Main Page

1 Security Management in SouthWestern Federation

1.1 Activities of the SWE-ROC Security Group

The security group's main task is to keep contacts with the LCG/EGEE Security working groups and to provide links, references and guidelines for the SWE production grid sites. Moreover it is responsible to coordinate actions in case of a security incident occurring in one of the SWE sites and to participate to the Security Service Challenge when requested by the project.

Another goal of the group is to promote best practice and discussions among site managers and resource administrators, in order to share a common knowledge concerning security monitoring, tools and procedures.

1.2 SWE-ROC Contacts

  • SWE-ROC Security Officer : Carlos Fuentes
  • SWE-ROC Backup Security Officer : Miguel Cardenas
  • SWE-ROC Incident Response Coordination : Carlos Fuentes
  • SWE-ROC Backup Incident Response Coordination: Virginia Martin-Rubio
  • SWE-ROC Security Mailing List : Grid Security Incidents please report incidents here
    • Warning: The subject MUST contain [SWE-INCIDENT]
  • SWE-ROC Managers: Christian Neissner

1.3 Incident Reporting Escalation, Procedures and Scenarios

Click here to enter

This document presents the procedure in order to report and escale the incidents detected in the LCG/EGEE infrastructure. The protocol of notifications is shown, as well as, some examples or possible scenarios.

1.4 Service Reference Cards

In this section, the Service Reference Cards developed by EGEE are shown. These Service Reference Cards detail the services of the middleware gLite, providing a resume of the key elements of each piece of software, such as: daemons running, init scripts, log files and open ports.

1.5 Security Service Challenge

The goal of the LCG/EGEE Security Service Challenge, is to investigate whether sufficient information is available to be able conduct an audit trace as part of an incident response, and to ensure that appropriate communications channels are available.

Click here to enter into the section

1.6 Relevant Policy Documents

The SWE ROC, other than following its own Security Policies (as approved by RedIRIS or by FCCN or regulated by each single site administrators), admits the main security policy documents approved by the LCG/EGEE management and provided by the Joint Security Policy Group.

The Joint Security Policy Group (JSPG) was formed in 2004 as an extension of the LCG Security Group and mandated to advise and make recommendations to the LCG Grid Deployment Manager and the LCG Grid Deployment Board (GDB) on matters related to LCG/EGEE Security.

The main JSPG activity is to maintain and provide updated policy documents concerning the security of the Grid infrastructure, focusing on the formal aspects like usage rules, user/sites/VO registration, and top level requirements on the LCG/EGEE participants.

The policies which all the sites have been required to follow can be found in the following link

1.7 Other Documents

  • The Guidelines for middleware and applications design and deployment are described in:

Guide to LCG Applications, Middleware and Network Security. This document defines areas of security practice which the Security Group considers must be adressed when designing applications and deploying a Grid Service.

1.8 Best Practice (Grid)

This section is intended to provide suggestions and advises to improve the security of a Grid site. Auditing and information retrieval from the different logs of grid services are also covered.

Everyone is invited to post comments and to add material that can be considered useful.

These recommendations are based on the material developed by the project [[1]].

Click here to enter in the section

1.9 Best Practice (General)

This section is intended to provide suggestions and advises to improve the security of a site, including: audit and incident recovery operations, user-self protection, good programmer practices or guidelines.

Everyone is invited to post comments and to add material that can be considered useful.

These recommendations are based on the material developed by the project [ISSeG].

Click here to view Best Practice (General)

1.10 External References

LCG/EGEE Official Mailing Lists and Security Contacts

As defined in the LCG/EGEE Incident Response Guide for notification of incidents. Contains all site incident response team contacts. Should not be used for general discussion. Used for live incident reporting only. Reaches incident response teams at all sites. Designated security contacts or alternates only should post to this list for confirmed incidents. Subjects must classify content as HIGH, MEDIUM or LOW impact.

This mail address should be used for external users of the project for communicating a security incident.

Security support group. Receives security tickets from GGUS helpdesk. Can currently be mailed directly for general security questions. Reaches ROC security contacts.

Used for incident followup, discussion and informational alerts. Reaches registered site security contacts for all sites. Designated security contacts or alternates only should post to this list. Subject should suggest classification i.e.

1.11 INFORMATIONAL

  • project-lcg-security-officer@cern.ch:

Generic contact address as a catch-all if people don't know what who to ask - currently points to Ian Neilson.

  • project-egee-osct@cern.ch:

Operational Security Coordination Team. The OSCT defines the implementation of operational security processes. Manages implementation of operational security policies as promoted by JSPG. Reaches ROC security contacts, security activity sub-groups and volunteers.

  • project-eu-egee-middleware-security@cern.ch:

middleware security discussion. You have to subscribe this list to write to it. Links to Other Sites

  • Security at GOC: a collection of references and guidelines mantained by the GOC.
  • LCG Security: Other links from Joint Security Policy Group. It contains also a template for security incident reporting.
  • CIC Security Pages: Displays the Security RSS feed