370 likes | 484 Views
EGI Security Policy Group. EGI Technical Forum Sep 2010 David Kelsey. Agenda. EGI Security Policy – history and status Security Policy Group (SPG) Terms of Reference and procedures SPG plans for next 12 months. Status and history.
E N D
EGI Security Policy Group EGI Technical ForumSep 2010David Kelsey
Agenda • EGI Security Policy – history and status • Security Policy Group (SPG) • Terms of Reference and procedures • SPG plans for next 12 months Kelsey/Security Policy Group
Status and history • The current EGI Security Policy is available on the SPG wikihttps://wiki.egi.eu/wiki/SPG • Policies from the Joint (EGEE/WLCG) Security Policy Group have been imported into new EGI templates • No change to wording • Except for titles of and links to documents • Adopted by EGI (from 1st May 2010) Kelsey/Security Policy Group
Joint Security Policy Group(JSPG) This started as a WLCG activity in 2003 In 2004, EGEE phase 1 started JSPG remit expanded to cover both projects Strong participation by OSG, NDGF, … Revised mandate (2008) http://www.jspg.org/ prepares and maintains security policies for its primary stakeholders (EGEE and WLCG) also able to provide policy advice on any security matter Policies approved and adopted by Grid management Now ended – EGI SPG continues the work Kelsey, Security Policy
Policy Interoperability All about building TRUST Wherever possible, JSPG aimed to prepare simple and general policies applicable to the primary stakeholders, but also of use to other Grid infrastructures (NGI's etc) The adoption of common policies by multiple Grids eases the problems of interoperability (and scaling) Users, VOs and Sites all accept the same policies during their (single) registration (with Grid or VO) Other participants then know that their actions are already bound by the policies No need for additional negotiation, registration or agreement Kelsey, Security Policy
JSPG Security Policies Security Incident Response Certification Authorities Traceability and Logging Site & VO Policies Security Policy Grid & VO AUPs Pilot Jobs and VO Portals Accounting DataPrivacy Kelsey, Security Policy
Security policies Top-level Grid Security Policy: • Grid Security Policy For all Users: • Grid Acceptable Use Policy For all Sites: • Grid Site Operations Policy • Site Registration Security Policy Kelsey/Security Policy Group
Security policies (2) For all VOs: • VO Operations Policy • Virtual Organisation Registration Security Policy • Virtual Organisation Membership Management Policy • VO Portal Policy Kelsey/Security Policy Group
Security policies (3) Other policies for all Grid participants: • Traceability and Logging Policy • Security Incident Response Policy • Approval of Certificate Authorities • Policy on Grid Pilot Jobs • Grid Policy on the Handling of User-Level Job Accounting Data Glossary of terms used in JSPG policy documents: • Security Policy Glossary of Terms Kelsey/Security Policy Group
SPG Terms of Reference and Procedures Kelsey/Security Policy Group
Terms of Reference • Draft SPG Terms of Reference have been produced • See ... https://wiki.egi.eu/wiki/SPG • Discuss today • Comments and suggestions are welcome Kelsey/Security Policy Group
Terms of Ref (2) • SPG Purpose and Responsibilities • Develop and maintain Security Policy • For use by EGI and NGIs • Defines expected behaviour of NGIs, Sites, Users and others • To facilitate the operation of a secure and trustworthy DCI • May also provide policy advice on any security matter related to operations Kelsey/Security Policy Group
Terms of Ref (3) • Where possible SPG should prepare simple and general policies • Of use to other Grids and DCIs (global) • Adoption of common policies eases interoperability • SPG does not formally approve policy • EGI.eu Executive Board (and Council?) • And management bodies of NGIs • Topics for consideration can be specified either by EGI management or SPG • SPG may create focused sub-groups Kelsey/Security Policy Group
Terms of Ref (4) • SPG Membership • Each NGI and EIRO member of EGI.eu is entitled to appoint one voting member • In addition, SPG should aim to include expertise in its deliberations from other stakeholders • Site security officers, Site sys admins, operations experts, middleware experts, VRCs, other DCIs ... • These are determined by Chair in consultation with EGI management Kelsey/Security Policy Group
Terms of Ref (5) • SPG Chair • Defined Global task of EGI-InSPIRE • SPG Secretary • Appointed by EGI.eu • SPG communications • All members belong to the SPG-discuss mail list • SPG wiki ... https://wiki.egi.eu/wiki/SPG Kelsey/Security Policy Group
ToR (6) SPG Meetings • As often as the work requires • At least twice per year • Once during Technical Forum • Face to face or phone/video • Face to face at least once per year • To define future plans and discuss policy • Editorial sub-groups created as required to work on policy documents • Leader of this to decide how this meets Kelsey/Security Policy Group
ToR(7) decision making • Wherever possible via clear consensus • Voting only when consensus not possible • Or if two voting members call for a vote • Vote only valid if quorum present • 50% of the voting members • Vote by email if quorum not present • SPG may (if majority agrees) refer matters to EGI Director for decision Kelsey/Security Policy Group
