Security

From EGI Knowledge Base

The character of the security vulnerabilities and risks presented by Grid infrastructures provides a rationale for coordination among the Grid participants at various levels. A common authentication trust domain is required to persistently identify all Grid participants. The International Grid Trust Federation, and the EUGridPMA in particular, operated in line with the relevant e-IRG recommendations, exist to ensure interoperability at the European as well as the global scale. This must continue in EGI and must also adapt to take advantage of the work currently underway in TERENA and the National Research and Education Networks on developments of large-scale Authentication/Authorisation federations and infrastructures, as well as from the work of the Joint (EGEE/WLCG) Security Policy Group, that has successfully developed common interoperable security policies now in use across a number of international Grids In a European e-infrastructure some central coordination will be required on policies, vulnerability handling, and operational security. Support and coordination of the work of teams drawn from the NGIs, will be the task of EGI.org

O-E-15

Coordination of security policy development and maintenance - mandatory

Security policy development and maintenance are needed to define agreement on best practice and security policies, CA policies (EUgridPMA) etc. A team of security people in NGI’s will take care of ensuring the definition and application of standard security policies. EGI.org is responsible of support and coordination.

O-E-16

Security and incident response - mandatory

It is needed to ensure that common policies are followed for coordinated incident response by Grid participants in the region for NGIs and overall for EGI.org. EGI.org is responsible of coordination and support.

O-E-17

Vulnerability – mandatory

A team of experts will deal with security vulnerabilities in middleware and its deployment. EGI.org is responsible of its support and coordination.