The mission of the “WISE” community is to enhance best practice in information security for IT infrastructures for research. WISE fosters a collaborative community of security experts and builds trust between those IT infrastructures. Through membership of working groups and attendance at workshops these experts participate in the joint development of policy frameworks, guidelines, and templates.
The WISE Security for Collaboration among Infrastructures Trust Framework was first presented to the ISGC Conference in 2013. Since then the trust framework was updated to version 2 in 2017 and WISE activities were last presented to ISGC in 2021.
Since ISGC2021, the WISE Security for Collaborating Infrastructures (SCI) working group, in collaboration with Trust and Security activities in the GEANT GN4-3 Enabling Communities task and other projects and Infrastructures, has completed work on the guidance for self assessment of an Infrastructure’s maturity against the SCI Trust Framework.
Work on updating the Policy Development Kit, an output of the EU Horizon 2020 projects Authentication and Authorisation for Research Collaborations (AARC/AARC2) continues. An updated template policy for the Service Operations Security Policy has been completed. The working group has also worked on updating the AARC guidance on the handling of Data Privacy (and GDPR) issues in the operational access data collected by Infrastructures. Work on updating the AARC PDK policies relating to the Communities of Infrastructure Users is also underway.
This talk will report on the WISE SCI Working Group activities since ISGC2021 together with details of the new policy templates and guidelines produced.