EGI Security Policy Group
Download
Report
Transcript EGI Security Policy Group
EGI-InSPIRE
EGI Security Policy Group
EGI Technical Forum
Sep 2010
David Kelsey
EGI-InSPIRE RI-261323
www.egi.eu
Agenda
• EGI Security Policy – history and status
• Security Policy Group (SPG)
– Terms of Reference and procedures
• SPG plans for next 12 months
16/9/2010
EGI-InSPIRE RI-261323
Kelsey/Security Policy Group
2
www.egi.eu
Status and history
• The current EGI Security Policy is
available on the SPG wiki
https://wiki.egi.eu/wiki/SPG
• Policies from the Joint (EGEE/WLCG)
Security Policy Group have been
imported into new EGI templates
– No change to wording
– Except for titles of and links to documents
• Adopted by EGI (from 1st May 2010)
16/9/2010
EGI-InSPIRE RI-261323
Kelsey/Security Policy Group
3
www.egi.eu
Joint Security Policy
Group(JSPG)
• This started as a WLCG activity in 2003
• In 2004, EGEE phase 1 started
– JSPG remit expanded to cover both projects
– Strong participation by OSG, NDGF, …
• Revised mandate (2008)
– http://www.jspg.org/
– prepares and maintains security policies for its primary
stakeholders (EGEE and WLCG)
– also able to provide policy advice on any security matter
• Policies approved and adopted by Grid management
• Now ended – EGI SPG continues the work
7 Mar 2010
EGI-InSPIRE RI-261323
Kelsey, Security Policy
www.egi.eu
Policy Interoperability
• All about building TRUST
• Wherever possible, JSPG aimed to
– prepare simple and general policies
– applicable to the primary stakeholders, but
– also of use to other Grid infrastructures (NGI's etc)
• The adoption of common policies by multiple Grids
eases the problems of interoperability (and scaling)
• Users, VOs and Sites all accept the same policies
during their (single) registration (with Grid or VO)
• Other participants then know that their actions are
already bound by the policies
– No need for additional negotiation, registration or agreement
7 Mar 2010
EGI-InSPIRE RI-261323
Kelsey, Security Policy
www.egi.eu
JSPG Security Policies
Certification
Authorities
Site & VO
Policies
Security
Incident
Response
Security
Policy
Grid & VO
AUPs
Pilot Jobs and
VO Portals
Accounting Data
Privacy
7 Mar 2010
EGI-InSPIRE RI-261323
Traceability and
Logging
Kelsey, Security Policy
www.egi.eu
Security policies
Top-level Grid Security Policy:
• Grid Security Policy
For all Users:
• Grid Acceptable Use Policy
For all Sites:
• Grid Site Operations Policy
• Site Registration Security Policy
16/9/2010
EGI-InSPIRE RI-261323
Kelsey/Security Policy Group
7
www.egi.eu
Security policies (2)
For all VOs:
• VO Operations Policy
• Virtual Organisation Registration Security
Policy
• Virtual Organisation Membership
Management Policy
• VO Portal Policy
16/9/2010
EGI-InSPIRE RI-261323
Kelsey/Security Policy Group
8
www.egi.eu
Security policies (3)
Other policies for all Grid participants:
• Traceability and Logging Policy
• Security Incident Response Policy
• Approval of Certificate Authorities
• Policy on Grid Pilot Jobs
• Grid Policy on the Handling of User-Level Job
Accounting Data
Glossary of terms used in JSPG policy documents:
• Security Policy Glossary of Terms
16/9/2010
EGI-InSPIRE RI-261323
Kelsey/Security Policy Group
9
www.egi.eu
SPG Terms of Reference
and Procedures
16/9/2010
EGI-InSPIRE RI-261323
Kelsey/Security Policy Group
10
www.egi.eu
Terms of Reference
• Draft SPG Terms of Reference have been
produced
• See ... https://wiki.egi.eu/wiki/SPG
• Discuss today
• Comments and suggestions are welcome
16/9/2010
EGI-InSPIRE RI-261323
Kelsey/Security Policy Group
11
www.egi.eu
Terms of Ref (2)
• SPG Purpose and Responsibilities
• Develop and maintain Security Policy
– For use by EGI and NGIs
– Defines expected behaviour of NGIs, Sites,
Users and others
– To facilitate the operation of a secure and
trustworthy DCI
• May also provide policy advice on any
security matter related to operations
16/9/2010
EGI-InSPIRE RI-261323
Kelsey/Security Policy Group
12
www.egi.eu
Terms of Ref (3)
• Where possible SPG should prepare simple
and general policies
– Of use to other Grids and DCIs (global)
– Adoption of common policies eases interoperability
• SPG does not formally approve policy
– EGI.eu Executive Board (and Council?)
