France Grilles Security

Mission and Organization

As a member of EGI, France-Grilles benefits, supports, and is part of the security team EGI: EGI-CSIRT (Computer Security Incident Response Team) .

The Security Officer for France-Grilles (the French NGI) is a member of the EGI-CSIRT and is the link for operational communication regarding security, between sites of France-Grilles and with EGI-CSIRT.

The mission of the EGI-CSIRT is to ensure the operational aspects for achieving a secure infrastructure. To reach that aim, it is important that the security contact information for each site are filled in and kept up to date in the GOCDB (Grid Configuration DataBase).

EGI-CSIRT coordinates between different NGIS (National Grid Initiative) and the NRENs (National Research and Education Network) and seeks to combine and enhance the various safety aspects such as monitoring, training and response the incidents.

Vulnerabilities

Vulnerabilities in application programs or operating systems relevant for the EGI infrastructure are evaluated by the SVG (Software Vulnerability Group). This group examines announced vulnerabilities, CVE (Common Vulnerability Exposure), or reported (anyone can report a vulnerability by email: report-vulnerability-at-egi.eu), and produces an opinion on the level of risk associated with the vulnerabilities.

A list of advisory is here: https://wiki.egi.eu/wiki/SVG:Advisories

Security policy

Policies and procedures are defined by the SPG (Security Policies Group). They determine the usage rules applicable to all EGI member (hence any France Grilles member), whether they are users, sites or virtual organizations. The documents are available here:

Security policies: https://wiki.egi.eu/wiki/SPG:Documents

The procedures:  https://wiki.egi.eu/wiki/EGI_CSIRT:Policies

Grid certificates

The certificate is your passport to the grid. The certificate private key and password must be kept confidential.

Some basic guidelines:

– Be stored in a file readable only by you,

– Being protected by a strong password. It can be created by a password generator.

– Do not share your certificate or its password with anyone.

A security issue … What do I do?

 

TO DO

– Keep calm

– Contact the NGI France Security list and report your incident to the EGI-CSIRT

– Use procedures and guidelines: https://wiki.egi.eu/wiki/EGI_CSIRT:Incident_reporting

– Use the guideline for system analysis: https://wiki.egi.eu/wiki/Forensic_Howto

NOT TO DO

Do not talk on a mailing list other than that provided for this purpose

Do not publish this information on the Internet or other media

Do not restart (reboot) the infected server(s)

Do not destroy the virtual machine