Security
The purpose of the Security activity is to propose, implement and monitor the project’s security architecture. The EGEE Security teams defines a security framework and architecture as well as a set of high-level policies that act as guidance to the other activities.
The active partners in the Security activity are distributed over the EGEE project, and coordinated through the Security Coordination Group, lead by the EGEE Security Head. With other activities, the members of the Security Coordination Group are active in cross-project collaboration, aiming at a shared security infrastructure within Europe and the rest of the world. The security groups and their roles are described below. The EGEE Security Coordination Group (SCG) - Coordinating the overall security work eu-egee.org/security/scg The Security Coordination Group (SCG) is responsible for ensuring overall EGEE security coordination. This includes architecture, deployment, standardisation and cross-project concertation. The goal is to ensure the relationship between the various security-related work items inside the project do not adversely overlap (leading to duplication of effort) or leave gaps that could be exploited. In addition, the SCG is to coordinate a new security auditing activity. This activity will monitor both operations and middleware for security issues and report periodically on status and progress of the issues identified. The security audit will leverage the work of the Grid vulnerability issues group. The EGEE Operational Security Coordination Team (OSCT) http://eu-egee.org/security/osct The Operational Security Coordination Team (OSCT) provides an operational response to security threats against the EGEE infrastructure. It mainly focuses on computer security incidents handling, by providing reporting channels, pan-regional coordination and support. It also deals with security monitoring on the Grid and provides best practice and advice to Grid system administrators. The OSCT is lead by the EGEE/LCG Security Officer and includes Security Contacts from each EGEE region.They are providing support for daily security operations as part of an on-duty rota. The OSCT can be contacted via The Middleware Security Group (MWSG) - Security Architecture eu-egee.org/security/mwsg The Middleware Security Group, is the meeting place for security architects and security knowledgeable persons from EGEE, OSG, OMII-Europe and other grid projects. The MWSG have four, two-day meetings per year, and meet at larger grid conferences. The MWSG was initiated and is lead by EGEE and OSG. The Joint Security Policy Group (JSPG) - Security Policies eu-egee.org/security/jspg The LCG Security Group was formed in 2003 and mandated to advise and make recommendations to the LCG Grid Deployment Manager and the LCG Grid Deployment Board (GDB) on matters related to LCG Security. With the start of EGEE in April 2004, it was agreed that the remit of this group would expand to meet the needs of both EGEE and LCG. From the early days, there has been strong participation by Open Science Grid (OSG) in the USA with the aim of defining common policies across EGEE, OSG and LCG. Other Grid infrastructures have more recently joined the group, including DEISA, SEE-Grid and NDGF. The word "Joint" describes the fact that this body defines and maintains policy for several Grids. EGEE Security Middleware Development (EGEE/JRA1/Security) - gLite security development eu-egee.org/security/gLite This is the cluster where gLite security services and components are reengineered and developed. The Grid Security Vulnerability Group (GSVG) - Finding and eliminating Grid Security Vulnerabilities eu-egee.org/security/gsvg The purpose of this group is to find and eliminate any Grid Security Vulnerabilities in the Grid middleware and its deployment, and prevent any new Grid Security Vulnerabilities from being introduced. The aim is "to incrementally make the Grid more secure and thus provide better availability and sustainability of the deployed infrastructure". In this way, Grid Security should improve with time. The largest part of this activity, to date, is to handle specific Grid Security Vulnerability issues, which may be reported by anyone such as users, developers or system administrators. The GSVG investigates issues, carries out a risk assessment and sets a target date for resolution according to risk. The EUGridPMA - Coordinating grid authentication in e-Science eu-egee.org/security/eugridpma The EUGridPMA is the international organisation to coordinate the trust fabric for e-Science grid authentication in Europe. It collaborates with the regional peers APGridPMA for the Asia-Pacific and The Americas Grid PMA in the International Grid Trust Federation. The charter document defines the group's objective, scope and operation. It is the basis for the guidelines documents on the accreditation procedure, the Authentication profile for X.509 secured "classic" certification authorities and other IGTF recognised Profiles. |
Latest NewsEnabling Grids for E-sciencE (EGEE) is the largest multi-disciplinary grid infrastructure in the world. Finding the Higgs boson; saving lives; addressing the energy problem; feeding the planet - the grid is swiftly becoming one of the extraordinary tools scientists use everyday. This month sees the start of the third phase of the project, EGEE-III, which is revolutionising the way data is analysed, stored and shared. ... Read moreTechnical sitesTry the GRIDBecome a User
Want to become a user of the EGEE Grid? Click here
Related Projects
If your project is related to EGEE, please register it
Information Sheets
Click here for all the EGEE Information Sheets.
Contact EGEE
Get in touch with the EGEE Project Office at . If you have questions about the Website contact: . Please remove NOSPAM from the email address. |
|
EGEE in Other Countries: | | | | | | | | | | | | | | | | | | | | EGEE-II is a project funded by the European Union under contract number INFSO-RI-031688 |