...
- the eduGAIN-CSIRT Security Officer, that will be nominated by the GEANT project.
- At the time of the establishment of the eduGAIN-CSIRT the eduGAIN Participants will be invited to propose members of the eduGAIN-CSIRT. The proposed members must be senior security professionals from research and education IT infrastructures. The proposals will be reviewed for acceptance by the eduGAIN Security Officers.
- An eduGAIN Participant can always propose a new member of the eduGAIN-CSIRT. The proposal will be reviewed for acceptance by the eduGAIN Security Officers according to the actual needs of the eduGAIN-CSIRT.
- Each member of the eduGAIN-CSIRT will be funded by the respective organization either through the GEANT project, or direct funding.
The eduGAIN-CSIRT members can decide to invite external experts to collaborate with the team for the purpose of assisting in a specific incident response or investigation. The external experts' contribution will be limited to the scope of the incident and will last no longer than 3 months.
Invited members: GEANT CERT Security Officer. Others?
...
The eduGAIN-CSIRT shall proactively communicate with recognized peer organizations regarding suspected and confirmed security incidents that could affect such peers. It shall maintain a reference to the operating policies and practices of such peer infrastructures and participate in their processes and the evolution thereof.
External Collaborations
The eduGAIN-CSIRT members can decide to collaborate with external experts or entities for the purpose of assisting in a specific incident response or investigation. The external experts' contribution will be limited to the scope of the incident and it will last for the time of the investigation and resolution of the incident.
Communication Channels
Channel | Reference |
---|---|
eduGAIN-CSIRT email list | edugain-support-sec-team@lists.geant.org |
Report of abuse | abuse@edugain.org |
eduGAIN-CSIRT wiki & meeting minutes | https://wiki.geant.org/display/eduGAIN/eduGAIN+Security |
Telephone | |
Instant messaging channels | Signal group, keybase.io: edugain_sec |
Related material and references
Name | Location |
---|---|
Policy developent development Kit | https://aarc-project.eu/policies/policy-development-kit/ |
Incident Response Handbook | https://wiki.geant.org/download/attachments/218464365/eduGAIN%20Security%20Incident%20Response%20Handbook-v1-eSG-feedback.pdf?version=2&modificationDate=1612805091663&api=v2 |
Incident Response Procedures | |
Communication Flow | |
RFC-2350 for eduGAIN-CSIRT | https://wiki.geant.org/display/eduGAIN/Paperwork+-+RFC-2350+Draft |
eduGAIN-CSIRT public wiki | https://wiki.geant.org/display/eduGAIN/eduGAIN+Security |
...