Presentation is loading. Please wait.

Presentation is loading. Please wait.

Security Operations David Kelsey GridPP Deployment Board 3 Mar 2005

Published byMarian Oliver Modified over 8 years ago

Similar presentations

Presentation on theme: "Security Operations David Kelsey GridPP Deployment Board 3 Mar 2005"— Presentation transcript:

1 Security Operations David Kelsey GridPP Deployment Board 3 Mar 2005 d.p.kelsey@rl.ac.uk

2 3-Mar-05Security Operations2 Who does what? EGEE JRA3 EGEE Middleware Security Group –JRA3, JRA1, SA1, Other projects (incl GridPP) LCG/EGEE Joint Security Policy Group (JSPG) –Reports to LCG GDB (and EGEE ROC Managers) EGEE Operational Security Coord Team –Led by Ian Neilson (CERN) –But not yet met

3 3-Mar-05Security Operations3 GridPP Security In M/S/N area –Led by Andrew McNab –Working on security middleware development Linda Cornwall (50%) –Vulnerabilities, Quality control & docs Tier2 Security specialist (vacancy) –Currently Romain Wartel (0.25 FTE) EGEE UK/I ROC Security contact (on OSCT) DPK (50%) – chairs JSPG and member of MWSG, EU GridPMA (CAs) etc

4 3-Mar-05Security Operations4 Site and VO Reg. JSPG policy and procedures Site Registration document –Close to final –https://edms.cern.ch/document/503198/https://edms.cern.ch/document/503198/ VO Registration –Being written now –Will specify “charter” of the VO –Describes registration procedures –To allow sites to decide whether to support

5 3-Mar-05Security Operations5 LHC User Reg Task force (reports to JSPG) VOMS and VOMRS (FNAL) –Interface to CERN HR/Expt DB

6 3-Mar-05Security Operations6 AUP Common policy with OpenScienceGrid –Keep it short and simple (1) You may only perform work and store data consistent with the charters of the organizations of which you are a member, and only on resources authorized for use by those organizations. (2) You will not attempt to circumvent administrative and security controls on the use of resources. If you are informed that some aspect of your grid usage is creating a problem, you will adjust your usage and investigate ways to resolve the complaint. You will immediately report any suspected compromise of your grid credentials (security@opensciencegrid.org) or suspected misuse of grid resources (abuse@opensciencegrid.org).security@opensciencegrid.orgabuse@opensciencegrid.org (3) Resource providers have the right to regulate access as they deem necessary for either operational or security-related reasons.

7 3-Mar-05Security Operations7 Incident Response Again, common approach with OSG http://computing.fnal.gov/cgi- bin/docdb/osg_public/ShowDocument?doci d=19&version=2http://computing.fnal.gov/cgi- bin/docdb/osg_public/ShowDocument?doci d=19&version=2

8 3-Mar-05Security Operations8 Security Challenges OSG recently tested communication channels –Emergency reporting –Discuss list –Highlighted several problems – but worked EGEE –OSCT will organise and do test in March/April And then discuss in EGEE-3 meeting

9 3-Mar-05Security Operations9 Vulnerabilities Linda Cornwall Draft document written –Vulnerability – detection and reduction –See recent MWSG meeting –http://agenda.cern.ch/fullAgenda.php?ida=a0 51137http://agenda.cern.ch/fullAgenda.php?ida=a0 51137 Checklists (deployment and middleware) Vulnerability logging Anti-use cases

10 3-Mar-05Security Operations10 Vulnerability (2) How/where to report? JSPG encourages reporting of security holes –Problems of public/archived mail lists –We have a responsibility to our project(s) JSPG investigating secure area in GGUS –Otherwise will create our own database In the meantime please report to Linda Cornwall –Writing a document – not public

Download ppt "Security Operations David Kelsey GridPP Deployment Board 3 Mar 2005"

Similar presentations

Grid Security Policy GridPP18, Glasgow David Kelsey 21sr March 2007.

Grid Security Policy GridPP18, Glasgow David Kelsey 21sr March 2007.
LCG/EGEE/OSG Security Incident Response Grid Operations workshop CERN, 2 November 2004 David Kelsey CCLRC/RAL, UK

LCG/EGEE/OSG Security Incident Response Grid Operations workshop CERN, 2 November 2004 David Kelsey CCLRC/RAL, UK
Grid Security Policy David Kelsey (RAL) 1 July 2009 UK HEP SYSMAN Security workshop david.kelsey at stfc.ac.uk.

