Upload File

incident response - aarc project · h"ps://aarc-project.eu • interest from internaonal...

  • Home
  • Documents
  • Incident Response - AARC Project · h"ps://aarc-project.eu • Interest from internaonal audiences • Requested to present to the Kantara Iden4ty Assurance Working Group • Discussions
16
h"ps://aarc-project.eu Authen4ca4on and Authorisa4on for Research and Collabora4on Hannah Short Sir=i present, future and pilots Incident Response NA3.2 Task Lead CERN-IT AARC Mee4ng, Utrecht 24 th May 2016

Upload: doanque

Post on 04-Jun-2018

226 views

Category:

Documents


0 download

Report

TRANSCRIPT

Page 1: Incident Response - AARC Project · h"ps://aarc-project.eu • Interest from internaonal audiences • Requested to present to the Kantara Iden4ty Assurance Working Group • Discussions

h"ps://aarc-project.eu

Authen4ca4onandAuthorisa4onforResearchandCollabora4on

HannahShort

Sir=ipresent,futureandpilots

IncidentResponse

NA3.2TaskLeadCERN-IT

AARCMee4ng,Utrecht24thMay2016

Page 2: Incident Response - AARC Project · h"ps://aarc-project.eu • Interest from internaonal audiences • Requested to present to the Kantara Iden4ty Assurance Working Group • Discussions

h"ps://aarc-project.eu

Whathavewedonethisyear?• Training• Events

Whatwillwedonextyear?• Deployment• DNA3.2• Events

Someblueskythinking…

2

Agenda

Page 3: Incident Response - AARC Project · h"ps://aarc-project.eu • Interest from internaonal audiences • Requested to present to the Kantara Iden4ty Assurance Working Group • Discussions

h"ps://aarc-project.eu

2012 2013 2014 2015 2016 2017 2018 2019

FIM4RPaper

SecurityforCollabora4ngInfrastructures(SCI)

REFEDSWorkingGroup

AARC

Sir=iv1.0Published

FirstRoundDeployment

RFC

AARC2

SecondRoundDeployment

3

Sir>iA?meline

Page 4: Incident Response - AARC Project · h"ps://aarc-project.eu • Interest from internaonal audiences • Requested to present to the Kantara Iden4ty Assurance Working Group • Discussions

h"ps://aarc-project.eu 4

Whathavewedonethisyear?

Sir=iisreadytogo!

TrainingPack

4interna4onalpresenta4ons

2REFEDSConsulta4ons

•  It’sbeenquiteabusyyear…

• AARCtookontheSir=iworkfromtheREFEDSWG

• BigmilestonewasSir=iv1.0,whichwaspublishedearly2016!

• Wehavebeenpresen4ngtheframework

• Wehavecreatedtrainingmaterial

• Nowwearereadytodeploy

Page 5: Incident Response - AARC Project · h"ps://aarc-project.eu • Interest from internaonal audiences • Requested to present to the Kantara Iden4ty Assurance Working Group • Discussions

h"ps://aarc-project.eu

PublicFacingSite• Sir=iBrochure• Theframework:Sir=iv1.0• GeneralFAQsTechnicalWiki• Federa4onPar4cipantsGuide

•  Recipeforadop4on• Federa4onOperatorsGuide

•  Whitelis4ngmetadataextensions•  Metadataaggregates•  Coordina4ngadop4on

• ChoosingaSir=iContact• TechnicalFAQS

Addi?onalBackgroundMaterial• Blogpost•  ISGCProceedingspaper(TBC)–thankyousomuchforthefeedbackandinputIreceived!• Poster• Logo

5

Whathavewedonethisyear?TrainingMaterial

Ifyouno4cegapsorimprovements–please

speakup!

