...
+44 1223 733033
Facsimile Number
Not available.Blank
Other Telecommunication/Instant messaging
Not applicable available.
Electronic Mail Address
abuse@edugain.org This address can be used to report all security incidents which relate to the eduGAIN participants. This is a mail alias that relays mail to the human(s) on duty for the eduGAIN CSIRT.
...
The eduGAIN CSIRT provides a central contact and support point for security incidents, and it will work in close collaboration with Federation Security Contacts and Federation Operators to coordinate the investigation and resolution of suspected security incidents at the inter-federation level.
...
eduGAIN CSIRT is part of the eduGAIN Service which is co-funded by the European Commission through the European Union’s Horizon 2020 research and innovation programme under Grant Agreement No. 731122 (GN4-2).
Authority
eduGAIN CSIRT is authorized operates with authority delegated by the eduGAIN Steering Group to coordinate incident response at the inter-federation level.
...
The eduGAIN policy framework consists of:
...
is available on the eduGAIN Technical site at the following URL:
...
https://technical.edugain.org/
...
Types of Incidents and Level of Support
...
The eduGAIN CSIRT closely collaborates with the Federations’ operators, security officers the Federation Security Contacts, Federation Operators, entities Security Contacts and the National Research and Education Network CSIRTs and CERTs to ensure that all the parties affected by a security incident at the inter-federation level are timely alerted and supported in the investigation, limitation and remediation process.
...
eduGAIN CSIRT supports the Information Sharing Traffic Light Protocol (ISTLP TLP – see see https://www.trusted-introducerfirst.org/ISTLPv11.pdftlp/) - information that comes in with the tags WHITE, GREEN, AMBER or RED will be handled appropriately.
eduGAIN CSIRT will use the information you provide to help solve security incidents affecting eduGAIN. This means that by default the information will be distributed further to the appropriate parties – but only on a need-to-know base, and preferably anonymized.
Services
eduGAIN's participants are Research and Education federations, in which different organizations operate entities. Usually the mandate and scope of the entities' security teams are limited to the home organization. The same holds for the federations participating in eduGAIN.
Incident Response
eduGAIN CSIRTs major IT security incident management function is incident coordination across eduGAIN federationsFederations.
Incident Triage
eduGAIN CSIRT will support the eduGAIN participants investigating whether indeed an incident occurred and in case, determining the extent of the incident. This ranges from a single entity registered in one or more federations, to multiple entities from different federations affected.
Incident Response Coordination
eduGAIN's participants are Research and Education Federations, in which different organizations operate SPs and IdPs. Usually the mandate and scope of the SPs and IdPs security teams are limited to the home organization. The same holds for the federations participating in eduGAIN. eduGAN-CSIRT will organize the security incident communications across affected participants and coordinate the response activities to allow for an efficient containment and subsequently resolution of security incidents.
...
The incident resolution is ultimately the task of the organizations responsible for the end entities in eduGAIN (SPs and IdPs)affected entities. If possible and on request, eduGAIN CSIRT will support the end entities in coordination with the Federationsfederations.
Proactive Activities
The eduGAIN CSIRT will maintain the security communication channels with all the eduGAIN participants. In order to do that, from time to time, the eduGAIN CSIRT will organize communication challenges to assess the reliability and responsiveness of the communication infrastructure.
...