Grid Security Policy David Kelsey (RAL) 1 July 2009 UK HEP SYSMAN Security workshop david.kelsey at stfc.ac.uk.
Last update 01/06/2014 03:23 LCG 1Maria Dimou- cern-it-gd Maria Dimou IT/GD Site Registration policy & procedures https://edms.cern.ch/document/503198/

Last update 01/06/ :23 LCG 1Maria Dimou- cern-it-gd Maria Dimou IT/GD Site Registration policy & procedures
Grid Security Users, VOs, Sites OSG Collaboration Meeting University of Washington Bob Cowles August 23, 2006 Work supported.

Grid Security Users, VOs, Sites OSG Collaboration Meeting University of Washington Bob Cowles August 23, 2006 Work supported.
INFSO-RI-508833 Enabling Grids for E-sciencE Update on LCG/EGEE Security Policy and Procedures David Kelsey, CCLRC/RAL, UK

INFSO-RI Enabling Grids for E-sciencE Update on LCG/EGEE Security Policy and Procedures David Kelsey, CCLRC/RAL, UK
30-Jan-03D.P.Kelsey, GridPP Security1 Security GridPP6 30 Jan 2003 Coseners House David Kelsey CLRC/RAL, UK

30-Jan-03D.P.Kelsey, GridPP Security1 Security GridPP6 30 Jan 2003 Coseners House David Kelsey CLRC/RAL, UK
Www.egi.eu EGI-InSPIRE RI-261323 EGI-InSPIRE www.egi.eu EGI-InSPIRE RI-261323 EGI Security Policy Group Summary EGI TF David Kelsey 6/28/2015 1.

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI EGI Security Policy Group Summary EGI TF David Kelsey 6/28/
INFSO-RI-508833 Enabling Grids for E-sciencE www.eu-egee.org Operational Security OSCT JSPG March 2006 Ian Neilson, CERN.

INFSO-RI Enabling Grids for E-sciencE Operational Security OSCT JSPG March 2006 Ian Neilson, CERN.
Deployment Session David Kelsey GridPP13, Durham 5 Jul 2005

Deployment Session David Kelsey GridPP13, Durham 5 Jul 2005
SSC2 and Update on Multi-user Pilot Jobs Framework Mingchao Ma, STFC – RAL HEPSysMan Meeting 20/06/2008.

SSC2 and Update on Multi-user Pilot Jobs Framework Mingchao Ma, STFC – RAL HEPSysMan Meeting 20/06/2008.
Operational Security Working Group Topics Incident Handling Process –OSG Document Review & Comments:

Operational Security Working Group Topics Incident Handling Process –OSG Document Review & Comments:
EGEE ARM-2 – 5 Oct 2004 - 1 LCG Security Coordination Ian Neilson LCG Security Officer Grid Deployment Group CERN.

EGEE ARM-2 – 5 Oct LCG Security Coordination Ian Neilson LCG Security Officer Grid Deployment Group CERN.
GGF12 – 20 Sept 2004 - 1 LCG Incident Response Ian Neilson LCG Security Officer Grid Deployment Group CERN.

GGF12 – 20 Sept LCG Incident Response Ian Neilson LCG Security Officer Grid Deployment Group CERN.
LCG/EGEE Security Update HEPiX, Fall 2004 BNL, 18 October 2004 David Kelsey CCLRC/RAL, UK

LCG/EGEE Security Update HEPiX, Fall 2004 BNL, 18 October 2004 David Kelsey CCLRC/RAL, UK
Deployment Issues David Kelsey GridPP13, Durham 5 Jul 2005

Deployment Issues David Kelsey GridPP13, Durham 5 Jul 2005
EGEE-III INFSO-RI-222667 Enabling Grids for E-sciencE EGEE and gLite are registered trademarks David Kelsey RAL/STFC,

EGEE-III INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks David Kelsey RAL/STFC,
JSPG: User-level Accounting Data Policy David Kelsey, CCLRC/RAL, UK LCG GDB Meeting, Rome, 5 April 2006.

JSPG: User-level Accounting Data Policy David Kelsey, CCLRC/RAL, UK LCG GDB Meeting, Rome, 5 April 2006.
Security Area in GridPP2 4 Mar 2004 Security Area in GridPP2 “Proforma-2 posts” overview Deliverables – Local Access – Local Usage.

Security Area in GridPP2 4 Mar 2004 Security Area in GridPP2 “Proforma-2 posts” overview Deliverables – Local Access – Local Usage.
INFSO-RI-508833 Enabling Grids for E-sciencE EGEE/LCG Joint Security Policy Group David Kelsey, CCLRC/RAL, UK EGEE.

INFSO-RI Enabling Grids for E-sciencE EGEE/LCG Joint Security Policy Group David Kelsey, CCLRC/RAL, UK EGEE.

Similar presentations

Ads by Google