Focus on:  Hide Contributions
Login

Token Trust & Traceability WG

Europe/Zurich
513/R-068 (CERN)

513/R-068

CERN

19
Show room on map
Description

Fortnightly for the risk assessment season.

Token Tracebility and Traceability WG
Zoom Meeting ID
64974356171
Host
Matthew Steven Doidge
Useful links
Join via phone
Zoom URL
Hide

https://codimd.web.cern.ch/ksIECgNAT1G2b6viw64rvA#

 

# TTT 23rd September 2025

Attending: Matt, Luna, Maarten, Linda, DaveD
Apologies: TomD, DavidC 

## From last time
Action from last time was rearrange the spread sheet to take into account the threats that are unique to workflows, merging everything else.

Done, but kept the original numbering for clarity at this stage. There is a lack of polish on the wording, most entries were copy and pasted

## Goal this meeting

Goal today is to do a two fold exercise:
* Run through the spreadsheet as it stands, attempting to assess the risks
* Polish the spread sheet as we go

Luna suggests we should also look at out for duplications.
ML notes mitgations for 4c and 4d
Avoid duplications in final product.
Can join most threat boxes.
LC - prefer a self descriptive role.

ML - notes that we have a daunting amount of text

Hope to do at least 1 row this meeting

Luna suggests planning poker, whih we will use.

Taking TR-1
Fast discussion
If serviceability is down, no new tokens, so could be safe.
If service down no tracability or revocation, so not safe (especially if lifetime long).

ML In TTT consider risk of infrastructure.

Luna - loss of service is an impact. Certain scenarios we can take out of picture.
Don't take into account bugs is fine.
Score differently.

Luna points to recent events that wer ehandled as security incidents.

Misconfiguration of AAI server risk.
ML - this is a risk
Luna - this is in threat 3 - privilege escalation
Matt0 oh year
ML - need a line to state this.
Luna - would more prone to augment existing risk.
-Agreed
ML - So include information that AAI provider could be misconfigured (in for example TR3 and 4)

Could remove overload
ML - Changed overload to performance issue.

ML- runs through the parts of the TR-1

Luna - let's just keep DOS now, remmebering it can be accidental

So consider a service unavailability due to DOS.
Not an attack by a nation state
Scores: 
Impact: 3.5
Maarten, Matt: 3
Luna, Linda: 4

Likilihood: 2.5
Maarten, Luna: 2
Linda, Matt: 3

But could be some disagreement in the interpretation of the likelihood. 

Proven to ourselves that this method works, and in good agreement.

ML - need to identify the cases where there is wide disagreement.

Then we can order the risk.

 

### AOB, Next Meeting
Do we want another bonus meeting in the first half of October?

Yes - Matt will send out a doodle.

There are minutes attached to this event. Show them.
    • 15:00 15:05
      Actions, Since Last Meeting 5m
    • 15:05 15:30
      Discussion: Risk Analysis 25m

      Inspiration may be taken from these assessments from EGEE and WLCG done many years ago:

      Work through the Workflows added by Maarten to the document, and review the scoring methodology.

      Continue discussion from the list.

    • 15:30 15:55
      Discussion 25m

      Probably just continuing the above.

      https://github.com/TTT-WG/TTT-WG/issues

    • 15:55 16:00
      AOB, next meeting 5m

      Extra meeting again in the first half of September?

Powered by Indico v3.3.9-pre