what do all ngis need to do
play

What do ALL NGIs need to do? Requirements for operational security - PowerPoint PPT Presentation

Oct 29, 2023 •180 likes •311 views

Enabling Grids for E-sciencE What do ALL NGIs need to do? Requirements for operational security Sven Gabriel (Nikhef) EGEE Operational Security Coordination Team http://cern.ch/osct/ www.eu-egee.org Information Society and media EGEE-III

  1. Enabling Grids for E-sciencE What do ALL NGIs need to do? Requirements for operational security Sven Gabriel (Nikhef) EGEE Operational Security Coordination Team http://cern.ch/osct/ www.eu-egee.org Information Society and media EGEE-III INFSO-RI-222667 EGEE to EGI Transition Meeting: User Community & Operations , 1. - 3. March 2010 , Amsterdam - The Netherlands 1

  2. Introduction/Outline Enabling Grids for E-sciencE • OSCT: Current set up • OSCT: Current activity/daily business • EGI-CSIRT: Planned Setup • EGI-CSIRT: Requirements to NGIs (bare minimum!) • EGI-CSIRT: NGI Security Officer activities (examples) • Documents • Dates EGEE-III INFSO-RI-222667 EGEE to EGI Transition Meeting: User Community & Operations , 1. - 3. March 2010 , Amsterdam - The Netherlands 2

  3. EGEE Security Groups Enabling Grids for E-sciencE • EGEE Security Coordination Group (SCG) coordinates the overall security work. • Middleware Security Group (MWSG) security architecture (EGI: SSG). • Joint Security Policy Group (JSPG) security policies. (EGI: SPG) • EGEE Security Middleware Development (EGEE/JRA1/Security) gLite security development. • Grid Security Vulnerability Group (GSVG) finding and eliminating Grid security vulnerabilities. (EGI: SVG funding ?) • EUGridPMA coordinating Grid authentication in e-Science. EGEE-III INFSO-RI-222667 EGEE to EGI Transition Meeting: User Community & Operations , 1. - 3. March 2010 , Amsterdam - The Netherlands 3

  4. OSCT Mission Enabling Grids for E-sciencE OSCT Mission: The EGEE Operational Security Coordination Team (OSCT) provides an operational response to security threats against the EGEE infrastructure. It mainly focuses on computer security incidents handling, by providing reporting channels, pan-regional coordination and support. It also deals with security monitoring on the Grid and provides best practice and advice to Grid system administrators. The OSCT is lead by the EGEE/LCG Security Officer and includes Security Contacts from each EGEE region. They are providing support for daily security operations as part of an on-duty rota. EGEE-III INFSO-RI-222667 EGEE to EGI Transition Meeting: User Community & Operations , 1. - 3. March 2010 , Amsterdam - The Netherlands 4

  5. OSCT Current Setup Enabling Grids for E-sciencE EGEE-III INFSO-RI-222667 EGEE to EGI Transition Meeting: User Community & Operations , 1. - 3. March 2010 , Amsterdam - The Netherlands 5

  6. OSCT Activities, to be cont’d in EGI CSIRT Enabling Grids for E-sciencE • Computer security incidents handling (Duty-Contact on rota basis): • Security monitoring (SAM-Tests, Pakiti, ..., transition to EGI unclear) • Training/Dissemination: Collaboration with other CSIRTS, Best practice, Security training (see also slide on Documents). • Security Drills • Incident Response Procedure EGEE-III INFSO-RI-222667 EGEE to EGI Transition Meeting: User Community & Operations , 1. - 3. March 2010 , Amsterdam - The Netherlands 6

  7. EGI CSIRT Enabling Grids for E-sciencE EGEE-III INFSO-RI-222667 EGEE to EGI Transition Meeting: User Community & Operations , 1. - 3. March 2010 , Amsterdam - The Netherlands 7

  8. Requirements Enabling Grids for E-sciencE Administrative (NGI-Manager) • Identify/appoint ”NGI Security Officer”, preferably in coordination with the NREN CSIRT. • Introduce/announce her/him to the Sites in the NGI and to EGI CSIRT. • Maintain/update related Information in the GOC-DB. • NGI Security Officer should attend EGI CSIRT Face2Face Meetings (approx 2/year) • Provide regional (security) monitoring. EGEE-III INFSO-RI-222667 EGEE to EGI Transition Meeting: User Community & Operations , 1. - 3. March 2010 , Amsterdam - The Netherlands 8

  9. Requirements Enabling Grids for E-sciencE EGEE-III INFSO-RI-222667 EGEE to EGI Transition Meeting: User Community & Operations , 1. - 3. March 2010 , Amsterdam - The Netherlands 8

