Presentation is loading. Please wait.

Presentation is loading. Please wait.

Directory/Inventory – info sharing for security people

Published byNatalie Summers Modified over 6 years ago

Similar presentations

Presentation on theme: "Directory/Inventory – info sharing for security people"— Presentation transcript:

1 Directory/Inventory – info sharing for security people
Linda Cornwall, SIG-ISM 23rd Feb 2017

2 Main points Some information is public (e.g. already available on public web page) Some information is private We define level 1 information as information which is public We cannot tell people what they want to make public We define level 2 information as information which we share between ourselves We define level 3 as information which is more sensitive

3 Who do we share with? I reckon security people within NREN/Projects/Institutes Not just security officers? I’m not a security officer There are many security functions

4 Level 1, what to include Suggest 1 top level table containing
Name of NREN/ Institute /Project 1 sentence description Location of NREN/Institute/Project table (in SIG-ISM) Location of public web page belonging to the NREN/Institute/Project

5 Then table per NREN/Institute/Project
Name Link to homepage Description ISM description Link if public Policy docs (public/not public) - Link if public Software Vulnerability handling – Link to procedure, advisories Other Incident Prevention Incident Response Contact information (what is public)

6 Top level table EGI geant wiki page/table within SIG-ISM,
Name and local link NREN/Institute/Project Local Public geant Wiki link What is it? Public web EGI Distributed computing Project for research FIC-NREN Fictional NREN …… EGI geant wiki page/table within SIG-ISM,

7 Then for e.g. for EGI Distributed Computing Infrastructure for Research incorporating over 300 datacentres EGI EGI Intranet (public) EGI Wiki – much technical documentation Security Policy Documentation Incident prevention – Software Vulnerability Group Report a vulnerability Report-vulnerability at egi.eu Incident prevention - Security Monitoring Sites monitored for critical vulnerabilities, not public CSIRT – report a security incident Abuse at egi.eu Security Incident handling procedure Security Officer Not public .

8 FIC-NREN Fictional NREN just to demonstrate FIC-NREN
Security Policy Documentation Not public Incident prevention

9 Alternative – 1 big table
NREN/ Project/ Institute Description Public home Page Security Contact or officer Policy Docs Vulnerability Handling Incident Handling Report Incident Other EGI Distributed Infrastructure Not public Abuse at egi.eu FIC-NREN NREN I tend to prefer the ‘page’ per NREN/ Project/ Institute Decided don’t like this. But a table could work too as this would illustrate which NRENs are making what public

10 What do I think should be public?
Policy documentation Procedure for handling vulnerabilities Procedure for handling incidents Most documentation such as TOR or procedures - which doesn’t identify specific security risks, problems. addresses for reporting problems Generic, not an individual With anti-spam – e.g. a ‘picture’ or security at nren But it is up to projects/NRENs/institutes to decide

11 Sharing level 2 info This needs to be controlled
Can this be a ‘Private’ wiki? Who can have access? 2 options

12 Level 2 – Option 1 - Known to us
To register, a group of us need to know the people, i.e. a group of (say) of us This we can register people we know Then people we know can recommend 1 other person No further away than that We know someone we trust, we trust them to recommend someone, but no more than ‘1 away’ In addition need institute ?

13 Level 2 – Option 2 - institute e-mail
If people have an institute – is this enough? We register people on request, provided they have an institute , and provided they agree to not make info public. This is simpler, and probably enough E.g. for EGI SVG “we ask for you to agree not to reveal information you learn about specific vulnerabilities which is not public except as part of the procedure without the agreement of the group.”

14 What should we share at level 2?
Whatever people wish Table of NREN/Institute/Project – link to wiki page (within SIG-ISM) for that institute People put on that non-public page what they wish Recommend name and security officers, who to contact for non-public documents etc.

15 Who edits? If wiki page level 1 and level 2 per project/institute/NREN – can give member of that project access rights. People edit their own page. GEANT sig-ism wiki probably has the authz in place.

16 Other Each NREN/Project defines what roles there are
Different people organise things differently NREN/Project responsible for keeping up to date Check every 6 months is up to date Confirm Who do we allow who don’t we allow What vetting mechanism?

17 Who can join in? Limited to education and research Start in Europe
Later maybe go global.

18 Level 3 info More sensitive More controlled Probably a longer term aim
Bart Bosmia ed SCIRT – SURFnet Cooperating Incident Response Teams – good starting point Need a group where people ‘volunteer’ To join group all members need to have the opportunity to O.K. or object Further in the future. Start with level 1 and level 2.

19 Other ideas to include Public key – X509?
Info for secure communication?

20 How secure is the wiki? Whatever we put, the security level of the wiki itself must be good enough for the info. FOTIS in charge??

21 Getting started 1st page – table of NRENs
Points to page per NREN with public info. Start with level 1 and level 2 Have some templates for minimum info required. I’ll details to Sigita what is needed, action on me. Later think also about ‘virtual water cooler’, other virtual meetings. Groups within this.

22 Summary Set up a wiki for level 1 public info
Up to people what they share Set up a wiki for level 2 info Prefer a wiki page within SIG-ISM in each case which individual NREN/Institute/Project can edit Restrict to Education and Research Level 3, other facilities – later

Download ppt "Directory/Inventory – info sharing for security people"

Similar presentations

Smarter software for smarter travel Car & Journey Sharing travel and parking solutions Jambusters.

