National Center for Supercomputing Applications University of Illinois at Urbana-Champaign Federated Incident Response Jim Basney

Slides:



Advertisements
Similar presentations
HITECH ACT Privacy & Security Requirements Cathleen Casagrande Privacy Officer July 23, 2009.
Advertisements

Financial Data Protection and Consumer Notification of Data Security Breach Act of 2006 Sara Juster, JD Vice President/Corporate Compliance Officer Nebraska.
September 5, 2013 Southern Region Break-Out NAAA Annual Convention.
Federated Identity, Levels of Assurance, and the InCommon Silver Certification Jim Green Identity Management Academic Technology Services © Michigan State.
National Center for Supercomputing Applications University of Illinois at Urbana-Champaign This material is based upon work supported by the National Science.
Data Management Awareness January 23, University of Michigan Administrative Information Services Data Management Awareness Unit Liaisons January.
Data Security At Cornell Steve Schuster. Questions I’d like to Answer ► Why do we care about data security? ► What are our biggest challenges at Cornell?
Federated Access to US CyberInfrastructure Jim Basney CILogon This material is based upon work supported by the National Science Foundation.
National Center for Supercomputing Applications University of Illinois at Urbana-Champaign InCommon and TeraGrid Campus Champions Jim Basney
TeraGrid Science Gateway AAAA Model: Implementation and Lessons Learned Jim Basney NCSA University of Illinois Von Welch Independent.
Shibboleth and InCommon Copyright Texas A&M University This work is the intellectual property of the author. Permission is granted for this material.
Security Incident Response Trust Framework for Federated Identity (Sir-T-Fi) David Kelsey (STFC-RAL) REFEDS, Indianapolis 26 Oct 2014 and now abbreviated.
(2011) Security Breach Compromises 75,000 Staff/Student Social Security Numbers Image from this Site Presenters: Aron Eisold, Matt Mickelson, Bryce Nelson,
General Awareness Training
Trust and Security for FIM (Sirtfi/SCI) David Kelsey (STFC-RAL) FIM4R at CERN 4 Feb 2015.
InCommon Michigan State Common Solutions Group, January 2011 Matt Kolb
Distributed Web Security for Science Gateways Jim Basney In collaboration with: Rion Dooley Jeff Gaynor
National Center for Supercomputing Applications University of Illinois at Urbana-Champaign Secure Access to Research Infrastructure via the InCommon Federation.
Enterprise data (decentralized control, data security and privacy) Incident Response: State and Federal Law Rodney Petersen Security Task Force Coordinator.
CILogon OSG CA Mine Altunay Jim Basney TAGPMA Meeting Pittsburgh May 27, 2015.
Exploring InCommon Getting Started with InCommon: Creating Your Roadmap.
TeraGrid Science Gateways: Scaling TeraGrid Access Aaron Shelmire¹, Jim Basney², Jim Marsteller¹, Von Welch²,
Federal Trade Commission required to issue and enforce regulations concerning children’s online privacy. Initial COPPA Rule effective April 21, 2000;
ISO27001 Introduction to Information Security. Who has day-to-day responsibility? All of us! Why Information Security? Control risk, limit liability What.
Part 6 – Special Legal Rights and Relationships Chapter 35 – Privacy Law Prepared by Michael Bozzo, Mohawk College © 2015 McGraw-Hill Ryerson Limited 34-1.
GGF Fall 2004 Brussels, Belgium September 20th, 2004 James Marsteller Pittsburgh Supercomptuing Center
Federated or Not: Secure Identity Management Janemarie Duh Identity Management Systems Architect Chair, Security Working Group ITS, Lafayette College.
PRIVACY, SECURITY & ID THEFT PREVENTION - TIPS FOR THE VIGILANT BUSINESS - SMALL BUSINESS & ECONOMIC DEVELOPMENT FORUM October 21, WITH THANKS TO.
Safe Computing Practices. Why would anyone want to hack me? 1 Krebs, Brian - “The Scrap Value of a Hacked PC, Revisited”, 12 Oct 2012,
National Center for Supercomputing Applications University of Illinois at Urbana-Champaign NCSA Two Factor CA Jim Basney
Federated Environments and Incident Response: The Worst of Both Worlds? A TeraGrid Perspective Jim Basney Senior Research Scientist National Center for.
Tutorial: Building Science Gateways TeraGrid 08 Tom Scavo, Jim Basney, Terry Fleury, Von Welch National Center for Supercomputing.
Addressing Unauthorized Release of Personal Information at UC Davis August 12, 2003.
Scared Straight… if you want to go outside… Authenticate Locally, Act Globally.
The Impact of Evolving IT Security Concerns On Cornell Information Technology Policy.
1 Policy Types l Program l Issue Specific l System l Overall l Most Generic User Policies should be publicized l Internal Operations Policies should be.
CU – Boulder Security Incidents Jon Giltner. Our Challenge.
Leveraging the InCommon Federation to access the NSF TeraGrid Jim Basney Senior Research Scientist National Center for Supercomputing Applications University.
1 Updating the ESnet Site Coordinator Model (Presented to SLCCC, June, 2004) Joe Burrescia Mike Collins William E. Johnston DRAFT FOR COMMENT 7/19/04.
©2012, Mika Meyers Beckett & Jones PLC All Rights Reserved Michigan Association of Educational Data Systems Presented by: Jennifer A. Puplava Mika Meyers.
1 NSF/TeraGrid Science Advisory Board Meeting July 19-20, San Diego, CA Brief TeraGrid Overview and Expectations of Science Advisory Board John Towns TeraGrid.
Safe Computing Practices. Why would anyone want to hack me? 1 Krebs, Brian - “The Scrap Value of a Hacked PC, Revisited”, 12 Oct 2012,
Challenges of Federated Authentication to TeraGrid and Open Science Grid Jim Basney
Sergiu April 2006June 2006 Overview of TeraGrid Security Working Group Activities James Marsteller CISSP, Working Group Chair.
RDCRN Data Management Coordination Center (DMCC) U54 RFA-OD Overview.
(2011) Security Breach Compromises 75,000 Staff/Student Social Security Numbers Image from this Site Presenters: Aron Eisold, Matt Mickelson, Bryce Nelson,
JSPG Update David Kelsey MWSG, Zurich 31 Mar 2009.
SAN DIEGO SUPERCOMPUTER CENTER at the UNIVERSITY OF CALIFORNIA, SAN DIEGO Tapping into National Cyberinfrastructure Resources Donald Frederick SDSC
Leveraging the InCommon Federation to access the NSF TeraGrid Jim Basney, Terry Fleury, Von Welch TeraGrid Round Table Update May 21, 2009.
Leveraging Campus Authentication to Access the TeraGrid Scott Lathrop, Argonne National Lab Tom Barton, U Chicago.
Security Bob Cowles
Cyber Security Issues in HEP and NP Grids Bob Cowles — SLAC NC August 2004.
OSG VO Security Policies and Requirements Mine Altunay OSG Security Team July 2007.
TYLER GROUP
Gateways security Aashish Sharma Security Engineer National Center for Supercomputing Applications (NCSA) University of Illinois at Urbana-Champaign.
Data Breach ALICAP, the District Insurance Provider, is Now Offering Data Breach Coverage as Part of Our Blanket Coverage Package 1.
National Center for Supercomputing Applications University of Illinois at Urbana-Champaign This material is based upon work supported by the National Science.
Tom Barton, Senior Director for Integration, University of Chicago
Open Science Grid Consortium Meeting
Data Compromises: A Tax Practitioners “Nightmare”
Are you ready for a federated security incident?
Federated Identity to Support Collaboration in the CIC
Looking for Gmail Help? JUST CALL (800)
Unfortunately, any small business could face the risk of a data breach or cyber attack. Regardless of how big or small your business is, if your data,
ETSI role in Identity Management and Identification Systems
Federated Environments and Incident Response: The Worst of Both Worlds
What are IAM Key Processes.
Federated Incident Response
TeraGrid Identity Federation Testbed Update I2MM April 25, 2007
TRACE INITIATIVE: Confidentiality, Data Security, and Procedures for Protocol Violation or Adverse Event.
Presentation transcript:

National Center for Supercomputing Applications University of Illinois at Urbana-Champaign Federated Incident Response Jim Basney

Federated Incident Response Motivation Federated identity used for activities of consequence Access to NSF cyberinfrastructure (TeraGrid, …) Access to wireless networks (eduroam, …) Access to federal grant management (NSF, NIH, …) Access to commercial services (Dreamspark, …) … Effective security incident response in federated identity environments requires cross-organizational cooperation Prepare now – stay ahead of the curve

CIC IDM WG TeraGrid Pilot Committee on Institutional Cooperation ( Consortium of Big Ten universities plus U Chicago U Nebraska joining July 2011 CIC Identity Management Working Group TeraGrid Pilot sub-group Co-chairs: Von Welch, Keith Wessel (Illinois) Active participants: Jim Basney (Illinois), Michael Grady (Illinois), Matt Kolb (Michigan State), Rob Stanfield (Purdue) Drafting a Federated IDM Security Incident Response Policy Federated Incident Response

Federated Incident Response Policy Draft documents at Does not supplant existing local policies, but augments them Defines responsibilities and roles of identity providers, service providers, federation operators, and users Service providers have ultimate authority to protect and control access to their services Federated Incident Response

Security Incident Defined An act of violating an explicit or implied security policy Examples Password theft Computer compromise Data privacy breach … Federated Incident Response

Federated Incident Response Philosophy “Do for others as you would do for yourself.” Treat a federated security incident like you would treat an internal security incident Promptly acknowledge incident reports Investigate incidents Notify affected parties when incidents are resolved Notify affected parties and share relevant information Service Providers Identity Providers Federation Operators Maintain the confidentiality of incident information Keep audit logs to facilitate incident investigation Federated Incident Response

Federated Incident Response Example University Identity Provider + TeraGrid Service Provider TeraGrid discovers account misuse caused by compromise of federated identity Response process TeraGrid disables user accounts at TeraGrid sites TeraGrid contacts University University investigates, contacts user, resets user password, etc. University notifies TeraGrid when incident is resolved TeraGrid re-enables user accounts at TeraGrid sites Federated identity introduces need for coordination with home organization, rather than (just) direct interaction between TeraGrid security and TeraGrid users Federated Incident Response

Proposed InCommon Operational Changes Add security incident response contact information to Participant Operational Practices (POP) documents InCommon metadata Security contact information can include URL for incident response practices/policies and public keys address Telephone number Federated Incident Response

For more information Federated Incident Response

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.