International Symposium on Grids & Clouds 2020 (ISGC 2020)

WISE development of new baseline policies for collaborating research infrastructures

25 Aug 2020, 14:00

30m

Conference Room 2 (BHSS, Academia Sinica)

Oral Presentation Network, Security, Infrastructure & Operations Network, Security, Infrastructure & Operations Session

Speaker

Dr David Kelsey (STFC-RAL)

Description

As most are fully aware, cybersecurity attacks are an ever-growing problem as larger parts of our lives take place on-line. Distributed digital infrastructures are no exception and action must be taken to both reduce the security risk and to handle security incidents when they inevitably happen. These activities are carried out by the various e-Infrastructures and in recent years a successful collaboration between Infrastructures has helped improve the security and allowed all to work more efficiently. For more than 4 years, “the WISE community” has enhanced best practice in information security for IT infrastructures for research. WISE fosters a collaborative community of security experts and builds trust between IT infrastructures, i.e. all the various types of distributed computing, data, and network infrastructures in use today for the benefit of research, including cyberinfrastructures, e-infrastructures and research infrastructures. Through membership of working groups and attendance at workshops these experts participate in the joint development of policy frameworks, guidelines, and templates. With participants from e-Infrastructures such as EGI, EUDAT, GEANT, EOSC-hub, PRACE, XSEDE, HBP, OSG, NRENs and more, the actual work of WISE is performed in focussed working groups, each tackling different aspects of collaborative security and trust. Since the presentation on WISE at ISGC2019, several working groups have been active. Two face to face community meetings have been held during 2019, the first in Kaunas, Lithuania, jointly with the GEANT SIG-ISM group, and then in San Diego, USA as part of the NSF Cybersecurity Summit for Large Facilities. The WISE Security for Collaborating Infrastructures (SCI) working group, in collaboration with Trust and Security activities in EOSC-hub and the GEANT GN4-3 project, is working on new baseline/template security policies. This builds on the Policy Development Kit, an output of the EU Horizon 2020 projects Authentication and Authorisation for Research Collaborations (AARC/AARC2), and is aiming to produce new WISE policy templates for Service Operations Security, for Acceptable Authentication Assurance and also for Research Community Management operations. This talk will present a report from some of the activities of WISE since ISGC2019, together with details of the work to produce new security baseline policy templates, guidelines and recommendations.