Security Incident Handling and Response Communications Plan - PowerPoint PPT Presentation

About This Presentation
Title:

Security Incident Handling and Response Communications Plan

Description:

describes required information and directions for submission, i.e. e-mail to goc ... a report of Incident-2 by using the security_at_opensciencegrid.org mailing address. ... – PowerPoint PPT presentation

Number of Views:31
Avg rating:3.0/5.0
Slides: 12
Provided by: robga3
Category:

less

Transcript and Presenter's Notes

Title: Security Incident Handling and Response Communications Plan


1
Security Incident Handling and ResponseCommunicat
ions Plan
  • Doug Pearson
  • OSG Integration Workshop at UC
  • Feb 15-18, 2005

2
Service Description
  • Provide a responsive and robust method to alert,
    report, and communicate regarding grid security
    incidents.

3
Background
  • Operations Support Center
  • goc_at_opensciencegrid.org
  • Mailing list that includes at minimum all the
    groups/sites that are providing Operations
    Support Center services

4
(No Transcript)
5
Components
  • Registration
  • Communications structure

6
Registration
  • NOT finalized
  • Is a subset of the general OSG new site
    registration
  • Plan
  • Site charter (or other?) describes required
    information and directions for submission, i.e.
    e-mail to goc_at_opensciencegrid.org
  • Operations Support Center updates appropriate
    mailing lists and welcomes new contacts to the
    list community.
  • Operations Support Center regularly queries each
    site and individuals to maintain list currency.

7
Communications
  • incident-report-l_at_security.opensciencegrid.org
  • is a closed list comprising the grid security
    contacts for all grid participants and the grid
    operations center. Posting is restricted to list
    members. The list is intended solely for initial
    incident reporting, not for incident discussion.
    All email to this list is echoed onto the
    discussion list and replies are configured to be
    sent to the discussion list to keep traffic at a
    minimum.
  • incident-discuss-l_at_security.opensciencegrid.org
  • is a closed list comprising the same members as
    INCIDENT-REPORT-L. The list is intended for
    discussion of reported incidents.

8
Communications
  • Also the recommended
  • abuse_at_opensciencegrid.org
  • security_at_opensciencegrid.org
  • These are routed to goc_at_opensciencegrid.org for
    review and forwarding as necessary to
    incident-report-l_at_security.opensciencegrid.org

9
Test and Validate
  • Test registration (as it is) and incident
    handling
  • New site joins the Grid the process to register
    with the GOC is exercised, and GOC updates the
    security distribution lists.
  • Incident Discoverer-1 makes a report of
    Incident-1 by following the guidelines described
    in the OSG Security Incident Handling and
    Response Guide.
  • Incident Discoverer-2 makes a report of
    Incident-2 by using the security_at_opensciencegrid.o
    rg mailing address.
  • Sites react and respond according to the Guide.
  • Sites report post-mortem to TG-Security.

10
Support and Documentation
  • OSG Security Incident Handling and Response Guide

11
Pending Issues and Next Steps
  • General new site process Site Charter or other?
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Security Incident Handling and Response Communications Plan" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!