Presentation is loading. Please wait.

Presentation is loading. Please wait.

Tom Barton (WG Chair) University of Chicago and Internet2

Published byTracy Goodwin Modified over 5 years ago

Similar presentations

Presentation on theme: "Tom Barton (WG Chair) University of Chicago and Internet2"— Presentation transcript:

1 Tom Barton (WG Chair) University of Chicago and Internet2
SIRTFI WG Update Tom Barton (WG Chair) University of Chicago and Internet2

2 SIRTFI - security incident response trust framework for federated identity
Be willing to collaborate in responding to a federated security incident. Apply basic operational security protections to your federated entities in line with your organization’s priorities. Self-assert SIRTFI “tag” so that others will know to trust this about you.

3 Overall arc of work1 Sirtfi v1.0 and related Done
Establish means to indicate compliance and how to contact Define roles and responsibilities of the various parties in managing federated security incidents, information sharing guidelines, tools, procedures, and templates In process Establish means for proactive notification of an account compromise when it can be expected to produce a substantial impact to an at-risk SP organisation Queued [1]

4 Current deliverables Incident Response in R&E Federations
Handbook intended to minimise time to mount an effective response to an incident increase sharing of useful non-confidential info Per-role documents Provide people with the details they need when they need it, material from the handbook by role Template IR policies for fed operators Give federations (& other orgs?) a starting point if they need it SIRTFI website Where to go for everything IR in R&E Feds

5 Incident Response for R&E Federations: Outline
Intro What Triggers an Incident Response? Stages of Federated Incident Response On-Going Preparatory Activities Handling the “Something’s Odd” Report and Opening an Incident Adding New Members to the IR Team Identify, Contain, and Eradicate Recovery Incident Wrap-Up Table of All Roles and All Responsibilities Appendices (sharing guidelines, templates, preparation guides)

6 Incident Response Team Support Organisation
An actual organisation is needed to anchor Fed IR processes, pay license costs, provide support staffing: Maintain readiness of IR Team collaboration tools Secure chat Secure file drop On-board persons to an IR Team Coordination of “Something’s Odd” report and opening an incident Incident coordinator, or identify each incident’s coordinator Maintain SIRTFI website Queued: possible role in implementing proactive notification

7 Related activities Sirtfi+ Registry incubation
GÉANT-developed security contact checking tool InCommon POC for keeping security contacts fresh eduGAIN security team Security Communications Challenge Coordination Joint Working Group WISE, SIG-ISM, IGTF, REFEDS, anyone who wants to pitch in Any others, besides SIRTFI? Established sharing and response centers: REN-ISAC, CSIRTs, ...

Download ppt "Tom Barton (WG Chair) University of Chicago and Internet2"

Similar presentations

Identifying and Responding to Security Incidents in the Law Firm

Identifying and Responding to Security Incidents in the Law Firm
Disaster Recovery and Business Continuity Ensuring Member Service in Times of Crisis.

Disaster Recovery and Business Continuity Ensuring Member Service in Times of Crisis.
Security Incident Response Trust Framework for Federated Identity (Sir-T-Fi) David Kelsey (STFC-RAL) REFEDS, Indianapolis 26 Oct 2014 and now abbreviated.

Security Incident Response Trust Framework for Federated Identity (Sir-T-Fi) David Kelsey (STFC-RAL) REFEDS, Indianapolis 26 Oct 2014 and now abbreviated.
Trust and Security for FIM (Sirtfi/SCI) David Kelsey (STFC-RAL) FIM4R at CERN 4 Feb 2015.

Trust and Security for FIM (Sirtfi/SCI) David Kelsey (STFC-RAL) FIM4R at CERN 4 Feb 2015.
INFSO-RI-508833 Enabling Grids for E-sciencE Incident Response Policies and Procedures Carlos Fuentes

INFSO-RI Enabling Grids for E-sciencE Incident Response Policies and Procedures Carlos Fuentes
Operational Security Working Group Topics Incident Handling Process –OSG Document Review & Comments:

Operational Security Working Group Topics Incident Handling Process –OSG Document Review & Comments:
Sirtfi David Kelsey (STFC-RAL) REFEDS at TNC15 14 June 2015.

Sirtfi David Kelsey (STFC-RAL) REFEDS at TNC15 14 June 2015.
1 Unit 4 – PEMS roles and Responsibilities. Unit 4PEMS Roles and Responsibilities Goals: Understanding roles and responsibilities of emergency preparedness.

1 Unit 4 – PEMS roles and Responsibilities. Unit 4PEMS Roles and Responsibilities Goals: Understanding roles and responsibilities of emergency preparedness.
Overview – Indistar® SSOS Online Web Tool in comparison to the publication “ Evaluating the Statewide System of Support” Assessment Process Planning Process.

Overview – Indistar® SSOS Online Web Tool in comparison to the publication “ Evaluating the Statewide System of Support” Assessment Process Planning Process.
INTRODUCTION: THE FIRST TRY InCommon eduGAIN Policy and Community Working Group.

INTRODUCTION: THE FIRST TRY InCommon eduGAIN Policy and Community Working Group.
Data Governance 101. Agenda  Purpose  Presentation (Elijah J. Bell) Data Governance Data Policy Security Privacy Contracts  FERPA—The Law  Q & A.

Data Governance 101. Agenda  Purpose  Presentation (Elijah J. Bell) Data Governance Data Policy Security Privacy Contracts  FERPA—The Law  Q & A.
Compliance Monitoring and Enforcement Audit Program - The Audit Process.

Compliance Monitoring and Enforcement Audit Program - The Audit Process.
SecSDLC Chapter 2.

SecSDLC Chapter 2.
1 CREATING AND MANAGING CERT. 2 Internet Wonderful and Terrible “The wonderful thing about the Internet is that you’re connected to everyone else. The.

1 CREATING AND MANAGING CERT. 2 Internet Wonderful and Terrible “The wonderful thing about the Internet is that you’re connected to everyone else. The.
INTRODUCTION: THE FIRST TRY InCommon eduGAIN Policy and Community Working Group.

INTRODUCTION: THE FIRST TRY InCommon eduGAIN Policy and Community Working Group.
California Department of Public Health / 1 CALIFORNIA DEPARTMENT OF PUBLIC HEALTH Standards and Guidelines for Healthcare Surge during Emergencies How.

California Department of Public Health / 1 CALIFORNIA DEPARTMENT OF PUBLIC HEALTH Standards and Guidelines for Healthcare Surge during Emergencies How.
INTRODUCTION TO IDENTITY FEDERATIONS Heather Flanagan, NSRC.

INTRODUCTION TO IDENTITY FEDERATIONS Heather Flanagan, NSRC.
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 17 – IT Security.

Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 17 – IT Security.
SCI & Sirtfi David Kelsey (STFC-RAL) EGI Conference, Lisbon 19 May 2015.

SCI & Sirtfi David Kelsey (STFC-RAL) EGI Conference, Lisbon 19 May 2015.
Security Incident Response Trust Framework for Federated Identity (Sir-T-Fi) David Kelsey (STFC-RAL) REFEDS, Indianapolis 26 Oct 2014.

Security Incident Response Trust Framework for Federated Identity (Sir-T-Fi) David Kelsey (STFC-RAL) REFEDS, Indianapolis 26 Oct 2014.

Similar presentations

Ads by Google