13-18 March 2016
Academia Sinica
Asia/Taipei timezone

EGI-CSIRT: Organising Operational Security in evolving distributed IT-Infrastructures

Mar 17, 2016, 4:00 PM
BHSS, Conf. Room 2 (Academia Sinica)

BHSS, Conf. Room 2

Academia Sinica

No. 128, Sec.2, Academia Road, Taipei, Taiwan
Oral Presentation Networking, Security, Infrastructure & Operations Networking, Security, Infrastructure & Operations Session V


Mr Sven Gabriel (Nikhef)


Operational Security in Scientific distributed IT-Infrastructures like EGI are challenging. Existing computation frameworks are further extended, and new technologies implemented. In this evolving environment new policies have to be developed, and existing policies and procedures have to be extended to meet the new requirements. These policies and procedures are then put to a test in so called Security Service Challenges (SSCs). To efficiently enforce new policies, the security monitoring infrastructure has to be developed to cover all elements of the infrastructure. Finally the incident response tool set has to be extended to ab able to efficiently handle security incidents involving new technologies. In this presentation we will discuss EGI-CSIRTs way towards extending its portfolio to also provide all aspects of operational security in a Cloud environment. This covers the developments around the Virtual Machine Endorsement policy and the related technical aspects towards a trustworthy set of Virtual Machine Images (VMI) offered to the user community through an Application-DataBase. VMIs with vulnerable configurations were involved in incidents handled by the EGI-CSIRTs Incident Response Task Force (IRTF). This triggered the extension of the existing incident response tool set to allow for central User- and Virtual Machine-Management frameworks, needed to efficiently respond to threads exposed by compromised systems in EGI-FedCloud.

Primary author

Mr Sven Gabriel (Nikhef)

Presentation materials