- Created by Baptiste Grenier on 2022 Apr 15
As a an Operations Centre, the following Policies and Procedures are relevant to you.
Policies
| Title | Approval status | Owner | Statement |
|---|---|---|---|
| Security Policy Glossary of Terms | APPROVED | This document provides a common reference for the meaning of various terms used in the context of the EGI Security Policy Group documents. As well as defining terms, this glossary also limits the scope of meaning of terms used in the security policy documents. | |
| Policy on the Processing of Personal Data | APPROVED | David Kelsey | This policy ensures that data collected as a result of the use of the Infrastructure is processed fairly and lawfully by Infrastructure participants. |
| Security Incident Response Policy | APPROVED | Policy on handling security incidents. | |
| Policy on Acceptable Authentication Assurance | APPROVED | This policy defines the approved authentication assurance sources. |
Procedures
| Title | Approval status | Owner | Statement |
|---|---|---|---|
| PROC05 IGTF Release Process | PENDING APPROVAL | Procedure for the announcement and propagation of a new release of the EGI Trust Anchor distribution | |
| SEC01 EGI CSIRT Security Incident Handling Procedure | APPROVED | Computing Security Incident Response Team (CSIRT) | This procedure is aimed at minimising the impact of security incidents by encouraging post-mortem analysis and promoting cooperation between Resource Centres. |
| PROC09 Resource Centre Registration and Certification | APPROVED | Alessandro Paolini | A procedure describing the steps for registering and certifying new Resource Centres (sites) in the EGI infrastructure. The certification steps can also be used to re-certify suspended Resource Centres (sites). |
| PROC19 Integration of new cloud management framework or middleware stack in the EGI Infrastructure | APPROVED | Alessandro Paolini | A procedure for integrating new cloud management framework (Cloud platform) or middleware (Compute, Storage, etc.) in the EGI Production Infrastructure. |
| PROC20 Support for CVMFS replication across the EGI and other partner collaboration CVMFS services | APPROVED | Catalin Condurache | The document describes the process of enabling the replication of CVMFS spaces across EGI and other partner collaboration CVMFS infrastructures |
| PROC14 VO Registration | APPROVED | The document describes the process of enabling a Virtual Organisation (VO) on the EGI infrastructure. | |
| ISRM7 Creation of a new support unit in the Helpdesk GGUS | APPROVED | Creating a new support unit in the EGI Helpdesk service (GGUS). | |
| PROC13 VO Deregistration | APPROVED | Alessandro Paolini | A procedure describing how to decommission a Virtual Organization currently registered in the EGI infrastructure. |
| PROC02 Operations Centre creation | APPROVED | Matthew Viljoen | The purpose of this document is to clearly describe the actions and the relative steps to be undertaken for integrating an Operations Centre into the EGI Infrastructure. |
| PROC21 Resource Centre suspension | APPROVED | Alessandro Paolini | The document describes the process for suspending a Resource Centre in the EGI infrastructure |
| SEC05 Security Resource Centre Certification Procedure | APPROVED | Computing Security Incident Response Team (CSIRT) | Security Resource Centre Certification Procedure applies to Resource Centres under certification process and re-certification of suspended Resource Centres (sites). This step of the security certification procedure checks that the resources under certification do not contain known CRITICAL software vulnerabilities. |
| PROC22 Support for CVMFS replication across the EGI Infrastructure | APPROVED | Catalin Condurache | The procedure describes the process of creating a repository within the EGI CVMFS infrastructure for an EGI VO |
| WI07 Security Vulnerability handling | APPROVED | Computing Security Incident Response Team (CSIRT) | Work instruction to follow Security Vulnerability handling RT tickets |
| SEC03 EGI-CSIRT Critical Vulnerability Handling | APPROVED | EGI-CSIRT | The scope of this procedure is to maintain a properly patched infrastructure and make sure that CRITICAL Vulnerabilities are handled adequately by all involved entities. |
| SEC04 EGI CSIRT Operational Procedure for Compromised Certificates and Central Security Emergency suspension | APPROVAL REQUIRED | Computing Security Incident Response Team (CSIRT) | This procedure describes what should be done by the EGI CSIRT in the event of a compromised identity certificate, including long lived certificates and proxies. This applies to robot certificates and service certificates as well as user certificates. This also includes what is done when certificates are linked to security incidents. This procedure also addresses usage of Central Security Emergency suspension. The implications of a CA compromise are also briefly described. |
| PROC03 Operations Centre decommission | APPROVED | Matthew Viljoen | The purpose of this document is to clearly describe the actions and the relative steps to be undertaken for decommissioning an Operations Centre. |
| PROC15 Resource Center renaming | APPROVED | Alessandro Paolini | A procedure for changing name of a Resource Centre. |
| PROC11 Resource Centre Decommissioning | APPROVED | Matthew Viljoen | A procedure describing the steps to decommission Resource Centres in the EGI infrastructure. |
| PROC12 Production Service Decommissioning | APPROVED | Matthew Viljoen | A procedure describing the steps to decommission a Service operated by a Resource Centre in the EGI infrastructure |
| PROC16 Decommissioning of unsupported software | APPROVED | Alessandro Paolini | A procedure for removal of unsupported software from production infrastructure |
| PROC01 EGI Infrastructure Oversight escalation | APPROVED | Matthew Viljoen | The purpose of this document is to define escalation procedure for operational problems |
| PROC08 Management of the EGI OPS Availability and Reliability Profile | APPROVED | Alessandro Paolini | This document specifies the procedure for modifying the EGI OPS Availability and Reliability profile |
| PROC06 Setting Nagios test status to operations | APPROVED | Alessandro Paolini | The purpose of this document is to clearly describe the actions and the relative steps to be undertaken for including Nagios tests into the ARGO_MON_OPERATORS profile: in this way, the operations dashboard will display an alarm in case the test fails. |
| PROC07 Adding new probes to ARGO | APPROVED | Alessandro Paolini | This document specifies the procedure for adding new probes to the ARGO Monitoring service |
| PROC04 Quality verification of monthly availability and reliability statistics | APPROVED | Alessandro Paolini | Instructions RODs and Operations Centres on how to handle justification for poor monthly performance |
| PROC10 Recomputation of SAM results or availability reliability statistics | APPROVED | Alessandro Paolini | This procedure documents the steps for requesting a correction in the SAM test results and in the related availability/reliability statistics. |
| ISRM5 Verify Helpdesk SUs are working and perform a periodic review of them | APPROVED | The procedure describes the process for verifying the relevance and performance of Support Units (SUs) in the EGI helpdesk (GGUS). The procedure defines the criteria for decommissioning the SUs that are no longer relevant. |
- No labels