A Trust Framework for Security Collaboration among Infrastructures

Kelsey, David; Chadwick, K.; Gaines, Irwin; Groep, David; Kaila, Urpo; Kanellopoulos, C.; Marsteller, James; Niederberger, Ralph; Ribaillier, Vincent; Wartel, Romain; Weisz, Willy; Wolfrat, Jules

doi:10.22323/1.179.0011

Cited by 3 publications

(4 citation statements)

References 0 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In 2017, endorsement from supporting infrastructures was sought, resulting in signed statements from the following infrastructures; EGI 1 , EUDAT 2 , GÉANT 3 , GridPP 4 , HBP 5 , MYREN 6 , PRACE 7 , SURF 8 , WLCG 9 , XSEDE 10 . Each of these infrastructures "welcomes the development of an information security community for the Infrastructures, and underlines that the present activities by the research and e-Infrastructures should be continued and reinforced".…”

Section: Formationmentioning

confidence: 99%

See 1 more Smart Citation

WISE Information Security for Collaborating e-Infrastructures

et al. 2019

Self Cite

View full text Add to dashboard Cite

As most are fully aware, cybersecurity attacks are an ever-growing problem as larger parts of our lives take place on-line. Distributed digital infrastructures are no exception and action must be taken to both reduce the security risk and tohandle security incidents when they inevitably happen. These activities are carried out by the various research infrastructures and it has become very clear in recent years that collaboration with others both helps to improve the security and to work more efficiently. The Wise Information Security for Collaborating e-Infrastructures (WISE) community provides a trusted framework where security experts can share information on topics such as risk management, experiences about certification processes and threat intelligence. With participants from multiple large scale Infrastructures, WISE focuses on standards, guidelines and practices, and promotes the protection of critical infrastructure. To date WISE has published two documents; a risk management template and a second version of the SCI framework, endorsed by multiple large-scale infrastructures. In 2018 WISE began work on new areas of relevance to the High Energy Physics community, including a focus on operational security and incident response for interoperating infrastructures. We present an overview of the available WISE recommendations, future work and how WISE brings benefits to the High Energy Physics community.

show abstract

Section: Formationmentioning

confidence: 99%

“…SCI, one of the two founding groups of WISE, produced the SCI Framework [5] in 2014 as a method of assessing an infrastructure's security standing. Several derivatives of SCI have been produced, notably the Snctfi and Sirtfi Frameworks developed through the AARC project [6].…”

Section: Security For Collaborating Infrastructures (Sci) Frameworkmentioning

confidence: 99%

WISE Information Security for Collaborating e-Infrastructures

et al. 2019

Self Cite

View full text Add to dashboard Cite

show abstract

“…Snctfi [19] stands for Scalable Negotiator for a Community Trust Framework in Federated Infrastructures. It proposes a policy framework to assess the 'quality' of service provider and identity provider (SP-IdP) proxies based on the structures of the Security for Collaboration among Infrastructures (SCI) framework [20]. The SP-IdP proxy behaves authentication and authorization infrastructure gateway and mediates between the services in the research/education infrastructure and IdPs in the federation.…”

Section: Snctfimentioning

confidence: 99%

A Study of Credential Integration Model in Academic Research Federation Supporting a Wide Variety of Services

Sakane¹,

Nishimura²,

Aida³

et al. 2018

Proceedings of International Symposium on Grids and Clouds 2018 in Conjunction With Frontiers in Computational Drug Discovery —

View full text Add to dashboard Cite

This paper investigates the situation where users must utilize each credential according to the desired services, and clarifies the problems in the situation and the issues addressed by the concept of "identity federation". Japan has the GakuNin, which is an academic access management federation, and the HPCI, which is a distributed high performance computing infrastructure. For the provision of the HPCI resources, the HPCI cannot simply behave as a service provider in the GakuNin. Consequently, in performing academic research, especially HPCI users belonging to academic institutions are compelled to manage both the GakuNin and the HPCI credentials. In this paper, based on the situation in Japan mentioned above, we discuss a credential integration model in order to more efficiently utilize a wide variety of services. We first characterize services in an academic federation from the point of view of authorization and investigate the problem that users must utilize each credential issued by different identity providers. Thus, we discuss the issues to integrate user's credentials, and consider a model that solves the issues.

show abstract

“…The need for a Security Incident Response Trust Framework for Federated Identity (Sirtfi) was identified in the 2013 paper "A Trust Framework for Security Collaboration among Infrastructures" [7] and was picked up by REFEDS, leading to the creation of a Sirtfi Working Group. Work was included in the Authorisation and Authentication for Research and Collaboration (AARC) Project [3] in 2015, which aims to develop an integrated cross-discipline authentication and authorisation framework.…”

Section: The Security Incident Response Trust Framework For Federatedmentioning

confidence: 99%