Federated Incident Response

Slides:



Advertisements
Similar presentations
Information Security Domains Computer Operations Security By: Shafi Alassmi Instructor: Francis G. Date: Sep 22, 2010.
Advertisements

HITECH ACT Privacy & Security Requirements Cathleen Casagrande Privacy Officer July 23, 2009.
Bronze and Silver Identity Assurance Profiles for Technical Implementers Tom Barton Senior Director for Integration University of Chicago Jim Green Manager,
Getting to Silver: Practical Matters for CIC Universities Tom Barton University of Chicago © 2009 The University of Chicago.
Federated Identity, Shibboleth, and InCommon Tom Barton University of Chicago © 2009 The University of Chicago.
September 5, 2013 Southern Region Break-Out NAAA Annual Convention.
Federated Identity, Levels of Assurance, and the InCommon Silver Certification Jim Green Identity Management Academic Technology Services © Michigan State.
Data Management Awareness January 23, University of Michigan Administrative Information Services Data Management Awareness Unit Liaisons January.
Information Resources and Communications University of California, Office of the President Current Identity Management Initiatives at UC & Beyond: UCTrust.
Data Security At Cornell Steve Schuster. Questions I’d like to Answer ► Why do we care about data security? ► What are our biggest challenges at Cornell?
Federated Access to US CyberInfrastructure Jim Basney CILogon This material is based upon work supported by the National Science Foundation.
National Center for Supercomputing Applications University of Illinois at Urbana-Champaign InCommon and TeraGrid Campus Champions Jim Basney
TeraGrid Science Gateway AAAA Model: Implementation and Lessons Learned Jim Basney NCSA University of Illinois Von Welch Independent.
Credential Provider Operational Practices Statement CAMP Shibboleth June 29, 2004 David Wasley.
October The Insider Financial Crime and Identity Theft Hacktivists Piracy Cyber Espionage and Sabotage.
National Center for Supercomputing Applications University of Illinois at Urbana-Champaign Federated Incident Response Jim Basney
Security Incident Response Trust Framework for Federated Identity (Sir-T-Fi) David Kelsey (STFC-RAL) REFEDS, Indianapolis 26 Oct 2014 and now abbreviated.
(2011) Security Breach Compromises 75,000 Staff/Student Social Security Numbers Image from this Site Presenters: Aron Eisold, Matt Mickelson, Bryce Nelson,
General Awareness Training
Trust and Security for FIM (Sirtfi/SCI) David Kelsey (STFC-RAL) FIM4R at CERN 4 Feb 2015.
InCommon Michigan State Common Solutions Group, January 2011 Matt Kolb
Identity Management Marco Casassa Mont Trusted E-Services Lab Hewlett-Packard Laboratories Bristol, UK June 2002.
National Center for Supercomputing Applications University of Illinois at Urbana-Champaign Secure Access to Research Infrastructure via the InCommon Federation.
Enterprise data (decentralized control, data security and privacy) Incident Response: State and Federal Law Rodney Petersen Security Task Force Coordinator.
Exploring InCommon Getting Started with InCommon: Creating Your Roadmap.
ISO27001 Introduction to Information Security. Who has day-to-day responsibility? All of us! Why Information Security? Control risk, limit liability What.
Part 6 – Special Legal Rights and Relationships Chapter 35 – Privacy Law Prepared by Michael Bozzo, Mohawk College © 2015 McGraw-Hill Ryerson Limited 34-1.
GGF Fall 2004 Brussels, Belgium September 20th, 2004 James Marsteller Pittsburgh Supercomptuing Center
Federated or Not: Secure Identity Management Janemarie Duh Identity Management Systems Architect Chair, Security Working Group ITS, Lafayette College.
PRIVACY, SECURITY & ID THEFT PREVENTION - TIPS FOR THE VIGILANT BUSINESS - SMALL BUSINESS & ECONOMIC DEVELOPMENT FORUM October 21, WITH THANKS TO.
Federated Environments and Incident Response: The Worst of Both Worlds? A TeraGrid Perspective Jim Basney Senior Research Scientist National Center for.
Addressing Unauthorized Release of Personal Information at UC Davis August 12, 2003.
The Impact of Evolving IT Security Concerns On Cornell Information Technology Policy.
1 Policy Types l Program l Issue Specific l System l Overall l Most Generic User Policies should be publicized l Internal Operations Policies should be.
CU – Boulder Security Incidents Jon Giltner. Our Challenge.
Leveraging the InCommon Federation to access the NSF TeraGrid Jim Basney Senior Research Scientist National Center for Supercomputing Applications University.
1 Updating the ESnet Site Coordinator Model (Presented to SLCCC, June, 2004) Joe Burrescia Mike Collins William E. Johnston DRAFT FOR COMMENT 7/19/04.
©2012, Mika Meyers Beckett & Jones PLC All Rights Reserved Michigan Association of Educational Data Systems Presented by: Jennifer A. Puplava Mika Meyers.
1 NSF/TeraGrid Science Advisory Board Meeting July 19-20, San Diego, CA Brief TeraGrid Overview and Expectations of Science Advisory Board John Towns TeraGrid.
Security Policy: From EGEE to EGI David Kelsey (STFC-RAL) 21 Sep 2009 EGEE’09, Barcelona david.kelsey at stfc.ac.uk.
(2011) Security Breach Compromises 75,000 Staff/Student Social Security Numbers Image from this Site Presenters: Aron Eisold, Matt Mickelson, Bryce Nelson,
Leveraging the InCommon Federation to access the NSF TeraGrid Jim Basney, Terry Fleury, Von Welch TeraGrid Round Table Update May 21, 2009.
INTRODUCTION TO IDENTITY FEDERATIONS Heather Flanagan, NSRC.
Leveraging Campus Authentication to Access the TeraGrid Scott Lathrop, Argonne National Lab Tom Barton, U Chicago.
Security Bob Cowles
Cyber Security Issues in HEP and NP Grids Bob Cowles — SLAC NC August 2004.
OSG VO Security Policies and Requirements Mine Altunay OSG Security Team July 2007.
Data Breach ALICAP, the District Insurance Provider, is Now Offering Data Breach Coverage as Part of Our Blanket Coverage Package 1.
JOHN M. HUFF NAIC PRESIDENT DIRECTOR, MISSOURI DEPARTMENT OF INSURANCE JUNE 16, 2016 NAIC CYBERSECURITY INITIATIVES.
National Center for Supercomputing Applications University of Illinois at Urbana-Champaign This material is based upon work supported by the National Science.
Security Incident Response Trust Framework for Federated Identity (Sir-T-Fi) David Kelsey (STFC-RAL) REFEDS, Indianapolis 26 Oct 2014.
Tom Barton, Senior Director for Integration, University of Chicago
Making Cross-campus, Inter-institutional Collaborations Work
Open Science Grid Consortium Meeting
John O’Keefe Director of Academic Technology & Network Services
InCommon Steward Program: Community Review
Understanding HIPAA Dr. Jennifer Lu.
Data Compromises: A Tax Practitioners “Nightmare”
Are you ready for a federated security incident?
Federated Identity to Support Collaboration in the CIC
What does the State GIS Coordinator do?
Looking for Gmail Help? JUST CALL (800)
Unfortunately, any small business could face the risk of a data breach or cyber attack. Regardless of how big or small your business is, if your data,
PASSHE InCommon & Federated Identity Workshop
ETSI role in Identity Management and Identification Systems
Federated Environments and Incident Response: The Worst of Both Worlds
What are IAM Key Processes.
A Grid Authorization Model for Science Gateways
Tom Barton (WG Chair) University of Chicago and Internet2
TRACE INITIATIVE: Confidentiality, Data Security, and Procedures for Protocol Violation or Adverse Event.
Presentation transcript:

