We will shortly be upgrading this wiki site. Please find out more information: HERE
Page tree
Skip to end of metadata
Go to start of metadata

Aim: 

An activity of the WISE SCI working group

We have had a lot of feedback that the Policy Development Kit (which came from the AARC project) is good but doesn't necessarily fit use cases. People have to make significant modifications. We would like to pull in the feedback from these first-hand implementation experiences and produce an improved set of templated policies. 

In particular, some communities are looking for something very easy to pick up and define requirements on participating services (e.g. CS3MESH). Our first objective is to update the Security Operations Policy (and possibly the top level policy that ties participants together).

Meetings: 

  1. Discussed during EUGridPMA October 2021
  2. October 4th 2021 
  3. Friday 22nd October (morning) 10:00 CEST
  4. At the WISE/SIG-ISM Meeting October 26/27 https://events.geant.org/event/742/ and Slides
  5. November 15th 15:00 CET 
  6. November 29th 15:00 CET
  7. December 13th 2021 15:00 CET
  8. January 24th 2022  15:00 CET
  9. February 2nd  15:00 CET
  10. Febraruary 21st  15:00 CET
  11. March 7th  15:00 CET
  12. March 21st  15:00 CET - cancelled (clash with ISGC2022 security workshop)
  13. April 4th  15:00 CEST


Resources:

The final work from the AARC Project is at https://aarc-community.org/policies/policy-development-kit/ this has been slightly updated with time

We have a (unmaintained) Moodle course at https://e-academy.geant.org/moodle/course/view.php?id=16 

Existing Security Operations Policy Options:


Working Documents: 

Google doc with new version of Service Operations Security Policy https://docs.google.com/document/d/1oO2OsBG99Wf3ecvjU28qma4ubyzpBJgMIB93eRpz6Ck/edit#heading=h.idp93lqbm8kt



WISE Meeting October 27th

TimeItem
10m

PDK introduction

  • Working Group plug
10m

Evolution of Security Operations Policy

  • Different users already
    • David and EOSC Baseline (refer to yesterday)
  • Comparison table
10mQ&A e.g. feedback from CS3MESH
30m

Work on Security Operations Policy (not the baseline) and incorporate feedback 

  • Comments in doc very welcome in advance


Actions:

  • Hannah: Ask ELIXIR if they used the Security Operations Policy
  • Hannah: Ask Uros/Marcus about HDF use
  • Ian: share Iris and PDK Policy comparison (Updated 11/11/2021 - Added Sirtfi column to doc)

  • Hannah: Create PDK section on WISE website
  • Hannah: Revise comments on Service Operations Security Policy
  • ?: Diagram of policies, how they fit together and how they support SCI 

This was drawn a while ago. Does not address SCI or exactly fit requirements but may provide basis for improvement.

  • No labels