  10. Requirements Enabling Grids for E-sciencE EGI Security: NGI-CSIRT Function NGI Security Officer (Minimum) • Coordinate the security activities within the NGI. • Act as a contact point for security issues in the NGI for the rest of the infrastructure. • Contribute to the EGI CSIRT. • Participate in the EGI security groups as necessary. EGEE-III INFSO-RI-222667 EGEE to EGI Transition Meeting: User Community & Operations , 1. - 3. March 2010 , Amsterdam - The Netherlands 8

  11. NGI Security Officer add’l contributions Enabling Grids for E-sciencE • Make sure the communication channels to the site security contacts work properly. • Run/Maintain central services used for operational security within the NGI. • Run/support Security-Drills in the region. • Participate in EGI CSIRT activities like: – Training/Dissemination – Security Monitoring – Run/support Security-Drills in the region. EGEE-III INFSO-RI-222667 EGEE to EGI Transition Meeting: User Community & Operations , 1. - 3. March 2010 , Amsterdam - The Netherlands 9

  12. Add’l Documents and Links Enabling Grids for E-sciencE The currently approved policies/procedures for EGEE remain valid in EGI. • http://cern.ch/osct (Policies, Incident-Response-Procedure, Incident-Reporting, Dissemination, Monitoring, Security Drills) • https://twiki.cern.ch/twiki/bin/view/LCG/OSCT • further info will be on http://cern.ch/OSCT/EGI/ Incident reporting: • OSCT: project-egee-osct@cern.ch • project-egee-security-csirts@in2p3.fr • project-egee-security-contacts@in2p3.fr Vulnerability reporting: • grid-vulnerability-report@cern.ch EGEE-III INFSO-RI-222667 EGEE to EGI Transition Meeting: User Community & Operations , 1. - 3. March 2010 , Amsterdam - The Netherlands 10

  13. Dates - Questions? Enabling Grids for E-sciencE All NGI-Security-Officers are invited to OSCT Face-Face-Meeting 22. - 23. March, Amsterdam. https://www.nikhef.nl/grid/meetings/osctf2f2010/ Questions? EGEE-III INFSO-RI-222667 EGEE to EGI Transition Meeting: User Community & Operations , 1. - 3. March 2010 , Amsterdam - The Netherlands 11

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Grid Oversight, Status and Issues Ron Trompert COD 1 www.egi.eu www.egi.eu EGI-InSPIRE

Grid Oversight, Status and Issues Ron Trompert COD 1 www.egi.eu www.egi.eu EGI-InSPIRE

9/19/12 EGI-InSPIRE Grid Oversight, Status and Issues Ron Trompert COD 1 www.egi.eu www.egi.eu EGI-InSPIRE RI-261323 EGI-InSPIRE RI-261323 AP www.egi.eu EGI-InSPIRE RI-261323 History Transition from 10 ROCs to now 37 NGIs

621 views • 23 slides
So You Want to Be an Information Security Officer? Presented by: Art Bakke Information Security

So You Want to Be an Information Security Officer? Presented by: Art Bakke Information Security

So You Want to Be an Information Security Officer? Presented by: Art Bakke Information Security Officer Background Personal Starion Bank Arts Goals Highlight the typical responsibilities of an Information Security Officer from

778 views • 22 slides
EUDAT AND SECURITY Urpo Kaila, EUDAT Security Officer urpo.kaila@csc.fi, security@eudat.eu WISE W

EUDAT AND SECURITY Urpo Kaila, EUDAT Security Officer urpo.kaila@csc.fi, security@eudat.eu WISE W

EUDAT AND SECURITY Urpo Kaila, EUDAT Security Officer urpo.kaila@csc.fi, security@eudat.eu WISE W orkshop for I nformation S ecurity for E -infrastructures 2015-10-20, Barcelona This work is licensed under the Creative Commons CC-BY 4.0

563 views • 30 slides
How to set up a CSIRT in an ITIL driven organization Christian Proschinger Raiffeisen Informatik

How to set up a CSIRT in an ITIL driven organization Christian Proschinger Raiffeisen Informatik

How to set up a CSIRT in an ITIL driven organization Christian Proschinger Raiffeisen Informatik GmbH Introduction R-IT CERT Idea Introduction to ITIL Example Vulnerability Management Lessons Learned How to set up a CSIRT in

380 views • 16 slides
Policy Based Security Management for IPSec Luis A. Sanchez August 25, 1998 Page 1 Page 1

Policy Based Security Management for IPSec Luis A. Sanchez August 25, 1998 Page 1 Page 1

Policy Based Security Management for IPSec Luis A. Sanchez August 25, 1998 Page 1 Page 1 Outline Problems Requirements A Solution Next Step Page 2 Page 2 Problems Need a common security policy specification language

201 views • 6 slides
Grid Operational Security: from EGEE to EGI Mingchao Ma STFC RAL, UK ISGC 2010, Taipei,