Federated Incident Response Presented during InCommon CAMP (June 22, 2010). Jim Basney jbasney@illinois.edu

Motivation Federated identity used for activities of consequence Access to NSF cyberinfrastructure (TeraGrid, …) Access to wireless networks (eduroam, …) Access to federal grant management (NSF, NIH, …) Access to commercial services (Dreamspark, …) … Effective security incident response in federated identity environments requires cross-organizational cooperation Prepare now – stay ahead of the curve Federated Incident Response

CIC IDM WG TeraGrid Pilot Committee on Institutional Cooperation (www.cic.net) Consortium of Big Ten universities plus U Chicago U Nebraska joining July 2011 CIC Identity Management Working Group http://www.cic.net/Home/Projects/Technology/IdMgmt/Introduction.aspx TeraGrid Pilot sub-group Co-chairs: Von Welch, Keith Wessel (Illinois) Active participants: Jim Basney (Illinois), Michael Grady (Illinois), Matt Kolb (Michigan State), Rob Stanfield (Purdue) Drafting a Federated IDM Security Incident Response Policy cic-it-idmgmt-teragrid@cic.net Federated Incident Response

Federated Incident Response Policy Draft documents at http://www.cic.net/Home/Reports.aspx Does not supplant existing local policies, but augments them Defines responsibilities and roles of identity providers, service providers, federation operators, and users Service providers have ultimate authority to protect and control access to their services Federated Incident Response

Security Incident Defined An act of violating an explicit or implied security policy Examples Password theft Computer compromise Data privacy breach … Federated Incident Response

Federated Incident Response Philosophy “Do for others as you would do for yourself.” Treat a federated security incident like you would treat an internal security incident Promptly acknowledge incident reports Investigate incidents Notify affected parties when incidents are resolved Notify affected parties and share relevant information Service Providers Identity Providers Federation Operators Maintain the confidentiality of incident information Keep audit logs to facilitate incident investigation Federated Incident Response

Federated Incident Response Example University Identity Provider + TeraGrid Service Provider TeraGrid discovers account misuse caused by compromise of federated identity Response process TeraGrid disables user accounts at TeraGrid sites TeraGrid contacts University University investigates, contacts user, resets user password, etc. University notifies TeraGrid when incident is resolved TeraGrid re-enables user accounts at TeraGrid sites Federated identity introduces need for coordination with home organization, rather than (just) direct interaction between TeraGrid security and TeraGrid users Federated Incident Response

Proposed InCommon Operational Changes Add security incident response contact information to Participant Operational Practices (POP) documents InCommon metadata Security contact information can include URL for incident response practices/policies and public keys Email address Telephone number Federated Incident Response

For more information cic-it-idmgmt-teragrid@cic.net http://www.cic.net/Home/Projects/Technology/IdMgmt/Introduction.aspx http://www.cic.net/Home/Reports.aspx Federated Incident Response

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.