Security coordination & policy

The security landscape in which the European Open Science Cloud (EOSC) and its partners are operating services online continues to evolve. Global federated access, distributed computing infrastructures, relatively open scientific communities and computer networks contribute to a unique threat landscape, inherently facilitating quick or large scale propagation of intrusions across multiple administrative domains.

This session will present and discuss all activities of the Security Coordination team of EOSC-hub all of which are aimed at:

• Encouraging and supporting trustworthy Services
• Maintaining the availability and integrity of Services
• Coordination of operational security between e-Infrastructures within EOSC and also with others across the globe
• Establishing and building trust between all participants in the EOSC eco-system

• Service managers and operators
• Research community managers and those responsible for AAI user registrations
• Anyone responsible for security in e-Infrastructures or research communities, or services
• Anyone interested in learning about the current threats and how best to secure services against attack

• Introduction, David Kelsey - STFC UKRI (Download ppt)
• A recent security incident, Vincent Brillault - CERN (Download ppt)
• Avoiding security incidents
  • Lessons from incidents and assessing risks, Urpo Kaila - CSC, Finland (Download ppt)
  • Handling software vulnerabilities, Linda Cornwall - STFC UKRI (Download ppt)
  • Trust and policies, David Kelsey - STFC UKRI (Download ppt)
  • Sharing threat intelligence, David Crooks - STFC UKRI, Liviu Valsan - CERN (Download ppt)
• Handling security incidents, Sven Gabriel - Nikhef (Download ppt)
• Improving coordination, Romain Wartel - CERN