ToR (8) SPG Outputs • The security policy documents • Reports on activities in EGI-InSPIRE quarterly reports • Report to wider community at EGI Technical Forum • Reports from editorial sub-groups to main SPG at least quarterly Kelsey/Security Policy Group
ToR(9) amendments • SPG can amend ToR by consensus • Amendments to be approved by the EGI.eu Executive Board • SPG will review its ToR and procedures annually Kelsey/Security Policy Group
ToR - Issues raised so far • Internal (EGI only) vs External (other DCI) • discuss • EGI.eu vs EGI-InSPIRE (answer: EGI.eu) • Take names out of document (yes) • Allow for deputies (seems good idea) • “Appointed by” vs “Not representing” • “Nominated by”? (sounds good) • What is an EIRO? (add to definitions) • European Intergovernmental Research Organisation Kelsey/Security Policy Group
SPG Procedures • To produce a new/revised policy (MS209) • Tasks: • Write internal draft (editorial team) • Discuss within SPG • Prepared updated external draft • Consult stakeholders • Prepare updated final call draft • SPG agrees version for approval • Policy approval Kelsey/Security Policy Group
Editorial team • Sub-set of SPG members • Responsible for producing all drafts (internal, external, final call) • Leader and at least 2 other SPG members • Important to include appropriate expertise • Can/should include members from other DCIs, other experts,... • Can meet face to face or discuss by phone, email, video etc (their choice) Kelsey/Security Policy Group
Document database • All drafts of policy documents will be public • Stored in EGI document database • Document discussion to be stored on SPG wiki (again, public access) • The whole process should be open • All are encouraged to comment Kelsey/Security Policy Group
Consultation • Important to consult widely and take all feedback into account • SPG will distribute external draft for comment to: • SPG itself (members to distribute on) • EGI-CSIRT • VRC contacts • NGI contacts (NGI distributes to Sites) • Or should we distibute to all Security Contacts • All EGI Boards Kelsey/Security Policy Group
Consultation (2) • Final call draft • Sent to all EGI boards • Also sent to EGI.eu Executive Board • And everyone else again? • Or just those who commented before? • Approval by EB should not (hopefully!) raise more comments Kelsey/Security Policy Group
Timetable • JSPG learned that the development of common, simple policy takes time! • Each time we send document for comment we need to allow at least 2 weeks (more?) Kelsey/Security Policy Group
Details of voting process • At face to face (or phone/video) • Voting members only • Chair does not vote (except for tie) • Voting is public • Quorum • At least 50% of voting members must be present • If not must do by email • Email vote • Vote sent to Secretary (following request on mail list) • 2 week deadline Kelsey/Security Policy Group
Anything else? • Some people have already been nominated or have volunteered • Others – please contact me • david.kelsey at stfc.ac.uk • Other issues for ToR/procedures? Kelsey/Security Policy Group
SPG Tasks for Year 1 Kelsey/Security Policy Group
Immediate work • Firm up SPG membership • Populate mail list • Complete ToR and MS209 procedures • Both will be sent to the mail list for final comment Kelsey/Security Policy Group
Work for year 1 • To date there have been no requests from EGI management for SPG to study particular policy issues • Except for some comments from EB • My thoughts follow • Discuss today • Suggestions very welcome Kelsey/Security Policy Group
Policy issues from EB • Comments received during EB review • Definition of Pseudonymous Web User not clear • In VO Portal Policy • Top-Level policy uses different approach to references from other documents • Some use RFC2119 “MUST”, “SHOULD” etc, some do not Kelsey/Security Policy Group
Document revision • The oldest document is the top-level main Security Policy • I think we should start with that • Avoid overlap with policy sub-documents • Make applicable to new EGI/NGI world • And of use to other DCIs • Review style of references (inline or not?) • An important review • Sets approach for all our future work Kelsey/Security Policy Group
VM Endorsement • There is a particle physics (HEPiX) working group on Virtualisation • This has produced a draft security policy on the Endorsement of Trusted Virtual Machine Images • https://edms.cern.ch/document/1080777/ • Should we discuss this for use by general communities? Kelsey/Security Policy Group
Policy framework • During the last year of JSPG • Discussed the development of a policy framework for collaborating Grids • A way of defining policy standards required for trustworthy interoperation • Not policy words • List of policy components that must be addressed • We should do more on this • Good way of interacting with many DCIs • I suggest we start with Security Incident Response Kelsey/Security Policy Group
Other areas of weakness • Clear definition of responsibility and liability • Treatment of data protection, data privacy • What can we do to improve policies for VRCs? • Others? Kelsey/Security Policy Group
Discussion Kelsey/Security Policy Group