"A coordinated response to cross-grid security incidents"


  1.   Digital identity


PGP Fingerprint: 

DCE1 D498 AD46 A62E 3D46 7283 395B 002C 0A7F 84D9

PGP Key:
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.4.10 (Darwin)

mQENBErcPgsBCAC7WUgvqoXWUHfbPEPS12vvxPg+kTVr0lexgLVZorGIEUf17vdv
C3FLqm/pQ3zUd5uAqH+g48wy/ef8YeZZWDUz78bRLXORKHIOpncmYPCkFfvp3A6f
wBZ/oAYnmRb0h3NF8Dy3olV3BwTE+ppr7hk8yIdLi69dvAmc/eRk/rkkFoT89JFx
hqMP4T+qqn6S9i3dbMZo+4kEwHeAw6uXvCSgUp1cChTPj8ocLlE4dKAfGMTnDlAA
3rVJAmSqT15+ZYeyHHh19xWHuMH+1ddTu1LIUfFiA06GZpEBd2w+ZrWPe5gqWrOC
KZYkeImy1jnXVXsTLuhSjdgu/VzqwT9P4OpDABEBAAG0IEdSSUQtU0VDIDxncmlk
LXNlY0BncmlkLXNlYy5vcmc+iQE4BBMBAgAiBQJK3D49AhsDBgsJCAcDAgYVCAIJ
CgsEFgIDAQIeAQIXgAAKCRA5WwAsCn+E2RPqB/96gO2irFSw1N3cc7QrJE0zmcku
P6mlf1G1AaZw753naHB2LJVoh1lymvKtIX7E5Vh8ZUmsDt4dXSmxe8z0LAS/IART
ET4EhduYqvSD7ia4YK1JNk9/ddY8FMjRpCvD1mu9+V3jjbCHQCcE4SySDOHuuIfg
QQF1vNnMosPfSqR9jJknReD3jtlYJBCDX48+wPADT9e7bpOX+NetS2wa+MYVoeOS
1gxxf6AEOR4BJvyElnIQ676XJXcsk75xXLZ4IQ6ossbCanou8aVE45kmFJ7v/LDU
6v6Rc0vp//oa79cRldA4KB9iEyNK5SWPdyGN6L7+g1KdA/U3AG9qVk4N/MBLiEYE
EBECAAYFAkrcP5wACgkQXb3314NpK4HIHgCeIJkGxIUpiH+xw+kR9OAcawziSFsA
n080tOV1dAiRm3DHAGYI6F1JsnmctCVHUklELVNFQyA8Z3JpZC1zZWMtaW5mb0Bn
cmlkLXNlYy5vcmc+iQE4BBMBAgAiBQJK3D4LAhsDBgsJCAcDAgYVCAIJCgsEFgID
AQIeAQIXgAAKCRA5WwAsCn+E2WpbB/9eIhcSKlcznD0ZnrwYPyGNH7/o84CU5vuD
2YEK2nm1XvRWEX65gmKkukVV0RQ8PW1e1qpZVbsYM57Jv9fAkgINYibdiqDj5P2F
XZySvvt3lsFeXbg99iSBuyjWCSHn0x96an9iNTDLnp1ePVQ4v3vzASnN1s3+E85z
6Jsq8uVp2KHILiBmL0sHc405k1xMpcq+xcNaZIXNe4lZP+jgxpad0JdSb+vXo66/
JWNr62x/nds1zFhzdszoEhDXceGnJ/VV9DQDpK/XrhM9+uSSqPAae+Sq4Urr0pWl
gWaf42YYL3pQ9h0AbXqXRa96pATEKKVXXnl6OZdE0J+nrFkPi/tSiEYEEBECAAYF
AkrcP5wACgkQXb3314NpK4E2GgCeO1HNbaFdeg3FcVWrB2mEOBg+ptoAoInVomox
HXfSlXteRorf6l9JJxSIuQENBErcPgsBCADjE7DxWhMcKtXEQ+0eMF1gXe8wVan7
0lCZDO2+YQaJ8x5TVSDwWcKM8Shc/JheGrZcesi17LqbtZNvWUul51n0eJtZoNXV
VDvx0j//P0r7zsgxKbD8TIEEZeGRySUBMEphw9LKTx7ClSjbsbAD+jM5Y83xx7o0
IEfFq4+NSjc5I7vqaQAMEmyLt5sPmov+aVzPrvcIqZ9N+SfDI9IrYF3oJj9Z2Naz
d7hvdr/A23kQ2j4ctsBDIGUBK0pLbdifo+L796sJnloz8DAlbatzYAO05uhfVALY
hDD40pKMsBE0TDbdcrgAywnbGGHLiCKKZKR7YaMPRN7HYwABELKNhabHABEBAAGJ
AR8EGAECAAkFAkrcPgsCGwwACgkQOVsALAp/hNn+gAgApV2OA4VEGgfiZ/Pdrz4g
uyuwJlZ4v0gc6Xouvy7QI0efk7Hi5Y1rLAAmHM+pRAGyU1d6msjpHyqTCWEGrKZV
mXLrVTYMz5hvjmyGIUZIo6cXyObpmE3x+aNWPs4Ab3/3QZuM50k4zk/RvgEgG/nw
QbzNFjZmjhmEBtitvOytcne70dvr7sf1TkIWBpX0wQbRe9vHvcktG2pPtut/FlZn
cm5VmVS9/JMM9nUhBNhRFqUMXJY1+ew6dVeyicPs5FGNstT0wJUEQx51PmBIbzm/
iw39O3n1Qlt273ftU2MxiauskSyDTZb7wPELdggXXgXxP8gWJ4lw4x8WpuEt1lp4
/A==
=bEcq
-----END PGP PUBLIC KEY BLOCK-----


