prevention and incident handling in the EGI and WLCG infrastructure.
Security Incident Response Trust Framework for Federated Identity (Sir-T-Fi) David Kelsey (STFC-RAL) REFEDS, Indianapolis 26 Oct 2014 and now abbreviated.

Security Incident Response Trust Framework for Federated Identity (Sir-T-Fi) David Kelsey (STFC-RAL) REFEDS, Indianapolis 26 Oct 2014 and now abbreviated.
Trust and Security for FIM (Sirtfi/SCI) David Kelsey (STFC-RAL) FIM4R at CERN 4 Feb 2015.

Trust and Security for FIM (Sirtfi/SCI) David Kelsey (STFC-RAL) FIM4R at CERN 4 Feb 2015.
BoF: Federated Identity Management for Researchers David Kelsey (STFC-RAL) TNC2014, Dublin 20 May 2014.

BoF: Federated Identity Management for Researchers David Kelsey (STFC-RAL) TNC2014, Dublin 20 May 2014.
Authentication and Authorization in a federated environment Jules Wolfrat (SARA)

Authentication and Authorization in a federated environment Jules Wolfrat (SARA)
Sirtfi David Kelsey (STFC-RAL) REFEDS at TNC15 14 June 2015.

Sirtfi David Kelsey (STFC-RAL) REFEDS at TNC15 14 June 2015.
Federated Identity Management for HEP David Kelsey WLCG GDB 9 May 2012.

Federated Identity Management for HEP David Kelsey WLCG GDB 9 May 2012.
Security Update WLCG GDB CERN, 12 June 2013 David Kelsey STFC/RAL.

Security Update WLCG GDB CERN, 12 June 2013 David Kelsey STFC/RAL.
Authentication and Authorisation for Research and Collaboration Licia Florio (GÉANT) Christos Kanellopoulos (GRNET) Service orientation.

Authentication and Authorisation for Research and Collaboration Licia Florio (GÉANT) Christos Kanellopoulos (GRNET) Service orientation.
Federated Identity Management for Research Communities (FIM4R) David Kelsey (STFC-RAL) EGI CF, FIM workshop 11 Apr 2013.

Federated Identity Management for Research Communities (FIM4R) David Kelsey (STFC-RAL) EGI CF, FIM workshop 11 Apr 2013.
WLCG Security: A Trust Framework for Security Collaboration among Infrastructures David Kelsey (STFC-RAL, UK) CHEP2013, Amsterdam 17 Oct 2013.

WLCG Security: A Trust Framework for Security Collaboration among Infrastructures David Kelsey (STFC-RAL, UK) CHEP2013, Amsterdam 17 Oct 2013.
EGEE-III INFSO-RI-222667 Enabling Grids for E-sciencE EGEE and gLite are registered trademarks David Kelsey RAL/STFC,

EGEE-III INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks David Kelsey RAL/STFC,
7 th FIM 4 R meeting 23-24 April 2014 ESRIN Frascati.

7 th FIM 4 R meeting April 2014 ESRIN Frascati.
EResearchers Requirements the IGTF model of interoperable global trust and with a view towards FIM4R AAI Workshop Presenter: David Groep, Nikhef.

EResearchers Requirements the IGTF model of interoperable global trust and with a view towards FIM4R AAI Workshop Presenter: David Groep, Nikhef.
Authentication and Authorisation for Research and Collaboration Licia Florio REFEDS Meeting The AARC Project I2 Technology Exchange.

Authentication and Authorisation for Research and Collaboration Licia Florio REFEDS Meeting The AARC Project I2 Technology Exchange.
Authentication and Authorisation for Research and Collaboration Licia Florio AARC Workshop The AARC Project Brussels, 26 October.

Authentication and Authorisation for Research and Collaboration Licia Florio AARC Workshop The AARC Project Brussels, 26 October.
Https://aarc-project.eu Authentication and Authorisation for Research and Collaboration David Kelsey AARC AHM Milan And mechanisms NA3 Task 4 – Scalable.

Authentication and Authorisation for Research and Collaboration David Kelsey AARC AHM Milan And mechanisms NA3 Task 4 – Scalable.

Similar presentations

Ads by Google