...
Definitions
| Word/Term | Definition |
|---|---|
| IdP | Identity Provider |
| SP | Service Provider |
| (Identity) Federation | https://wiki.geant.org/display/eduGAIN/Identity+Federations+and+eduGAIN |
| Federation Operator | https://wiki.geant.org/display/eduGAIN/Federation+Operators |
| CSIRT | Computer Security Incident Response Team |
| entity | IdPs, SPs and Attribute Authorities (standalone) (AAs) |
| eduGAIN | The eduGAIN interfederation service connects identity federations around the world, simplifying access to content, services and resources for the global research and education community. |
| eSG | eduGAIN Steering Group, the governing body of eduGAIN |
| Entity Security Contact | an entity mail address monitored by multiple individuals |
Purpose and Responsibilities
...
- Incident coordination on the interfederation and inter organization level.
- maintaining and testing of a communication infrastructure that allows for a timely information flow among the affected entities, see https://wiki.geant.org/display/eduGAIN/Communication+Challenge+FAQ
- if requested, and appropriate, support in incident resolution (forensics).
Service Level Description
Composition
Membership
eduGAIN CSIRT consists of:
- the eduGAIN CSIRT Security Officer
- Senior security professionals from IT infrastructures so designated by the eduGAIN CSIRT Security Officer
Chair
The Chair of eduGAIN CSIRT is the Security Officer.
Duties
The duties of the Chair include:
Scheduling and running eduGAUN-CSIRT meetings and ensuring that minutes are taken and published.
- Ensuring all discussion items end with a decision, action or definite outcome.
- Inviting specialists to attend meetings when required according to the eduGAIN CSIRT agenda.
- Acting as general point of contact for eduGAIN CSIRT.
Ensuring that documents produced are presented for approval and adoption and that once approved these are published and made available.
Ensuring that eduGAIN CSIRT meets the various demands placed on it to produce and maintain policy, procedure and best practice. This will include negotiation with eSG, members of the CSIRT, and other stakeholders to agree priorities and timelines commensurate with the effort available to the Group.
Reporting to the Head of the eSG when requested and as required.
Term of Office
The Term of Office is unlimited.
Method of Appointment
The eSG appoint appoints the eduGAIN CSIRT Chair.
Operating Procedures
The operation of eduGAIN CSIRT will obey the eduGAIN Declaration and the eduGAIN Constitution. and follow the procedures approved by the eSG. Any Stakeholder within eduGAIN has the right to suggest new policies and procedures: such requests should be submitted to the Security Officer. The decision whether to accept this request or not will be recorded in hte minutes of the meeting and feedback will be provided to the original requestor.
...
Related material and references
| Name | Location |
|---|---|
| Policy developent Kit | https://aarc-project.eu/policies/policy-development-kit/ |
| Incident Response Handbook | https://wiki.geant.org/download/attachments/218464365/eduGAIN%20Security%20Incident%20Response%20Handbook-v1-eSG-feedback.pdf?version=2&modificationDate=1612805091663&api=v2 |
| Incident Response Procedures | |
| Communication Flow | |
| RFC-2350 for eduGAIN CSIRT | https://wiki.geant.org/display/eduGAIN/Paperwork+-+RFC-2350+Draft |
| eduGAIN CSIRT public wiki | https://wiki.geant.org/display/eduGAIN/eduGAIN+Security |
Reporting
eduGAIN CSIRT provides input about current operational security activities to Federation Operators group and eSG on request.
...