Advanced notice :
We will be upgrading wiki.geant.org from the current version of Confluence Server to the current LTS version 8.5. During the maintenance window we expect that there will be an outage of 20 minutes.
Maintenance start time: 22/10/2024 16:00 UTC. Maintenance end time: 22/10/2024 18:00 UTC.
| Tip |
|---|
Sirtfi is now ready for adoption! The list of Sirtfi compliant Federation Participants can be seen on the eduGAIN Technical site by selecting "asserted" in the Sirtfi dropdown: https://technical.edugain.org/entities |
DNA3.2 Generic security incident response procedure for federations is published at https://aarc-project.eu/documents/deliverables/
Although computer security incident response procedures often exist at the national level, they are rarely formally specified for federations and there is no best practice guidance for security incidents involving several federations spreading across multiple administrative domains. Whilst R&E federations and their underlying IdPs have a long-standing operational tradition, and while the organisation operating federations and IdP have developed a computer security incident response capability to deal with both accidental and deliberate violations of system and network security, there are several challenges remaining. One is a 'lack of expressibility': there is no common way to express to service providers and relying parties what level of incident response capability is available, not its maturity level. Secondly, there is not even a standard way defined how to contact the incident response teams within a federation, IdP, or service provider. The meta-data specifications - whilst providing administrative, billing, and helpdesk contact, did not even suggest previously that a security contact would be useful.
...
- The Public Sirtfi Homepage
- The SirTFi Sirtfi Framework document version 1.0
- Training and outreach material
...
Security incident response is also an element of the self-assessment process started for the Assurance Profile task (TNA3.1)
The incident response procedure (DNA3.2) is being eveloped now at https://docs.google.com/document/d/1I3IhatjdP5sa6Sfji8SIT6yXo4CI1tf2kNOaccD9QCU
This task also supports the work towards a globally recognised security contact in federation meta-data as part of the Sirtfi v1.0 implementation plan.
...
The GN44-2-JRA3-T1: SIRTFI task, in collaboration with AARC, is developing Sirtfi processes and tooling under the GEANT project.