Technical details of EGI Security Coordination
What is it?
Security Coordination improves the capabilities of local security activities for a safer federated infrastructure environment.
The EGI Computer Security Incident Response Team (EGI CSIRT) has the tools and the knowledge to run Security Coordination on behalf of the federation. The EGI CSIRT is a certified Trusted Introducer since 2015.
Security Coordination is especially important in a federated environment, where incidents are often not isolated and can affect several service providers. A coordinated response is essential to minimize the impact of incidents and vulnerabilities.
This service provides:
- Security Operations Coordination - Central coordination of the security activities ensures that policies, operational security, and maintenance are compatible amongst all partners, improving availability and lowering access barriers for use of the infrastructure.
- Security Policy Coordination - The Security Policy Group (SPG) develops policies covering diverse aspects, including operational policies (agreements on vulnerability management, intrusion detection and prevention, regulation of access, and enforcement), incident response policies (governing the exchange of information and expected actions), participant responsibilities (including acceptable use policies, identifying users and managing user communities), traceability, legal aspects, and the protection of personal data.
- Software Vulnerability Group Coordination - The Software Vulnerability Group SVG aims to eliminate existing software vulnerabilities from the deployed infrastructure and prevent the introduction of new ones, and runs a process for handling software vulnerabilities reported.
- International Grid Trust Federation (IGTF) and EUGridPMA - Representation of EGI in IGTF and EUGridPMA. A common authentication trust domain is required to persistently identify all EGI participants.
- EGI Computer Security Incident Response Team (EGI CSIRT) expertise
- Security Incident Response Coordination - Coordination of incident response activities in collaboration with the Incident Response Task Force (EGI-CSIRT IRTF).
- Security monitoring - Monitoring services to check for security vulnerabilities and other security-related problems in the EGI production infrastructure.
- Tools for Security Service Challenge support - Security challenges are a mechanism to check the compliance of sites/NGIs/EGI with security requirements. Runs of Security Service Challenges need a set of tools that are used during various stages of the runs.
Security Monitoring for EGI Resources Providers and Services