11-14 April 2011
Radisson Blu Hotel Lietuva, Vilnius
Europe/Vilnius timezone

The EGI security groups - keeping the infrastructure secure.

11 Apr 2011, 09:00
8h
Radisson Blu Hotel Lietuva, Vilnius

Radisson Blu Hotel Lietuva, Vilnius

Konstitucijos pr. 20 LT - 09308 Vilnius, Lithuania
Poster Poster Posters

Speaker

Linda Cornwall (STFC)

Description of the work

A lot of work has been done over the last few years concerning
Grid Security, and this is continuing in EGI.

The Software Security Group (SSG) ensures the availability of
Security software and tools to carry out the authentication
and authorization of users to carry out actions in the Grid infrastructure.

The EU Grid PMA provides the infrastructure for authentication
of users and sites in the the EGI infrastructure.

The Security Policy Group (SPG) is responsible for developing
the policy needed to provide NGIs with a secure, trustworthy
distributed computing infrastructure.

The goal of the Software Vulnerability Group (SVG) is to
eliminate existing software vulnerabilities from the deployed
infrastructure and prevent the introduction of new ones, thus reducing the likelihood of security incidents.

The Computer Security and Incident Response Team (CSIRT)
covers all aspects of operational security, including ensuring
sites are deployed in a secure manner and handling incidents.

The Security Coordination Group (SCG) brings together representatives of the various security functions within the EGI to ensure that there is coordination between the
operational security, the security policy governing the use of the production infrastructure and the technology providers
whose software is used within the production infrastructure.

Circumstances where users may need to contact these groups, and how to contact them will be described.

A few 'dos' and 'don't for users will also be presented.

Details of where to find further information will be presented.

Impact

The security activities are an important part of maintaining
the Grid infrastructure. Many thousands of users are able to
obtain credentials and use the Grid, with little disruption from security problems.

Conclusions

The various security groups have well established processes to
keep the Grid secure. A lot of work has been done, and various activities are still being carried out to improve the ease of use of secure access to the Grid and improve security as usage
and awareness of the Grid expands and and new threats emerge.

Overview

The purpose of security is to allow people to enjoy the
benefits that they are entitled to. We lock the doors to our
homes to prevent our belongings from being taken, thus
ensuring we can enjoy the benefits of the belongings we have.
Computer security should allow users to enjoy the benefits they are entitled to from the system. This includes access
to resources they are entitled to access, surety that their
data are intact, and privacy of their data. If someone carries
out an action they are not entitled to, this may prevent others from enjoying benefits they are entitled to.

The various security activities carried out by the various
security groups who work to keep the EGI infrastructure secure are summarized in this presentation.

Primary author

Presentation Materials