Presentation is loading. Please wait.

Presentation is loading. Please wait.

Sponsored by the National Science Foundation 1 Activities this trimester 0.5 revision of Operational Security Plan Independently (from GPO) developing.

Published byJavion Roser Modified over 9 years ago

Similar presentations

Presentation on theme: "Sponsored by the National Science Foundation 1 Activities this trimester 0.5 revision of Operational Security Plan Independently (from GPO) developing."— Presentation transcript:

1 Sponsored by the National Science Foundation 1 Activities this trimester 0.5 revision of Operational Security Plan Independently (from GPO) developing a clearinghouse concept Merging terminology and ideas with Aaron’s very similar formulation of a CH Drafting initial clearinghouse policy/plans/agreement INSERT PROJECT REVIEW DATE

2 Sponsored by the National Science Foundation 2 Operation Security Plan The goals (for inter-aggregate issues) –(1) recommend structure of an incident response team, –(2) set forth the basic processes for incident response, –(3) recommend actions to mitigate perceived risks. Document is a bit ahead of its time –Needs funds to implement & governance to direct its execution Prioritization of threat mitigations in the final section is relevant now, though. –Could guide funding of future projects & feedback is desired INSERT PROJECT REVIEW DATE

3 Sponsored by the National Science Foundation 3 Clearinghouse agreement or policy? Less of an agreement between parties, more of a policy or directive for how CH will be operated Depends heavily upon concept of clearinghouse and federation as proposed here by GPO Just as the CH is a trusted root, this document meant to be root for other policies or agreements –So Aggregate Provider Agreement is between AAs and clearinghouse (similarly for IdP agreements) –This creates a bridge between AAs, IdPs and users when there is a common set of policies and agreements associated with a common CH INSERT PROJECT REVIEW DATE

4 Sponsored by the National Science Foundation 4 Clearinghouse policy format Definition of clearinghouse –Terms a little out of date with Aaron’s Description of federation actors and needed agreements –Both existing and needed future agreements Definition of services provided by CH and QoS Policies for clearinghouse ops. INSERT PROJECT REVIEW DATE

5 Sponsored by the National Science Foundation 5 Needed GENI agreements/policies/plans ✔ Aggregate Provider Agreement –Needs terminology update, but pretty much done. ✗ Identity Provider Agreements –Will need with InCommon, PL, Emulab, etc ✗ Slice Registry Agreements –Might be rolled into IdP agreements? ✗ Project Leader Agreement ✗ Federation Charter –describe the governance structure of GENI and references all the federation agreements/policies INSERT PROJECT REVIEW DATE

6 Sponsored by the National Science Foundation 6 Needed GENI agreements/policies/plans ✗ Acceptable Use Policy –Base off of RUP, include opt-in user treatment ✓ Legal, Law Enforcement & Regulatory Plan –Needs a little updating of terminology Clearinghouse Policy –Several questions still to answer, some must wait till implementation details emerge Incident Response Plan –Next evolution of the operational security plan. –Loosely based off Open Science Grid ✗ Certificate Authority Operational Policy –For any service issuing credentials INSERT PROJECT REVIEW DATE

7 Sponsored by the National Science Foundation 7 Clearinghouse services Project registration/creation Principal registration and revocation Slice creation, registration & revocation Resource discovery Federation resource policy verification –E.g., does a grad student have more resources than some set limit? –Remember, aggregates still make the decision to grant resource requests, but some may only take requests proxied through the clearinghouse which verifies policy INSERT PROJECT REVIEW DATE

8 Sponsored by the National Science Foundation 8 Clearinghouse policies covered Governance, from where does clearinghouse receive its directives and mission Responsibilities CH has to GENI community Conflict Resolution Process –E.g., an aggregate or other actor complains that an another aggregate has violated the agreement Privacy policy for all info collected by CH User attributes collected from IdPs Data collected from aggregates –Need to know what allocations were actually granted Certificate Authority policies INSERT PROJECT REVIEW DATE

9 Sponsored by the National Science Foundation 9 CH Policy feedback needed What resource allocation policies might we have –Determines which attributes must be collected If a slice was created elsewhere and registered at the clearinghouse, who can determine who has been given rights to act on a slice –Will the architecture allow us to determine anything other than the slice owner and project leader? Do the definitions of 3 project sizes make sense? –What about the turnaround time for creating projects? –Do we need a committee to vet large projects? And just general feedback please INSERT PROJECT REVIEW DATE

Download ppt "Sponsored by the National Science Foundation 1 Activities this trimester 0.5 revision of Operational Security Plan Independently (from GPO) developing."

