Participants: Matthew Viljoen (EGI Foundation) Alessandro Paolini (EGI Foundation) Yannick Legre (EGI Foundation) Linda Cornwall (STFC,RAL,PPD) Jan Alastos (NGI_SK) Stephane Gerard (BEgrid) Vincenzo Spinoso (EGI Foundation) Bruce Becker (EGI Foundation) George Ryall (STFC - GOCDB) Miroslav Ruda (CESNET) Sven Gabriel (NIKHEF) Cristina Duma (INFN) Emir Imamagic (SRCE) Eric Yen (TWGRID) Ionut Vasile (ROGRID) Dragos Ciobanu-Zabet (ROGRID) Vincent Brillault (EGI-CSIRT/CERN) Miroslav Dobrucky (IISAS) Kostas Koumantaros (GRNET) Gianfranco Sciacca (INAF) Apologies: Dmytro Karpenko (NGI_NDGF) Jerome Pansanel (NGI_France) ===================================== Introduction, News from EOSC-hub: Speaker: Matthew Viljoen (EGI Foundation) ===================================== - launch of EGI Strategic and Innovation Fund (Yannick: co-funding from the proposers are more than welcome, the numbers in the slides are not the upper limits) - new procedure 26 - Operator on duty role for handling with operations issues/activities - EOSC-hub Levels of Integration distinction between internal and external service portfolio in order to ease the implementation of the SMS processes - Operational requirements for entry to the catalogue deliverable to be finalized by the end of June - harmonization with EUDAT investigating the creation of a joint MoU, similar to the one with OSGRID Yannick: how to deal with sites both in EGI and EUDAT? Matt: this needs to be covered in the MoU - Fedcloud security Sven: not easy to inspect pipelines in the marketplace useful to coordinate with other people Bruce: - discussing the acknowledgment of the Fedcloud usage in scientific papers Cristina: slide 9 TRL levels: is there official definition of all the levels? Matt: harmonizing with EUDAT the definitions - if this is done by the end of June then they will be defined in EOSC-hub/D4.1 Linda: suggesting minimal requirements at first, then they will evolve ==================================== GDPR at EGI Speaker: Yannick Legre (EGI Foundation) ==================================== (no slides, screen shared) GDPR effective on May 25th Preparation of necessary policies and procedure of egi federation 19 documents to review for becoming compliant, to involve Operations and UCST For example, Policy on personal data transfer: with AAI several action on our side to do the policies cover only the legal side. to see how to reference them in the policies we have already in place Asking the providers to sign a data protection agreement EGI Foundation: data controller the providers: data processor members of the federation (sort of subprocessors) Cristina: any deadline for putting in place these? Yasnnick: Officially May 25th. Suggestion: as soon as possible Emir: any rules for keeping the logs for 3 years? (the IP information are personal data) you may keep the data for longer period the procedures are even stricter for transferring data outside of Europe the European regulation should cover all the regional regulations since they are stricter than the national ones in general for the documents: to find the proper level of signature for each institute/organization/ need to update the generic AuP Vincent: did you include Dave in the discussion (if VOs can be considered as data processors or controllers) Yannick: we are the controllers, VOs data processors, sites are sub-processors). Dave will be involved Sven: logs retention: who has access to the log data. If kept in Europe, need to know all type of personal data that we process ================================= Security news Speakers: Vincent Brillault (CERN), Dr. Sven Gabriel (NIKHEF) =================================== - 2 Singularity vulnerabilities fix published in WLCG repo, no mitigation for the last one (version 2.5.0) advisory sent on Apr 30th several sites upgraded to 2.5.0, no particular issues reported. Please remind the sites to upgrade Matthew: good idea conducting security code review Vincent: Sven: done in collaboration (for glexec) in the past with a colleague in US the risk is that an user of a VO can affect the other VOs running on the same machines Linda: not identified yet who can review the singularity code we are no longer in control of the software used (with EMI it was easier, providing and following best practices) to have best practices under EOSC-hub security task the sites decide which software install and run Vincenzo: having these guidelines about the new software would be nice Sven: things in UMD can be controlled, we cannot control software not in UMD ==================================== UMD and Operations news Speaker: Vincenzo Spinoso (INFN) ==================================== - UMD3 shutdown - OpenStack/OpenNebula old versions decommissioning ===================================== Notifications system in ARGO Speaker: Kostas Koumantaros (GRNET) ===================================== system tested in the past weeks agreed to turn on the system now ====================================== Discussion Speaker: Matthew Viljoen (EGI Foundation) ====================================== George Ryall: please send any feedback to the email sent yesterday, about changing functionality in GOC-DB about personal data next OMB meeting suggested on June 14th