Page tree

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Communications Challenges and incident response models AARC2 NA3 Task 1 - Overview

The Incident Response Procedure for Federations deliverable, published by the AARC Project, proposes a chained model for incident notification that leverages the established relationships between federation participants and their registrars (or federation operators), with eduGAIN providing the relationships between independent federations. The procedure hinges on participating organisations’ compliance with Sirtfi, the Security Incident Response Trust Framework for Federated Identity

In AARC2 we will further the work undertaken in AARC and provide a framework for improving operational security support for inter federation. 

Incident response models and guidance

Following work in the AARC Project to define an Incident Response Procedure for Federations, this report focuses on validating the proposal by developing tests that involve IdP, SP, Federation and Interfederation operators in simulated security incident response. In addition, the authors present an overview of technologies and tools that may prove useful for automated incident notification.

...

Communications Challenges and exercises

To test the validity of the AARC approach to incident response notification, we proposed the following scenarios be simulated. It is expected that email will be the primary communication tool. In this report we provide an analysis of a series of flexible tests, in order to shed light on the reality of incident response in a federated environment. The objective is to test the process, rather than the performance of any of the participants.

...

Report on incident response

The report provides an overview of the current state of security incident response and cybersecurity in Federated Authentication Scenarios, focusing particularly on efforts that have taken place in the two years related to input from the AARC2 project. It addresses the following elements:

...