SLIDE 1
Grid Operational Security: from EGEE to EGI
Mingchao Ma STFC – RAL, UK
ISGC 2010, Taipei, Taiwan
Overview
- Current EGEE operational security
- Transition - a regional view
– ROC in EGEE – NGI in EGI
- Challenges in EGI and forward looking
Grid Operational Security: from EGEE to EGI Mingchao Ma STFC RAL, - - PowerPoint PPT Presentation
Grid Operational Security: from EGEE to EGI Mingchao Ma STFC RAL, - - PowerPoint PPT Presentation
Grid Operational Security: from EGEE to EGI Mingchao Ma STFC RAL, UK ISGC 2010, Taipei, Taiwan Overview Current EGEE operational security Transition - a regional view ROC in EGEE NGI in EGI Challenges in EGI and
SLIDE 2
SLIDE 3
SLIDE 4
OSCT
- A geographically dispersed security
team
- 11 Regional Operation Centre security
- fficers and backups
- Meet up twice per year
- Telephone call once a week
SLIDE 5
OSCT Structure
Operational Security Coordination Team (OSCT) Regional Operation Centre (ROC) Site Site … … Regional Operation Centre (ROC) Site Site … … … … … … … … … … Regional Operation Centre (ROC) Site Site … … OSCT – Duty Contact Day to day coordination
SLIDE 6
Current Activities
- Computer security incident handling
– Procedure – Communication channels – Collaboration with other CSIRT teams
- Security monitoring (development)
– SAM/Nagios based monitoring – Pakiti: patch management
- Training and dissemination
- Security drill
– Security Service Challenge (SSC)
SLIDE 7
SLIDE 8
The EGI Computer Security and Incident Response Team (EGI CSIRT)
SLIDE 9
EGI
EGI CSIRT Software Security Group Software Vulnerability Group
EGI-InSPIRE: TSA 1.2
Security Policy Group EUGridPMA (IGTF)
SLIDE 10
Transition – a NGI view
- To appoint a NGI security officer
– current ROC security officer, or – A “New” NGI security officer;
- Funded by NGI instead of EGI;
- Act as Point of Security Contact for the NGI
- Coordinate all aspects of security activities
within NGI;
- Contribute to EGI CSIRT
SLIDE 11
UKI ROC – an Example
SLIDE 12
UKI ROC in EGEE
- UK & Ireland Regional Operation
Centre(UKI ROC)
- UK Grid: GridPP
- Ireland Grid: GridIreland
- A single point of security contact
SLIDE 13
UK and Ireland NGI
- UK NGI
– + – UKI ROC security officer => UK NGI security
- fficer
- Ireland NGI
– Need to appoint a NGI security officer – Participate EGI CSIRT security activities
SLIDE 14
Challenges
- 11 FTE in EGEE => 1 FTE in EGI
– Match-up effort from NGIs
- A much bigger team
– From 15ish to 40 or 50
- Various skill set
– New to Grid security
- More heterogeneous infrastructure
– Multiple middleware stacks
- Short transition period
- Many uncertainties
SLIDE 15
Risk
- Software Vulnerability Group – funding is
unclear; GSVG handled vulnerability in EGEE
- Security monitoring tools development
- Contribution from NGIs is subject to negotiation
and remains unclear
- Lost of expertise
SLIDE 16
Short Term Plan
- No interruption to operational security
– “business as usual”
- Actively engage NGI security officers
– Face to face meetings – Regular online-/Tele-conferences; – Mailing list; – Training if needed
- Maintain current activities
– More members, but much less EGI funded effort – Delegate tasks and responsibilities to NGI security
- fficers
- Clarify responsibilities
SLIDE 17
The Aim
- To build and maintain an efficient and
effective security team
- To define and develop a sustainable
- peration model suitable for the need
- To address various operational security
issues transparently
- To maintain the availability of EGI
services
SLIDE 18
To maintain a secure infrastructure!
SLIDE 19
EGI Geneva Workshop www.eu-egi.eu 19