You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 4 Next »

As the very first move forward with security arrangement we need to establish proper communication channels with the eduGAIN participants. As agreed by the eduGAIN SC, we will require that federation provide their security contacts and make them available for security matters in eduGAIN. We'll continue further with policies and procedures, however we only aim at very light and flexible arrangement to prove the essential security baseline. We will re-use SIRFTI requirement as much as possible.

The security contact shall respect the following base requirements:

  1. It is strongly recommended to use a dedicated email address for the security contact. 
  2. Where possible, use the NREN's security function (local CERT/CSIRT). We will also accept specific security capability for the federation service, if the organization has a proper procedure to deal with the communication.
  3. Notify the eduGAIN CSIRT <abuse@edugain.org>, which is the established security contact for the eduGAIN Service, in case of federated security incident and coordination (as required by [eduGAIN-sec-handbook]). 

  4. Respond to requests for assistance with a security incident from the eduGAIN CSIRT or other eduGAIN Participants in a timely manner. The recommended response time is half business day.

  5. Respect the Traffic Light Protocol [TLP] information disclosure policy and use it during incident response communications (ref. https://www.first.org/tlp).

  6. The contact needs to expect that the eduGAIN CSIRT runs periodic communication checks which need to be handled as any other incident response communication.

[eduGAIN-sec-handbook] https://wiki.refeds.org/display/GROUPS/SIRTFI?preview=%2F44958353%2F65896525%2FeduGAIN+Security+Incident+Response+Handbook+v1.0.pdf

  • No labels