Security Protocols
Objective
To provide a design study for the necessary components of a Federated DiRAC Information Security Management process.
Summary of work undertaken
The design study was delivered through lessons learned at IRIS and other experience, and with the support of the STFC Distributed Research Trust and Security team acting in an advisory role. The design study included examples where trials could begin immediately. The areas for the study were;
- Risk management
- Security coordination at DiRAC site- and federation-level
- Local and federated policy frameworks, learning directly from IRIS policy experience
- Training and Documentation
- Security Monitoring
- Incident response and relationships with existing Security Teams including DiRAC site teams and the IRIS Computer Security Incident Response Team (CSIRT)
- Security Procedures at DiRAC site- and federation-level Security Exercises and Penetration Testing
