Security Service Challenge level 1 (SSC_1)
This WIKI contains instructions, recommendations and suggestions
that are relevant for the LCG/EGEE Security Service Challenge level 1 (SSC_1).
The objective
Security Service Challenge level 1 (SSC_1) challenges the Workload Management System (WMS) on the Grid: Resource Broker (RB) and Compute Element (CE).
The goal of the LCG/EGEE Security Service Challenge (SSC), is to investigate whether sufficient information is available to be able conduct an audit trace as part of an incident response, and to ensure that appropriate communications channels are available.
Material for TOP
We have provided a tool kit containing software and instructions for executing the SSC_1. The material is available for download as
a tar-ball.
In order to un-tar, position yourself in a suitable directory and execute the command:
tar xzvf
<
path to the downloaded tar-ball
>
.
Recipies for the Security Contact
During the first stage, several ROC managers spontaneously volounteered to provide detailed recipes for how to extract the audit trail. Their contributions are available below:
Debriefing Report
After completion of each Stage of the SSC_1, the participating ROCs were asked to provide feedback from the exercise. Comments received were not only limited to the execution of SSC_1 proper, but also provided suggestions for other, future challenges.
Based on their input, the final
SSC_1 Debriefing report was compiled.
Prerequisites
Both the TOP and the Security Contact must be registered users of the chosen problem tracking tool used for the particular ROC. In case the ROC does not have a suitable tool, then they should use
Savannah. Information about user registration is available at-
http://savannah.cern.ch/
Both roles also need to register with the Savannah Group:
LCG/EGEE Security Service Challenges
The Grid Operation Center must be granted access to the results down to the individual Grid Site level in order to evaluate the efficiency of the procedures in place.
Links to related information
___________
Updates:
2006-09-07 (psa) added pointer to google map
2006-05-18 (psa) took account of comments from de-brefing session of SSC_1 stage 2
2006-04-10 (psa) added material from the completion of SSC_1 stage 2
2006-03-30 (psa) updated the ssc_1 world map
2005-11-02 (psa) split SSC_1 from mother-topic, adjusted tense for moving deadline
2005-10-17 (psa) initial writing