Smarter software for smarter travel Car & Journey Sharing travel and parking solutions Jambusters.
Protecting children online  How can you protect your child online?  Are you aware of the dangers?  Do you know what you can put in place to protect.

Protecting children online  How can you protect your child online?  Are you aware of the dangers?  Do you know what you can put in place to protect.
DISPUTES & INVESTIGATIONS ECONOMICS FINANCIAL ADVISORY MANAGEMENT CONSULTING Joining LinkedIn How to Register, Follow Navigant & Join the Conversation.

DISPUTES & INVESTIGATIONS ECONOMICS FINANCIAL ADVISORY MANAGEMENT CONSULTING Joining LinkedIn How to Register, Follow Navigant & Join the Conversation.
Authorization WG Update David Kelsey EU Grid PMA, Copenhagen 27 May 2008.

Authorization WG Update David Kelsey EU Grid PMA, Copenhagen 27 May 2008.
INFSO-RI-508833 Enabling Grids for E-sciencE Update on LCG/EGEE Security Policy and Procedures David Kelsey, CCLRC/RAL, UK

INFSO-RI Enabling Grids for E-sciencE Update on LCG/EGEE Security Policy and Procedures David Kelsey, CCLRC/RAL, UK
0-1 Team # Status Report (1 of 4) Client Contact –Point 1 –Point 2 Team Meetings –Point 1 –Point 2 Team Organization –Point 1 –Point 2 Team #: Team Name.

0-1 Team # Status Report (1 of 4) Client Contact –Point 1 –Point 2 Team Meetings –Point 1 –Point 2 Team Organization –Point 1 –Point 2 Team #: Team Name.
0-1 Team # Status Report (1 of 4) Client Contact –Status Point 1 –Status Point 2 Team Meetings –Status Point 1 –Status Point 2 Team Organization –Description.

0-1 Team # Status Report (1 of 4) Client Contact –Status Point 1 –Status Point 2 Team Meetings –Status Point 1 –Status Point 2 Team Organization –Description.
Www.egi.eu EGI-InSPIRE RI-261323 EGI-InSPIRE www.egi.eu EGI-InSPIRE RI-261323 EGI Security Policy Group Summary EGI TF David Kelsey 6/28/2015 1.

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI EGI Security Policy Group Summary EGI TF David Kelsey 6/28/
Www.egi.eu EGI-InSPIRE RI-261323 EGI-InSPIRE www.egi.eu EGI-InSPIRE RI-261323 The EGI Software Vulnerability Group and EMI Dr Linda Cornwall, STFC, Rutherford.

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI The EGI Software Vulnerability Group and EMI Dr Linda Cornwall, STFC, Rutherford.
Www.egi.eu EGI-Engage www.egi.eu Recent Experiences in Operational Security: Incident prevention and incident handling in the EGI and WLCG infrastructure.

EGI-Engage Recent Experiences in Operational Security: Incident prevention and incident handling in the EGI and WLCG infrastructure.
Email Information guide.

Information guide.
What if you suspect a security incident or software vulnerability? What if you suspect a security incident at your site? DON’T PANIC Immediately inform:

What if you suspect a security incident or software vulnerability? What if you suspect a security incident at your site? DON’T PANIC Immediately inform:
Operational Security Working Group Topics Incident Handling Process –OSG Document Review & Comments:

Operational Security Working Group Topics Incident Handling Process –OSG Document Review & Comments:
National Center for Supercomputing Applications University of Illinois at Urbana-Champaign Developing a Comprehensive GENI Cyber Security Program Adam.

National Center for Supercomputing Applications University of Illinois at Urbana-Champaign Developing a Comprehensive GENI Cyber Security Program Adam.
Www.egi.eu EGI-Engage www.egi.eu Recent Experiences in Operational Security: Incident prevention and incident handling in the EGI and WLCG infrastructure.

EGI-Engage Recent Experiences in Operational Security: Incident prevention and incident handling in the EGI and WLCG infrastructure.
What if you suspect a security incident or software vulnerability? What if you suspect a security incident at your site? DON’T PANIC Immediately inform:

What if you suspect a security incident or software vulnerability? What if you suspect a security incident at your site? DON’T PANIC Immediately inform:
Deployment Issues David Kelsey GridPP13, Durham 5 Jul 2005

Deployment Issues David Kelsey GridPP13, Durham 5 Jul 2005
Www.egi.eu EGI-InSPIRE RI-261323 EGI-InSPIRE www.egi.eu EGI-InSPIRE RI-261323 EGI Federated Cloud F2F Security Issues in the cloud Introduction Linda Cornwall,

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI EGI Federated Cloud F2F Security Issues in the cloud Introduction Linda Cornwall,
Security Policy Update LCG GDB Prague, 4 Apr 2007 David Kelsey CCLRC/RAL

Security Policy Update LCG GDB Prague, 4 Apr 2007 David Kelsey CCLRC/RAL
Security Vulnerabilities Linda Cornwall, GridPP15, RAL, 11 th January 2006

Security Vulnerabilities Linda Cornwall, GridPP15, RAL, 11 th January 2006

Similar presentations

Ads by Google