Page 6: Incident Response - AARC Project · h"ps://aarc-project.eu • Interest from internaonal audiences • Requested to present to the Kantara Iden4ty Assurance Working Group • Discussions

h"ps://aarc-project.eu 6

Whathavewedonethisyear?TrainingMaterial

Page 7: Incident Response - AARC Project · h"ps://aarc-project.eu • Interest from internaonal audiences • Requested to present to the Kantara Iden4ty Assurance Working Group • Discussions

h"ps://aarc-project.eu

•  Interestfrominterna4onalaudiences

• RequestedtopresenttotheKantaraIden4tyAssuranceWorkingGroup

• DiscussionsmovingbeyondFIMworld,talkingwithSWITCHSecurityandTF-CSIRT

7

Whathavewedonethisyear?Events

Event Loca?on Date

EWTI(EuropeanWorkshoponTrustandIden4ty Vienna 01Dec2015

ISGC(Interna4onalSymposiumonGridsandClouds) Taiwan 15Mar2016

KantaraIAWG,Videoconference US 07Apr2016

TF-CSIRT Riga 12May2016

Page 8: Incident Response - AARC Project · h"ps://aarc-project.eu • Interest from internaonal audiences • Requested to present to the Kantara Iden4ty Assurance Working Group • Discussions

h"ps://aarc-project.eu

Ourpilotfedera4ons:• CSC• SURFconext–bulkadop4onbyIdPs!• SWITCH–“Byfall2016wewanttohaveallIdP/SPSIRTFIcompliant”• WAYFSir>iisalsobeingincorporatedintootherprojects,e.g.CERNCloud&CiLogonPilot

8

Whatwillwedonextyear?Deployment-Pilots

Page 9: Incident Response - AARC Project · h"ps://aarc-project.eu • Interest from internaonal audiences • Requested to present to the Kantara Iden4ty Assurance Working Group • Discussions

h"ps://aarc-project.eu

• GN4willtakeovertomoveSir=itoTRL“Late-stage-pilot”,level7• Federa4onOperatorsupportworkwillshiltotheGN4project• Federa4onPar4cipantsupportwillpar4allyremainanAARCtask• Concreteaims

1.  Pushforwide-scaleadop4onatbothhub-and-spokeandfull-meshfedera4ons

2.  Pushforadop4onatkeye/r-infrastructures3.  Troubleshootpropaga4onproblems(i.e.

metadatafiltering)4.  DefineandtestKPIs5.  AddSir=itoHighlyRecommendededuGAIN

prac4ces

9

Whatwillwedonextyear?Deployment-Transi?ontoGN4

Page 10: Incident Response - AARC Project · h"ps://aarc-project.eu • Interest from internaonal audiences • Requested to present to the Kantara Iden4ty Assurance Working Group • Discussions

h"ps://aarc-project.eu

• Sir=iwillformthebasisforthe“GenericSecurityIncidentResponseProcedureforFedera4ons”

• DueinMonth20,i.e.January2017

• DralplannedforAutumn

• WillneedtoexpandonSir=itoinclude• Workflowsforincidentscenarios•  Interac4onwithexis4ngpolicies•  …

• Watchthisspaceforrequestsforinput!

10

Whatwillwedonextyear?DNA3.2IncidentResponseProcedure

Page 11: Incident Response - AARC Project · h"ps://aarc-project.eu • Interest from internaonal audiences • Requested to present to the Kantara Iden4ty Assurance Working Group • Discussions

h"ps://aarc-project.eu

• Movingawayfromtheoryandtowardsproof-of-conceptpresenta4ons

• ThesecurityworkshopatISGCprovedaninteres4ngexerciseanditwouldbeworthrepea4ngJ

• MuchofthisoutreachworkwillbemovedtoGN4

11

Whatwillwedonextyear?Events

Event Loca?on Date

TNC-16 Prague June2016

TechEx16 Miami September2016

TF-CSIRT Zurich October2016

GN4 ? December2016

EWTI ? December2016

Page 12: Incident Response - AARC Project · h"ps://aarc-project.eu • Interest from internaonal audiences • Requested to present to the Kantara Iden4ty Assurance Working Group • Discussions

h"ps://aarc-project.eu 12

Page 13: Incident Response - AARC Project · h"ps://aarc-project.eu • Interest from internaonal audiences • Requested to present to the Kantara Iden4ty Assurance Working Group • Discussions

h"ps://aarc-project.eu 13

Blueskythinking…

Page 14: Incident Response - AARC Project · h"ps://aarc-project.eu • Interest from internaonal audiences • Requested to present to the Kantara Iden4ty Assurance Working Group • Discussions

h"ps://aarc-project.eu

VarioustoolscouldhelpsupportSir>i

• Sir=i-filterededuGAINmetadata,handledbyFedera4onOperators

• AdashboardofSir=icontactsforquicklookupduringanincident

• Self-AssessmenttooltodistributeSir=iAssessmentsandmonitoradop4on

• Tes4ngframeworktomonitorresponse4meinmock-incidents(orreal!)