Similar presentations

Status on the Mapping of Metadata Standards

Status on the Mapping of Metadata Standards
Reliability Center Data Request Task Force Report WECC Board Meeting April 2009.

Reliability Center Data Request Task Force Report WECC Board Meeting April 2009.
Appropriate Access InCommon Identity Assurance Profiles David L. Wasley Campus Architecture and Middleware Planning workshop February 2008.

Appropriate Access InCommon Identity Assurance Profiles David L. Wasley Campus Architecture and Middleware Planning workshop February 2008.
Electronic Submission of Medical Documentation (esMD) Face to Face Informational Session esMD Requirements, Priorities and Potential Workgroups – 2:00pm.

Electronic Submission of Medical Documentation (esMD) Face to Face Informational Session esMD Requirements, Priorities and Potential Workgroups – 2:00pm.
Sponsored by the National Science Foundation Federation in GENI Draft proposal – Comments invited GEC11 – Denver, Colorado Aaron Falk 26 July 2011.

Sponsored by the National Science Foundation Federation in GENI Draft proposal – Comments invited GEC11 – Denver, Colorado Aaron Falk 26 July 2011.
Sponsored by the National Science Foundation Campus Policies for the GENI Clearinghouse and Portal Sarah Edwards, GPO March 20, 2013.

Sponsored by the National Science Foundation Campus Policies for the GENI Clearinghouse and Portal Sarah Edwards, GPO March 20, 2013.
Administrative Policies in XACML Erik Rissanen Swedish Institute of Computer Science.

Administrative Policies in XACML Erik Rissanen Swedish Institute of Computer Science.
D u k e S y s t e m s Authorization Framework: Status Jeff Chase Duke University.

D u k e S y s t e m s Authorization Framework: Status Jeff Chase Duke University.
How to Document A Business Management System

How to Document A Business Management System
INFSO-RI-508833 Enabling Grids for E-sciencE Update on LCG/EGEE Security Policy and Procedures David Kelsey, CCLRC/RAL, UK

INFSO-RI Enabling Grids for E-sciencE Update on LCG/EGEE Security Policy and Procedures David Kelsey, CCLRC/RAL, UK
Sponsored by the National Science Foundation GENI Clearinghouse Panel GEC 12 Nov. 2, 2011 INSERT PROJECT REVIEW DATE.

Sponsored by the National Science Foundation GENI Clearinghouse Panel GEC 12 Nov. 2, 2011 INSERT PROJECT REVIEW DATE.
Connecting People With Information DoD Net-Centric Services Strategy Frank Petroski October 31, 2006.

Connecting People With Information DoD Net-Centric Services Strategy Frank Petroski October 31, 2006.
Using Digital Credentials On The World-Wide Web M. Winslett.

Using Digital Credentials On The World-Wide Web M. Winslett.
Information Resources and Communications University of California, Office of the President UCTrust Implementation Experiences David Walker, UCOP Albert.

Information Resources and Communications University of California, Office of the President UCTrust Implementation Experiences David Walker, UCOP Albert.
Use Case Development Scott Shorter, Electrosoft Services January/February 2013.

Use Case Development Scott Shorter, Electrosoft Services January/February 2013.
Complying With The Federal Information Security Act (FISMA)

Complying With The Federal Information Security Act (FISMA)
Www.nationalsmartcardproject.org.uk www.scnf.org.uk National Smartcard Project Work Package 8 – Security Issues Report.

National Smartcard Project Work Package 8 – Security Issues Report.
SWITCHaai Team Federated Identity Management.

SWITCHaai Team Federated Identity Management.
D u k e S y s t e m s Accountability and Authorization GEC 12 Jeff Chase Duke University Thanks: NSF TC CNS-0910653.

D u k e S y s t e m s Accountability and Authorization GEC 12 Jeff Chase Duke University Thanks: NSF TC CNS
Functional Model Workstream 1: Functional Element Development.

Functional Model Workstream 1: Functional Element Development.

Similar presentations

Ads by Google