This is a draft document for comments.
This document sets out the scope for eduGAIN Incident Response Coordination, which will be piloted from 1 July 2018 - 31 July 2019. eduGAIN Incident Response coordination will be supported by edugain-support and a dedicated team of incident response experts.
A. Put in place team
| Requirements | Status | Responsible | |
|---|---|---|---|
| A1. | Define support team For the pilot, a team of between 3 - 4 incident response experts will be identified drawing people from the GÉANT Association, the GÉANT project and the community. | IN PROGRESS | Ann / Nicole |
B. Put in place service parameters
| Requirements | Status | Responsible | |
|---|---|---|---|
| B1. | Scope For the pilot, the role will be limited to coordinating and supporting federations and federation users in finding the correct security contact only. No support in diagnosing or solving the issue will be offered unless it something that eduGAIN already has direct experience and knowledge to support. | ||
| B2. | Hours and response times For the pilot, support will be offered during normal European working hours. The support function will aim to provide an initial response within 1 working day. | ||
| B3. | Supported users TBD - only Sirtfi contacts? Anyone contacting? Federations? etc. |
C. Define workflow for team response.
| Requirements | Status | Responsible | |
|---|---|---|---|
| C1. | global identifier for each incident | ||
| C2. | incident type classification | ||
| C3. | recognizing and escalating a security ticket | ||
| C4. | ensuring the right people are added to communication chain | ||
| C5. | supporting move to a secure channel | ||
| C6. | supporting post incident communications and reporting |
D. Select and implement support tools.
| Requirements | Status | Responsible | |
|---|---|---|---|
| D1. | Secure communication channel | ||
| D2. | Sirtfi responsiveness testing | ||
| D3. | Sirtfi error checking |
E. Ensure eduGAIN policy and supporting templates are in place.
| Requirements | Status | Responsible | |
|---|---|---|---|
| E1. | Sirtfi as an eduGAIN BCP | ||
| E2. | |||
| E3. | Disclosure policy |
F. Implement support for testing.
| Requirements | ||
|---|---|---|
| F1. | Work with end-users on small test cases | |
| F2. | Participate in larger-scale incident testing |