  1.   Participants


The group has a very strict membership policy and is exclusively reserved to individuals representing the grid security team of an academic grid infrastructure, and providing incident response capabilities across different administrative domains, for all the participating grid sites.


  1.   Motivation


Different academic computing grids may provide services to the same user community, and in addition, a given grid resource provider or grid site may share its grid resources across different unrelated user communities.


These additional contact points between user communities, grid resource providers and grid infrastructures is a risk that needs to be managed.

In particular, in this context, security incidents are prone to propagate from one resource centre to the another and from one grid to another, either via the user community or via interconnected grid infrastructures.


As a result, it is essential that interconnected grids or grid sharing connected user communities exchange information and coordinate their response to security incidents. GRID-SEC intends to be a trusted forum for such discussions in the academic area.


  1.   Objective


The group is relying on the trust between the voluntary participants. Its objective is to improve the security information flow between peer grids, in order to mitigate the impact of security incidents against grid infrastructures.


  1.   Membership request


The grid-sec is a closed group and follows the NSP-SEC model.


New members must:

- provide sufficient justification they represent the incident

  response team of an academic grid infrastructure

- provide sufficient explanation as to how security incidents may spread between the academic grid they represent and

             a grid infrastructure already represented in GRID-SEC

- be involved in grid operational security and security incidents handling

- provide the subscription form below duly completed

- have a recommendation by two of existing GRID-SEC members, including at least one working for a different

             organisation


Each application must be sent to and will be reviewed by a list moderator.


A maximum of 2 individuals representing the same grid infrastructure may apply.


If a given grid infrastructure is integrated within a larger grid infrastructure that is already represented in the group, individuals representing the smaller grid infrastructure may not apply.


The group membership will be periodically reviewed to ensure all members fulfil the membership requirements over time.


Under exceptional circumstances, the moderators may grant membership to individuals not necessarily meeting all the registration criteria, but whose involvement is perceived as highly beneficial to the list members.


  1.   Information distribution policy


The information circulated on the mailing list may be tag in the subject line as follows:

- [PUBLIC]: The information may be freely distributed

- [INTERNAL REDISTRIBUTION] The information may be freely distributed within the security teams of each grid on a

             need to know basis, but must not be forwarded any further

- [DO NOT REDISTRIBUTE]: The information may not be forwarded at all


Any information distributed without any particular tag should be assumed to be [DO NOT REDISTRIBUTE].


  1.   New membership subscription form:


New members must post to the list the following form, duly completed:


- Full name

- Email

- Office phone number

- Emergency phone number (mobile + SMS)

- Usual business hours (including time zone)

- PGP key

- Grid infrastructure you are representing

- Employer name

- Physical address

- Job description (at least 5 lines)

- Name and email of the existing members recommending you

- Explain how security incidents may spread between the academic grid you represent and a grid infrastructure already represented in GRID-SEC


While group members input is welcome, the final decision to include or not a member is left to the moderators.