Aim:
We have had a lot of feedback that the Policy Development Kit (which came from the AARC project) is good but doesn't necessarily fit use cases. People have to make significant modifications. We would like to pull in the feedback from these first-hand implementation experiences and produce an improved set of templated policies.
In particular, some communities are looking for something very easy to pick up and define requirements on participating services (e.g. CS3MESH). Our first objective is to update the Security Operations Policy (and possibly the top level policy that ties participants together).
Resources:
The final work from the AARC Project is at https://aarc-community.org/policies/policy-development-kit/ this has been slightly updated with time
We have a (unmaintained) Moodle course at https://e-academy.geant.org/moodle/course/view.php?id=16
Existing Security Operations Policy Options:
- PDK version https://docs.google.com/document/d/1_cNMF3l3YVPqBBH0MPqx9DLAL1t3Z33_fJcjln8Xk48/edit#heading=h.idp93lqbm8kt
- The EOSC Security Baseline may serve as a best option for loosely coupled federations https://docs.google.com/document/d/1a8TQAfOnB0CADo_n5nn7-DQX6jV7Iz-2i90hBAzMgGY/edit#heading=h.eyau1431a74f
- There may be one from Elixir?
Meetings:
- Discussed during EUGridPMA October 2021
- October 4th 2021
- Monday 18th 2021 (TBC)
- At the WISE/SIG-ISM Meeting October 26/27 https://events.geant.org/event/742/
Actions:
- Hannah: Ask ELIXIR if they used the Security Operations Policy
- Hannah: Ask Uros/Markus about HDF use
- Ian: share Iris and PDK Policy comparison