1 / 5

Incident Response Plan for the Open Science Grid

This workshop document outlines the Incident Response Plan for the Open Science Grid, emphasizing the necessity for sites and Virtual Organizations (VOs) to manage security with minimal centralized control. Key points include the need for site incident response plans, secure communications, and tracking systems for reporting grid-related incidents. The timeline details milestones from the formation of the Security Technical Group in June 2004 to the implementation and testing phases in early 2005. Collaboration with other grid infrastructures such as EGEE and LCG is also highlighted.

seth-mendez
Télécharger la présentation

Incident Response Plan for the Open Science Grid

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Incident Response Plan for the Open Science Grid OPERATIONAL SECURITY FOR THE GRID Workshop – GGF12 20 Sep 2004 Bob Cowles – bob.cowles@slac.stanford.edu

  2. Principles • OSG is a with little central control or resources – almost everything has to be done by the sites or the VOs • Sites security personnel will need to feel comfortable with grid use of resources • limited additional risks • local control over decisions

  3. Highlights • Centrally provided: • Secure email communications • Incident Tracking system • Site responsibilities • Have a site incident response plan in place • Report grid-related incidents • Potential to compromise grid infrastructure • Potential to compromise grid service or VO • Potential to compromise grid user (report to VO) • Remove compromised servers, follow-up and report back to email list / incident tracking system

  4. Timeline • Jun 04 – Security TG formed • Jul 04 – IR Activity formed • Sep 04 – First draft of plan reviewed • Oct 04 – Coordinate with EGEE/LCG • Nov 04 – Present plan at 2nd EGEE mtg • Dec 04 – Implementation • Jan 05 – Implementation & testing • Feb 05 – OSG-0; EGEE Review

  5. The Plan http://computing.fnal.gov/docdb/osg_documents//Static/Lists//FullList.html www.opensciencegrid.org click on “Documents” click on “Search the database and read documents” click on “OSG Secuirty Incident Handling and Response”

More Related