Dave Kelsey
(STFC - Science & Technology Facilities Council (GB))
The Security for Collaborating Infrastructures (SCI) group (http://www.eugridpma.org/sci/) is a collaborative activity of information security officers from several large-scale distributed computing infrastructures, including EGI, OSG, PRACE, WLCG, and XSEDE. SCI is developing a framework to enable interoperation of collaborating Grids with the aim of managing cross-Grid operational security risks and to build trust and develop policy standards for collaboration especially in cases where we cannot just share identical security policy documents. This assists in building the trust required for cooperation in operational security within WLCG.
Each infrastructure consists of distributed computing resources, users, and a set of policies and procedures all managed by different organisations. Even when such an infrastructure considers itself to be decoupled from other infrastructures, it is in fact subject to many of the same threats and vulnerabilities as other infrastructures because of the use of common software and technologies. Moreover, in WLCG there are users who use resources in more than one infrastructure and are thus potential vectors that can spread infection from one infrastructure to another. In each of these situations, the infrastructures can benefit from working together and sharing information on security issues.
We will present, based on current best practices and a long real-world experience, the current SCI activities including our documented requirements in 6 areas (operational security, incident response, traceability, participant responsibilities, legal issues and data protection) that each infrastructure must address in relation to being considered a trusted partner. We will also present an analysis method for showing the extent to which the infrastructures comply with the requirements.
Dave Kelsey
(STFC - Science & Technology Facilities Council (GB))
Christos Kanellopoulos
David Groep
Irwin Gaines
James Marsteller
Jules Wolfrat
Keith Chadwick
Ralph Niederberger
Romain Wartel
Urpo Kaila
(CSC - IT Center for Science Ltd.)
Vincent Ribaillier
Willy Weisz
(University of Vienna)