Versions Compared

Old Version 35

changes.mady.by.user Davide Vaghetti

Saved on

compared with

New Version 36

changes.mady.by.user Davide Vaghetti

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

This document has been signed with the eduGAIN CSIRTs PGP key. The signatures are also on our Web site, under: https://edugain.org/edugain-security/

Contact Information

Name of the Team

...

eduGAIN CSIRTs major IT security incident management function is incident coordination across eduGAIN federations.

Incident Triage

eduGAIN CSIRT will support the eduGAIN participants investigating whether indeed an incident occurred and in case, determining the extent of the incident. This ranges from a single entity registered in one or more federations, to multiple entities from different federations affected.

Incident Response Coordination

eduGAIN's participants are Research and Education Federations, in which different organizations operate SPs and IdPs. Usually the mandate and scope of the SPs and IdPs security teams are limited to the home organization. The same holds for the federations participating in eduGAIN. eduGAN-CSIRT will organize the security incident communications across affected participants and coordinate the response activities to allow for an efficient containment and subsequently resolution of security incidents.

Incident Resolution

The incident resolution is ultimately the task of the organizations responsible for the end entities in eduGAIN (SPs and IdPs). If possible and on request,  on request eduGAIN CSIRT will support the end entities in coordination with the Federations.

Proactive Activities

The eduGAIN CSIRT will maintain the security communication channels with all the eduGAIN participants. In order to do that, from time to time, the eduGAIN CSIRT will organize communication challenges to assess the reliability and responsiveness of the communication infrastructure.

The eduGAIN CSIRT will occasionally share information about prominent security threats and vulnerabilities that may affect the eduGAIN community .  <THIS HAS A RISK OF GETTING TIME CONSUMING MORE THEN WE CAN SPEND ON IT>

Incident Reporting Forms

Incident Report templates can be found in:  https://aarc-project.eu/wp-content/uploads/2017/02/DNA3.2-Security-Incident-Response-Procedure-v1.0.pdf

< THE TEMPLATES SHOULD BE EXTRACTED/EDITED FROM THE PDF AND PUT ON THE WEBSITE (WITH A REFERENCE TO THE ORIGINAL DOC) >

Disclaimers

While every precaution will be taken in the preparation of information, notifications and alerts, eduGAIN CSIRT assumes no responsibility for errors or omissions, or for damages resulting from the use of the information contained within.

...