The WISE Community and updated baseline policies for collaborating research infrastructures

Mar 24, 2021, 1:00 PM
30m
Conf. Room 2 (ASGC)

Conf. Room 2

ASGC

Oral Presentation Network, Security, Infrastructure & Operations Network, Security, Infrastructure & Operations Session

Speaker

Dr David Kelsey (STFC-RAL)

Description

As most are fully aware, cybersecurity attacks are an ever-growing problem as larger parts of our lives take place on-line. Distributed digital infrastructures are no exception and action must be taken to both reduce the security risk and to handle security incidents when they inevitably happen. These activities are carried out by the various e-Infrastructures and in recent years a successful collaboration between Infrastructures has helped improve the security and allowed all to work more efficiently. For more than 5 years, “the WISE community” has enhanced best practice in information security for IT infrastructures for research. WISE fosters a collaborative community of security experts and builds trust between IT infrastructures, i.e. all the various types of distributed computing, data, and network infrastructures in use today for the benefit of research, including cyberinfrastructures, e-infrastructures and research infrastructures. Through membership of working groups and attendance at workshops these experts participate in the joint development of policy frameworks, guidelines, and templates. With participants from e-Infrastructures such as EGI, EUDAT, GEANT, EOSC-hub, PRACE, XSEDE, HBP, OSG, NRENs and more, the actual work of WISE is performed in focussed working groups, each tackling different aspects of collaborative security and trust. Two virtual community meetings have been held during the year of COVID-19 restrictions, one in April and one in October 2020. The WISE Security for Collaborating Infrastructures (SCI) working group, in collaboration with Trust and Security activities in EOSC-hub, the GEANT GN4-3 project and the UK IRIS Infrastructure, is working on some new baseline/template security policies. This builds on the Policy Development Kit, an output of the EU Horizon 2020 projects Authentication and Authorisation for Research Collaborations (AARC/AARC2) and is aiming to produce new WISE policy templates. SCI working group has also been producing guidance for assessment of an Infrastructure’s maturity against the SCI Trust Framework. This talk will present a report on recent activities and the future plans of WISE, together with details of the work to produce new security baseline policy templates, guidelines and recommendations.

Primary author

Dr David Kelsey (STFC-RAL)

Presentation materials