Dear all,
The UK Core Programme Security Task Force, of which I am a member, is
organising a 2-day Grid Security (mainly requirements gathering) workshop at
the NeSC on 5/6 December. Please see below for full details and a web
pointer.
I will attend, but it would be good if one or two additional GridPP people
could join me. The notes suggest representation from both the Grid
technology side AND the applications.
Will those of you interested in attending please contact me first BEFORE
registering. We (GridPP) should coordinate ourselves to ensure the correct
level of representation.
Best regards,
Dave
------------------------------------------------
Dr David Kelsey
Computing & Resource Management
Particle Physics Department
Rutherford Appleton Laboratory
Chilton, DIDCOT, OX11 0QX, UK
e-mail: [log in to unmask]
Tel: [+44](0)1235 445746 (direct)
Fax: [+44](0)1235 446733
------------------------------------------------
-----Original Message-----
Date: Wed, 30 Oct 2002 14:50:28 -0000
From: Anne Trefethen <[log in to unmask]>
To: Alan Rector <[log in to unmask]>, Andy Lawrence <[log in to unmask]>,
Brian Lawrence <[log in to unmask]>,
Carole Goble <[log in to unmask]>, Chris Nave <[log in to unmask]>,
Frank Bisby <[log in to unmask]>, Jeremy Frey
<[log in to unmask]>,
Jim Austin <[log in to unmask]>, Keith Haines
<[log in to unmask]>,
Mark Sansom <[log in to unmask]>, Martin Dove <[log in to unmask]>,
Mike Sternberg <[log in to unmask]>,
Myles Allen <[log in to unmask]>,
Nigel Goddard <[log in to unmask]>,
Paul Valdes <[log in to unmask]>,
Peter Coveney <[log in to unmask]>, Simon Cox
<[log in to unmask]>,
Tom Kirkwood <[log in to unmask]>,
Tony Doyle <[log in to unmask]>, Yike Guo <[log in to unmask]>
Subject: Grid Security Workshop
Dear e-Science Pilot Project:
We would like to invite participation in the workshop:
Grid Security: The why, what, where and how
To be held at NeSC on December 5/6 2002.
The workshop is the first step in creating a policy and roadmap for Grid
security in the UK. Security, in one form or another, is a key concern for
many projects. The Core Programme needs to understand these requirements in
order to ensure that they can be met by the Grid services and infrastructure
being built within the programme. The goal of the workshop, therefore, is to
raise awareness of the issues surrounding security for e-Science
applications and to begin collecting requirements for programme-wide
security policies and support actions.
Grid security issues cover a wide range including identification and
authentication, access control, database security, confidentiality,
integrity, availability, dependability and usability. Given the nature of
the Grid - provision of services and applications across diverse virtual
organisations - there are key issues of interoperability and security
mechanisms across those virtual organisations, where different policies may
be in place.
The workshop will collect experiences and discuss ways in which projects can
address the following security issues:
o What security architectures are projects adopting, and what
software is being used to implement them? Are there key areas of security
for which no software is available, and what are projects doing about this?
o What usage policies are being adopted by projects? Is there
a need for a generic policy on acceptable use of the UK e-Science Grid?
o Do H different e-Science grids have different certification
policies or registration protocols?
o What mechanisms do projects have for dealing with breaches
of security? Is there a need for a UK e-Science CERT?
o How are projects dealing with firewalls? Is there a generic
approach that all should use?
o How are security software updates being organised and
implemented across project grids? Is there a need for support in this area?
o How should responsibility for Grid security be divided
between projects, participating sites, and UK e-Science and network
infrastructure support teams?
o What needs to be done in terms of education and outreach
regarding security and security policies within the e-Science programme?
We also ask that participants supply a brief description of a 'pet' security
problem within their project. Responses will be used to facilitate breakout
groups on several of these topics.
We believe that the goals of the workshop will be best met by involving both
Grid technology and application representatives from each of the research
pilot projects and other e-Science projects together with the security task
force and representatives from the Grid Support Centre, UKERNA and other
related organisations. In the case that funding for two members of a
project collaboration cannot be found within existing grants, we will be
willing to consider requests for additional funds to cover the costs of
travel and subsistence. (See registration form for details.) Please register
on the NeSC website at
<http://umbriel.dcs.gla.ac.uk/NeSC/general/esi/events/126/>.
We anticipate holding a follow-on workshop in early February on security
best practice, together with focus areas identified during this workshop.
Many thanks
anne
=======================
Dr Anne E Trefethen
Deputy Director
e-Science Core Programme
DTI
Tel: +44 1793 444284
Fax: +44 1793 444456
========================
**********************************************************************
Internet communications are not secure and therefore EPSRC does not accept
legal responsibility for the contents of this message. Any views or
opinions presented are solely those of the author and do not necessarily
represent those of the EPSRC unless specifically stated.
All EPSRC staff can be contacted using Email addresses with the following
format: [log in to unmask]
**********************************************************************
|