14

Blueskythinking…

Page 15: Incident Response - AARC Project · h"ps://aarc-project.eu • Interest from internaonal audiences • Requested to present to the Kantara Iden4ty Assurance Working Group • Discussions

h"ps://aarc-project.eu

VarioustoolscouldhelpsupportSir>i

• Sir=i-filterededuGAINmetadata,handledbyFedera4onOperators–NewAARCPilot

• AdashboardofSir=icontactsforquicklookupduringanincident–GN4

• Self-AssessmenttooltodistributeSir=iAssessmentsandmonitoradop4on-??

• Tes4ngframeworktomonitorresponse4meinmock-incidents(orreal!)–GN4

15

Blueskythinking…

Page 16: Incident Response - AARC Project · h"ps://aarc-project.eu • Interest from internaonal audiences • Requested to present to the Kantara Iden4ty Assurance Working Group • Discussions

h"ps://aarc-project.eu

ThankyouAnyQues4ons?

©GÉANTonbehalfoftheAARCproject.TheworkleadingtotheseresultshasreceivedfundingfromtheEuropeanUnion’sHorizon2020researchandinnova4onprogrammeunderGrantAgreementNo.653965(AARC).

h"ps://aarc-project.eu

[email protected]


SAML and Shibboleth SP Introduction - AARC

Kantara - Consent & Information Sharing WG Update

Systematic Review AARC Clinical ... - Respiratory Care

Cross-Operator Identity Services - Kantara Initiative

AARC the Hundred Year Plan v1.7

The AARC Connecting. Educating. Informing. Inspiring

Kantara Initiative Operating Procedures

Smart card kantara pids presentation grey

Customerâ€Supplier Engagement Model Quick - Kantara Initiative

AARC PILOTS AAI SOLUTIONS FOR - GÉANT · aarc-project.eu/pilots/ collaboration, getting an AAI in place to serve them is not simple either. For the CTA team, working with the AARC

Kantara Workshop: Making the World Safe for User … fileAbout Kantara Initiative • Participation: Open global identity, web, and developer community of individuals and organizations,

Flyer admission F D kantara - Sinai University

AARC Clinical Practice Guideline

AARC fall 2014 Newsletter

Linking research and infrastructures to federation ... · Authentication and Authorisation for Research and Collaboration David Groep AARC Policy and Best Practice ... ‘Kantara

CIS14: Kantara Open Stand Overview

Kantara Workshop at CIS

CIS14: Kantara Briefing on ID.me

AARC BENCHMARK 1 REVISITED - bebec.eu

AARC Protocols Book

AARC Assurance Profiles - Kantara Initiative · FIM4R Paper Security for Collaborating Infrastructures (SCI) REFEDS Working Group AARC Sirtfi v1.0 Published First Round Deployment

The Bridge to Assurance Communities, Governance and ... · Building Bridges . Trustees Members . 2011 8 Kantara Initiative: Liaisons Kantara Initiative - Trust Frameworks: A Global

Orange County Review inSIDEr, May 24, 2007 Rockin’ Kantara

Alabama Analytical Research Center (AARC)

AARC Benchmarking 2

Kantara May 2012

Smart card kantara pids presentation w-blue background

Illustrated Parts Manual AARC CCTTI

Kantara Initiative - Connecting a More Trustworthy Internet

Kantara a Global Context 2011

The Bridge to Assurance Communities, Governance …...Building Bridges Trustees Members 2011 11 Kantara Initiative: Liaisons Kantara Initiative - Trust Frameworks: A Global Context

Complementary trust: IDEF Registry and Kantara cross-attestation

AARC QUARTERLY - jfk.hood.edu

Siri Update - REFEDS · ISGC (Internaonal Symposium on Grids and Clouds) Taiwan 15 Mar 2016 Kantara IAWG, Videoconference US 07 Apr 2016 Internet2 Webinar US May 2016 Internet2 Global

Building(Internaonal CollaboraonforLowCarbon ... · ©"OECD/IEA"2015" Building(Internaonal CollaboraonforLowCarbon(TechnologyInnovaon(HowCOP21canshitheenergysector(technologyinnovaonontoalowcarbonpath