Grid Operational Security: from EGEE to EGI Mingchao Ma STFC RAL, UK ISGC 2010, Taipei,

Grid Operational Security: from EGEE to EGI Mingchao Ma STFC RAL, UK ISGC 2010, Taipei, Taiwan Overview Current EGEE operational security Transition - a regional view ROC in EGEE NGI in EGI Challenges in EGI and

638 views • 19 slides
The work of security teams Mateusz Kocielski shm@NetBSD.org LogicalTrust pkgsrccon Krak ow,

The work of security teams Mateusz Kocielski shm@NetBSD.org LogicalTrust pkgsrccon Krak ow,

The work of security teams Mateusz Kocielski shm@NetBSD.org LogicalTrust pkgsrccon Krak ow, July 02, 2016 THANKS kamil@ & co-organizers THANKS kamil@ & co-organizers *applause.wav* whoami(1) pentester at LogicalTrust

355 views • 18 slides
MANAGING INF ORMAT ION PRIVACY & SE CURIT Y RE MOT E L Y Pr e se nte d by: Mar y

MANAGING INF ORMAT ION PRIVACY & SE CURIT Y RE MOT E L Y Pr e se nte d by: Mar y

MANAGING INF ORMAT ION PRIVACY & SE CURIT Y RE MOT E L Y Pr e se nte d by: Mar y Golab, IPO In c ollabor ation with Damian Hollow, URO & She lle y Gar r e tt, CISO Offic e F OI P L ia iso n Offic e r (F L O) Me e ting

263 views • 12 slides
Parameterized Verification goes Safety Analysis of Access Control Policies Silvio Ranise ,

Parameterized Verification goes Safety Analysis of Access Control Policies Silvio Ranise ,

Parameterized Verification goes Safety Analysis of Access Control Policies Silvio Ranise , Riccardo Traverso, Anh Truong FBK-Irst, Trento, Italy Metodi dichiarativi nella verifica di sistemi parametrici Milano, 25-26 Settembre, 2014 Ranise

577 views • 40 slides
BUSINESS AND SECURITY Chris Klimek TALKING POINTS PERSONAL BUSINESS IMPORTANCE EXTERNAL

BUSINESS AND SECURITY Chris Klimek TALKING POINTS PERSONAL BUSINESS IMPORTANCE EXTERNAL

BUSINESS AND SECURITY Chris Klimek TALKING POINTS PERSONAL BUSINESS IMPORTANCE EXTERNAL BRAND UNDERSTANDI OF FACTORS NG SECURITY LOOKING FOR THE RIGHT FIT Walk me through the process of how you would start looking for a job or

916 views • 45 slides
OPERATING SEGMENT RECONCILIATION 1Q 2018 SHW Operating Segments: 1Q 2018 Latin America

OPERATING SEGMENT RECONCILIATION 1Q 2018 SHW Operating Segments: 1Q 2018 Latin America

OPERATING SEGMENT RECONCILIATION 1Q 2018 SHW Operating Segments: 1Q 2018 Latin America Paint Stores Coatings Sales: $2,080.4M Sales: $656.4M Sales: $1,227.8M Profit: $337.4M Profit: $74.2M Profit: $90.8M The Americas Group

458 views • 8 slides
OPERATING SEGMENT RECONCILIATION 3Q 2017 SHW Operating Segments: 3Q 2017 Latin America

OPERATING SEGMENT RECONCILIATION 3Q 2017 SHW Operating Segments: 3Q 2017 Latin America

OPERATING SEGMENT RECONCILIATION 3Q 2017 SHW Operating Segments: 3Q 2017 Latin America Paint Stores Coatings Sales: $2,539.3M Sales: $723.3M Sales: $1,242.3M Profit: $525.6M Profit: $70.4M Profit: $59.6M The Americas Group

572 views • 8 slides
Image Segmentation Image Segmentation: Definitions How do we know which groups of pixels in a

Image Segmentation Image Segmentation: Definitions How do we know which groups of pixels in a

Image Segmentation Image Segmentation: Definitions How do we know which groups of pixels in a Segmentation is the process of partitioning an digital image correspond to the objects to be image into semantically interpretable

766 views • 24 slides
EBLL Response in PBV Units Segment 1: The Basics EBLL L Response e in n PBV V Units

EBLL Response in PBV Units Segment 1: The Basics EBLL L Response e in n PBV V Units

EBLL Response in PBV Units Segment 1: The Basics EBLL L Response e in n PBV V Units Segment 1: The basics Segment 2: Index units Segment 3: Other covered units Key y Acronyms LSHR: Lead Safe Housing Rule PHA: Public