– And management bodies of NGIs
• Topics for consideration can be specified either
by EGI management or SPG
• SPG may create focused sub-groups
16/9/2010
EGI-InSPIRE RI-261323
Kelsey/Security Policy Group
13
www.egi.eu
Terms of Ref (4)
• SPG Membership
• Each NGI and EIRO member of EGI.eu is
entitled to appoint one voting member
• In addition, SPG should aim to include
expertise in its deliberations from other
stakeholders
– Site security officers, Site sys admins, operations
experts, middleware experts, VRCs, other DCIs ...
– These are determined by Chair in consultation with
EGI management
16/9/2010
EGI-InSPIRE RI-261323
Kelsey/Security Policy Group
14
www.egi.eu
Terms of Ref (5)
• SPG Chair
– Defined Global task of EGI-InSPIRE
• SPG Secretary
– Appointed by EGI.eu
• SPG communications
– All members belong to the SPG-discuss mail
list
– SPG wiki ... https://wiki.egi.eu/wiki/SPG
16/9/2010
EGI-InSPIRE RI-261323
Kelsey/Security Policy Group
15
www.egi.eu
ToR (6) SPG Meetings
• As often as the work requires
• At least twice per year
– Once during Technical Forum
• Face to face or phone/video
– Face to face at least once per year
• To define future plans and discuss policy
• Editorial sub-groups created as required
to work on policy documents
– Leader of this to decide how this meets
16/9/2010
EGI-InSPIRE RI-261323
Kelsey/Security Policy Group
16
www.egi.eu
ToR(7) decision making
• Wherever possible via clear consensus
• Voting only when consensus not possible
– Or if two voting members call for a vote
• Vote only valid if quorum present
– 50% of the voting members
– Vote by email if quorum not present
• SPG may (if majority agrees) refer
matters to EGI Director for decision
16/9/2010
EGI-InSPIRE RI-261323
Kelsey/Security Policy Group
17
www.egi.eu
ToR (8) SPG Outputs
• The security policy documents
• Reports on activities in EGI-InSPIRE
quarterly reports
• Report to wider community at EGI
Technical Forum
• Reports from editorial sub-groups to main
SPG at least quarterly
16/9/2010
EGI-InSPIRE RI-261323
Kelsey/Security Policy Group
18
www.egi.eu
ToR(9) amendments
• SPG can amend ToR by consensus
• Amendments to be approved by the
EGI.eu Executive Board
• SPG will review its ToR and procedures
annually
16/9/2010
EGI-InSPIRE RI-261323
Kelsey/Security Policy Group
19
www.egi.eu
ToR - Issues raised so far
• Internal (EGI only) vs External (other DCI)
– discuss
•
•
•
•
EGI.eu vs EGI-InSPIRE (answer: EGI.eu)
Take names out of document (yes)
Allow for deputies (seems good idea)
“Appointed by” vs “Not representing”
– “Nominated by”? (sounds good)
• What is an EIRO? (add to definitions)
– European Intergovernmental Research Organisation
16/9/2010
EGI-InSPIRE RI-261323
Kelsey/Security Policy Group
20
www.egi.eu
SPG Procedures
• To produce a new/revised policy (MS209)
• Tasks:
– Write internal draft (editorial team)
– Discuss within SPG
– Prepared updated external draft
– Consult stakeholders
– Prepare updated final call draft
– SPG agrees version for approval
– Policy approval
16/9/2010
EGI-InSPIRE RI-261323
Kelsey/Security Policy Group
21
www.egi.eu
Editorial team
• Sub-set of SPG members
• Responsible for producing all drafts (internal,
external, final call)
• Leader and at least 2 other SPG members
– Important to include appropriate expertise
– Can/should include members from other DCIs, other
experts,...
