...
- Next steps
- Next meeting
Minutes
Present: Eli Beker, Linda Cornwall, Dave Kelsey, Vincent Ribailller, Hannah Short, Adam Slagell, Romain Wartel, Eric Yen,
Apologies: David Groep, Mischa Salle.
- Minutes of last meeting were approved.
- The current list of actions was reviewed. (new action DaveK to update Vidyo connection details - CERN has changed IP addresses)
- We discussed some of the questions and issues arising out of SCI v1 document.
Section OS1 - what is meant by a "security model". DaveK explains that this was aimed at a security "architecture" relating to AuthN and AuthZ services.
What about local services versus centrally operated?
"Access control" for files relates to role-based authZ to read/write/delete/control files. For XSEDE, Adam comments that their most important example of central access control is to for accounting.
We need to decide how to score an item with many sub-items. Is it the sum, the average, the lowest score?
Section OS4 - what about IDS? Do we mean host-based or network-based? Best practice would be to implement at least something in this area.
Eli: Can also be done after the event by analysing log files.
Questions like "can you detect brute-force SSH attacks? Do you have centralised logging? Can you correlate these logs?
We can put details in the guidance document. It doesn't all have to be done - the main document needs to stay light-weight.
Some problems with terminology. Service provider versus service operator. All needs to be checked!
Adam suggests that we could see the section OS to be more of a "baseline standard". He will send a copy of the XSEDE Baseline Security document.
Eric points out that we need to include post-mortem analysis as a way of learning lessons. Do we expand IR2 or create a new bullet?