Introduction

Background information is available at: It is expected that the working group will work on two different areas:

• Software: ensure there is enough traceability on the SE and that our services use standard logging mechanisms (syslog)
• Operations: provide recommendations aimed at the sites to help them fulfill the logging and traceability policy requirements, in particular on the WN and UI

A more detailed work plan will be provided once the working group is formed.

As far as communication is concerned:

• The working group will coordinate via a mailing list
• Remote and possibly face-to-face meetings (e.g. pre-GDB) will also be organised
• Regular status reports will be provided via the GDB

Questionnaire for the different software areas

All questions are in the context of activities that involve identifiable client (a person, a device, a service etc):

1. How do you record activities?
   1. syslog
   2. database
   3. other (expand)
   4. no record is kept
2. What is recorded?
   1. person's DN
   2. IP address (for connection source and/or destination)
   3. time stamp
   4. nature of activity (e.g. put/get, query etc)
   5. other (expand)
3. How is the record formatted?
4. Where is the record kept?
   1. specific local catalog
   2. specific server (local or remote) (e.g. remote syslog)
5. What is access control on the record?
   1. Unix ACL
   2. authorisation by credentials
   3. other (expand)
   4. none
6. Are there multiple records?
   • If they are of different kinds, fill out a separate questionnaire for each.

Contact

wlcg-security-tracebility-wg@cernNOSPAMPLEASE.ch

Meetings

https://indico.cern.ch/categoryDisplay.py?categId=4392

Set ALLOWWEBCHANGE = TWikiRegistrationAgent, RomainWartel