• Can meet face to face or discuss by phone,
email, video etc (their choice)
16/9/2010
EGI-InSPIRE RI-261323
Kelsey/Security Policy Group
22
www.egi.eu
Document database
• All drafts of policy documents will be
public
– Stored in EGI document database
• Document discussion to be stored on
SPG wiki (again, public access)
• The whole process should be open
• All are encouraged to comment
16/9/2010
EGI-InSPIRE RI-261323
Kelsey/Security Policy Group
23
www.egi.eu
Consultation
• Important to consult widely and take all
feedback into account
• SPG will distribute external draft for comment
to:
–
–
–
–
SPG itself (members to distribute on)
EGI-CSIRT
VRC contacts
NGI contacts (NGI distributes to Sites)
• Or should we distibute to all Security Contacts
– All EGI Boards
16/9/2010
EGI-InSPIRE RI-261323
Kelsey/Security Policy Group
24
www.egi.eu
Consultation (2)
• Final call draft
– Sent to all EGI boards
– Also sent to EGI.eu Executive Board
– And everyone else again?
• Or just those who commented before?
• Approval by EB should not (hopefully!)
raise more comments
16/9/2010
EGI-InSPIRE RI-261323
Kelsey/Security Policy Group
25
www.egi.eu
Timetable
• JSPG learned that the development of
common, simple policy takes time!
• Each time we send document for
comment we need to allow at least 2
weeks (more?)
16/9/2010
EGI-InSPIRE RI-261323
Kelsey/Security Policy Group
26
www.egi.eu
Details of voting process
• At face to face (or phone/video)
– Voting members only
– Chair does not vote (except for tie)
– Voting is public
• Quorum
– At least 50% of voting members must be present
– If not must do by email
• Email vote
– Vote sent to Secretary (following request on mail list)
– 2 week deadline
16/9/2010
EGI-InSPIRE RI-261323
Kelsey/Security Policy Group
27
www.egi.eu
Anything else?
• Some people have already been
nominated or have volunteered
• Others – please contact me
– david.kelsey at stfc.ac.uk
• Other issues for ToR/procedures?
16/9/2010
EGI-InSPIRE RI-261323
Kelsey/Security Policy Group
28
www.egi.eu
SPG Tasks for Year 1
16/9/2010
EGI-InSPIRE RI-261323
Kelsey/Security Policy Group
29
www.egi.eu
Immediate work
•
•
•
•
Firm up SPG membership
Populate mail list
Complete ToR and MS209 procedures
Both will be sent to the mail list for final
comment
16/9/2010
EGI-InSPIRE RI-261323
Kelsey/Security Policy Group
30
www.egi.eu
Work for year 1
• To date there have been no requests from
EGI management for SPG to study
particular policy issues
– Except for some comments from EB
• My thoughts follow
– Discuss today
– Suggestions very welcome
16/9/2010
EGI-InSPIRE RI-261323
Kelsey/Security Policy Group
31
www.egi.eu
Policy issues from EB
• Comments received during EB review
– Definition of Pseudonymous Web User not
clear
• In VO Portal Policy
– Top-Level policy uses different approach to
references from other documents
– Some use RFC2119 “MUST”, “SHOULD” etc,
some do not
16/9/2010
EGI-InSPIRE RI-261323
Kelsey/Security Policy Group
32
www.egi.eu
Document revision
• The oldest document is the top-level main
Security Policy
• I think we should start with that
– Avoid overlap with policy sub-documents
– Make applicable to new EGI/NGI world
– And of use to other DCIs
– Review style of references (inline or not?)
• An important review
– Sets approach for all our future work
16/9/2010
EGI-InSPIRE RI-261323
Kelsey/Security Policy Group
33
www.egi.eu
VM Endorsement
• There is a particle physics (HEPiX)
working group on Virtualisation
• This has produced a draft security policy
on the Endorsement of Trusted Virtual
Machine Images
– https://edms.cern.ch/document/1080777/
• Should we discuss this for use by general
communities?
16/9/2010
EGI-InSPIRE RI-261323
Kelsey/Security Policy Group
34
www.egi.eu
Policy framework
• During the last year of JSPG
• Discussed the development of a policy
framework for collaborating Grids
• A way of defining policy standards required for
trustworthy interoperation
– Not policy words
– List of policy components that must be addressed
• We should do more on this
– Good way of interacting with many DCIs
– I suggest we start with Security Incident Response
16/9/2010
EGI-InSPIRE RI-261323
Kelsey/Security Policy Group
35
www.egi.eu
Other areas of weakness
• Clear definition of responsibility and
liability
• Treatment of data protection, data privacy
• What can we do to improve policies for
VRCs?
• Others?
16/9/2010
EGI-InSPIRE RI-261323
Kelsey/Security Policy Group
36
www.egi.eu
Discussion
16/9/2010
EGI-InSPIRE RI-261323
Kelsey/Security Policy Group
37
www.egi.eu