Versions Compared

Old Version 59

changes.mady.by.user Davide Vaghetti

Saved on

compared with

New Version 60

changes.mady.by.user Davide Vaghetti

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

eduGAIN consists of Federations whose primarily target goal is to provide authentication and authorisation service services to the research and education sectorscommunity. The eduGAIN Service provides an infrastructure for establishing trusted communications between Entities, such as Identity and Service Providers, in belonging to different Federations.

Please refer to the eduGAIN Constituion for further details: https://technical.edugain.org/doc/eduGAIN-Constitution-v3ter-web.pdf

...

The roles and interactions of the different entities relevant to incident response within eduGAIN are described in thethe eduGAIN Security Incident Response Handbook Feedback<the link needs to be updated to point to the official version of the handbook>[eduGAIN-SIRH]

eduGAIN CSIRT reports to the eduGAIN Steering Group (eSG).

...

The eduGAIN CSIRT will occasionally share information about prominent security threats and vulnerabilities that may affect the eduGAIN community .  

Incident Reporting Forms

The following form will be used to notify a suspected or verified security incident to any affected party. All the incident reports will be signed by the eduGAIN CSIRT with its PGP key.

Subject: [TLP:COLOR] subject

TLP:COLOR

## SUMMARY ##
Summary of the report.

## INTRUSION TIMELINE ##
YYYY-MM-DD HH:MM:SS event 1
..
YYYY-MM-DD HH:MM:SS event N

## INDICATORS OF COMPROMISE
Available IoCs.

## REPORTING & SHARING

Where to report back about new findings on the incident.

The above form is based on the AARC Deliverable Incident Report templates can be found in:  https://aarc-project.eu/wp-content/uploads/2017/02/DNA3.2-Security - Incident - Response - Procedure[AARC-v1.0.pdf

< THE TEMPLATES SHOULD BE EXTRACTED/EDITED FROM THE PDF AND PUT ON THE WEBSITE (WITH A REFERENCE TO THE ORIGINAL DOC) >

DNA3.2]

Disclaimers

While every precaution will be taken in the preparation of information, notifications and alerts, eduGAIN CSIRT assumes no responsibility for errors or omissions, or for damages resulting from the use of the information contained within.

References

[eduGAIN-SIRH]

https://wiki.geant.org/download/attachments/218464365/eduGAIN%20Security%20Incident%20Response%20Handbook-v1-eSG-feedback.pdf

[AARC-DNA3.2]

https://aarc-project.eu/wp-content/uploads/2017/02/DNA3.2-Security-Incident-Response-Procedure-v1.0.pdf