Prom oting security best practice Rom ain W artel rd EGEE - - PowerPoint PPT Presentation

prom oting security best practice
SMART_READER_LITE
LIVE PREVIEW

Prom oting security best practice Rom ain W artel rd EGEE - - PowerPoint PPT Presentation

Apr 23, 2023 586 likes •735 views

Enabling Grids for E-sciencE Prom oting security best practice Rom ain W artel rd EGEE conference, Athens, 18-22 April 2005 3 www.eu-egee.org W hy? Most sites have sim ilar security issues Heterogeneous groups of system s adm

slide-1
SLIDE 1

Enabling Grids for E-sciencE

www.eu-egee.org

Prom

  • ting security best practice

Rom ain W artel 3

rd EGEE conference, Athens, 18-22 April 2005

slide-2
SLIDE 2

3

rd EGEE Conference, 18-22 April 2005, Athens, Greece

2 15:07

W hy?

  • Most sites have sim

ilar security issues

  • Heterogeneous groups of system

s adm inistrators

  • Experience from

security incidents is extrem ely useful

  • Good ideas should be spread am
  • ngst the com

m unity Guidelines & best practice should be advertised *BUT*

  • Inform

ation m ust be kept up-to-date

  • A single source of inform

ation is not enough

  • Maintaining coherent inform

ation am

  • ngst m

any sites is difficult

slide-3
SLIDE 3

3

rd EGEE Conference, 18-22 April 2005, Athens, Greece

3 15:07

System architecture

e-Science Centre

Guidelines & best practice repository

feedback diffusion

slide-4
SLIDE 4

3

rd EGEE Conference, 18-22 April 2005, Athens, Greece

4 15:07

Authoring m echanism

  • W

eb interface, currently using Serendipity

  • Using Gridsite authentication

(x509 certificates)

  • Contributions centralized and

published by “trusted” people

slide-5
SLIDE 5

3

rd EGEE Conference, 18-22 April 2005, Athens, Greece

5 15:07

Publication m echanism

Guidelines & best practice repository

Contributions W eb pages M ailing list

  • The inform

ation is published via:

– W eb pages – email – RSS feed

slide-6
SLIDE 6

3

rd EGEE Conference, 18-22 April 2005, Athens, Greece

6 15:07

Getting the inform ation on the W eb 1/3

slide-7
SLIDE 7

3

rd EGEE Conference, 18-22 April 2005, Athens, Greece

7 15:07

Getting the inform ation on the W eb 2/3

slide-8
SLIDE 8

3

rd EGEE Conference, 18-22 April 2005, Athens, Greece

8 15:07

Getting the inform ation on the W eb 3/3

slide-9
SLIDE 9

3

rd EGEE Conference, 18-22 April 2005, Athens, Greece

9 15:07

Getting the inform ation via RSS

slide-10
SLIDE 10

3

rd EGEE Conference, 18-22 April 2005, Athens, Greece

10 15:07

Getting the inform ation by em ail

slide-11
SLIDE 11

3

rd EGEE Conference, 18-22 April 2005, Athens, Greece

11 15:07

Current architecture sum m ary

  • XML based, recognized standard
  • W

idespread technology: m any clients and APIs

  • Enables injecting security inform

ation within existing W ebsites

  • Enables filtering of the inform

ation

  • Any webm

aster can use the feed

  • Coherent, up-to-date inform

ation is available

  • Design up to W

ebm asters, but som e layout can be pushed However:

  • RSS requires a server-side m

echanism

  • W

ebm asters need to trust the authors or perform m anual updates

slide-12
SLIDE 12

3

rd EGEE Conference, 18-22 April 2005, Athens, Greece

12 15:07

Future

W e need to:

  • Provide better, m
  • re targeted content
  • Provide a second layer of inform

ation, via external W eb pages

  • Receive contributions from

the com m unity

  • Deploy the m

echanism am

  • ngst m
  • re sites
  • Im

prove the way the inform ation is sorted

slide-13
SLIDE 13

3

rd EGEE Conference, 18-22 April 2005, Athens, Greece

13 15:07

Q&A

Questions?