Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Final PDK Template Documents:

WISE Baseline Acceptable Use Policy and Conditions of Use  (Version 1):     WISE-SCI-Baseline-AUP-V1.pdf

Service Operations Security Policy template:  WISE-SCI-PDK-ServiceOpsSecPol-V2.pdf

Documents being worked on - see  "Working documents" below

Aim: 

An activity of the WISE SCI working group

...

In particular, some communities are looking for something very easy to pick up and define requirements on participating services (e.g. CS3MESH). Our first objective is to update the Security Operations Policy (and possibly the top level policy that ties participants together).

Meetings (SCI-WG PDK)

  1. Discussed during EUGridPMA October 28-30 September 2021
  2. October 4th 2021 
  3. See WISE Community meeting below - 26-27 October 2021
  4. Friday 22nd October (morning) 10:00 CEST
  5. At the WISE/SIG-ISM Meeting October 26/27 https://events.geant.org/event/742/ and Slides
  6. November 15th 15:00 CET 
  7. November 29th 15:00 CET
  8. December 13th 2021 15:00 CET
  9. January 24th 2022  15:00 CET
  10. February 2nd  15:00 CET
  11. Febraruary February 21st  15:00 CET
  12. March 7th  15:00 CET
  13. March 21st  15:00 CET - cancelled (clash with ISGC2022 security workshop)
  14. April 4th  15:00 CEST
  15. May 3rd 2022  15:00 CEST
  16. May 16th 2022  15:00 CEST
  17. May 31st 2022   15:00 CEST
  18. July 4th 2022  15:00 CEST
  19. August 1st 2022  15:00 CEST

    We failed to reach consensus on an updated Data Protection policy template - so activity then stopped (for now)- we will come back to this in 2023


Resources:

The final work from the AARC Project is at https://aarc-community.org/policies/policy-development-kit/ this has been slightly updated with time

We have a (unmaintained) Moodle course at https://e-academy.geant.org/moodle/course/view.php?id=16 

Existing Security Operations Policy Options:



Anchor
workingdocs
workingdocs

Working Documents: 

  1. Service Operations Security Policy
        Google doc

...

  1. used to produce version 2 template of Service Operations Security

...

  1. Policy (see top of this page)
    https://docs.google.com/document/d/1oO2OsBG99Wf3ecvjU28qma4ubyzpBJgMIB93eRpz6Ck/edit#heading=h.idp93lqbm8kt

  2. Community Security Policy
        Google doc with "work in progress" draft of Community Combined Security Policy
    https://docs.google.com/document/d/1SNew2NMI96EGZtbdnPZyyLIZ6mGYUeLgik_d-MMT540/edit?usp=sharing

  3. Data Protection policy template
        Google doc with "work in progress" draft of updated version of AARC policy template for Data Protection:
    https://docs.google.com/document/d/11S5UrCytHdeh4mNQc3btvZPW_ox_QgSBx0lII-XhKoI/edit?usp=sharing


AARC guidance documents on Data Protection and GDPR:

https://aarc-project.eu/wp-content/uploads/2018/05/AARC-G042-Data-Protection-Impact-Assessment-initial-guidance-for-communities.pdf

https://aarc-project.eu/wp-content/uploads/2016/12/AARC-DNA3.5_Recommendations-for-Processing-Personal-Data_2016_11_07_v4_DG.pdf



WISE Meeting October 27th 2021

TimeItem
10m

PDK introduction

  • Working Group plug
10m

Evolution of Security Operations Policy

  • Different users already
    • David and EOSC Baseline (refer to yesterday)
  • Comparison table
10mQ&A e.g. feedback from CS3MESH
30m

Work on Security Operations Policy (not the baseline) and incorporate feedback 

  • Comments in doc very welcome in advance

...