205 views • 8 slides
x86 Memory Protection and Translation Don Porter CSE 506 Lecture Goal Understand the

x86 Memory Protection and Translation Don Porter CSE 506 Lecture Goal Understand the

x86 Memory Protection and Translation Don Porter CSE 506 Lecture Goal Understand the hardware tools available on a modern x86 processor for manipulating and protecting memory Lab 2: You will program this hardware Apologies:

1.1k views • 44 slides
Pareto Improving Segmentation of Multi-product Markets Nima Haghpanah joint with Ron Siegel May

Pareto Improving Segmentation of Multi-product Markets Nima Haghpanah joint with Ron Siegel May

Pareto Improving Segmentation of Multi-product Markets Nima Haghpanah joint with Ron Siegel May 4, 2019 1 / 15 Market Segmentation Firms can segment the market based on available data age, sex, location, browsing history, ... 2 / 15

670 views • 66 slides
Text Segmentation Flow model of discourse Chafe76: Our data ... suggest that as a speaker

Text Segmentation Flow model of discourse Chafe76: Our data ... suggest that as a speaker

Text Segmentation Flow model of discourse Chafe76: Our data ... suggest that as a speaker moves from focus to focus (or from thought to thought) there are certain points at which they may be a more or less radical change in space, time,

836 views • 13 slides
Market Rayees Ahmad sheikh SJMSOM IIT Bombay. Outline Introduction Literature Review

Market Rayees Ahmad sheikh SJMSOM IIT Bombay. Outline Introduction Literature Review

Segmentation in Indian Labour Market Rayees Ahmad sheikh SJMSOM IIT Bombay. Outline Introduction Literature Review Methodology Results Conclusion Introduction Majority of employment in developing countries is in

1.67k views • 21 slides
Art Goes On? Art Education Segment Contributors: Mr Azri, Mr Eugene Foo, Ms Chen Yoke Pin, Dr

Art Goes On? Art Education Segment Contributors: Mr Azri, Mr Eugene Foo, Ms Chen Yoke Pin, Dr

Art Goes On? Art Education Segment Contributors: Mr Azri, Mr Eugene Foo, Ms Chen Yoke Pin, Dr Sarena Abdullah, Ms Emilia Ong, Ms Clare Tan, Ms Li-Hsian Choo, Dr Sharmiza Abu Hassan. Discussion held on the 16th April 2020 Moderated by Dr K.

905 views • 8 slides
Edmund Pendleton Mike Abbot Lindsey Mitchell Instructor Instructor Teaching Assistant Schedule

Edmund Pendleton Mike Abbot Lindsey Mitchell Instructor Instructor Teaching Assistant Schedule

Edmund Pendleton Mike Abbot Lindsey Mitchell Instructor Instructor Teaching Assistant Schedule Review Initial Guidelines Identify Primary Customer Segment (s) Segment Define Define Define Value Define the based on Jobs-to-be-

522 views • 18 slides
Automatic summarization of video data Presented by Danila Potapov Joint work with: Matthijs

Automatic summarization of video data Presented by Danila Potapov Joint work with: Matthijs

Automatic summarization of video data Presented by Danila Potapov Joint work with: Matthijs Douze Zaid Harchaoui Cordelia Schmid LEAR team, Inria Grenoble Khronos-Persyvact Spring School 1.04.2015 Definition A video summary built from

396 views • 15 slides
Outline Background: What is an Online Problem? Maximizing Revenue for the Analyzing Online

Outline Background: What is an Online Problem? Maximizing Revenue for the Analyzing Online

9/5/20 Outline Background: What is an Online Problem? Maximizing Revenue for the Analyzing Online Algorithms: Competitive Analysis Online Dial a Ride Problem Online Dial-A-Ride Problem Related Open Problems Ananya Das Christman

300 views • 10 slides
Model-Based Segmentation and Classification of Gull Trajectories Maike Buchin, Stef Sijben

Model-Based Segmentation and Classification of Gull Trajectories Maike Buchin, Stef Sijben

Introduction Segmentation Classification Experiments Model-Based Segmentation and Classification of Gull Trajectories Maike Buchin, Stef Sijben Visually-supported Computational Movement Analysis 14 June 2016 Model-Based Segmentation and

373 views • 20 slides
CSE 461 Week 5 Section - Midterm Review Mark Guan and Will Bigelow Midterm (5/4) - Logistics -

CSE 461 Week 5 Section - Midterm Review Mark Guan and Will Bigelow Midterm (5/4) - Logistics -

CSE 461 Week 5 Section - Midterm Review Mark Guan and Will Bigelow Midterm (5/4) - Logistics - In class canvas quiz, dont be late - the quiz opens at 12:30, closes at 1:20 - dont cheat OSI Layers Transport Layer (TCP/UDP)

850 views • 59 slides

More recommend