[[PageOutline]] == Project Number == 1720 == Project Title == Developing a Comprehensive GENI Cyber Security Program a.k.a. !CompSec === Technical Contacts === Principal Investigator Adam Slagell slagell@ncsa.illinois.edu [[BR]] Co-PI Randy Butler rbutler@ncsa.illinois.edu === Participating Organizations === National Center for Supercomputing Applications [[BR]] University of Illinois [[BR]] 1205 W. Clark St [[BR]] Urbana, IL 61801 === GPO Liaison System Engineer === Vic Thomas vthomas@geni.net == Scope == This effort will develop an evolving GENI Cyber Security Program through detailed analysis of GENI architecture documents, specific implementations, and project work, using an open process the encourages community feedback. The project team will leverage experience with security planning for the National Center for Supercomputing Applications, the NSF TeraGrid and Open Science Grid projects, the Blue Waters Project and the National Center for Digital Intrusion and Response, broadening the experimental community’s interactions with GENI. The project will produce interim and longer-term GENI security plans, guidelines and procedures, and will collaborate closely with other GENI security projects, particularly SPARTA’s. === Current Capabilities === BRIEF descriptions of resources/functions/tools that are available to anyone in the GENI community === Milestones === [[MilestoneDate(CompSec: S2.a)]] Catalog of relevant use cases v. 0.1 [attachment:GENI-Security-Use-Cases-and-Stakeholders.pdf Click here for document] [[BR]] [[MilestoneDate(CompSec: S2.b)]] Asset Valuation and Risk Assessment report v. 0.1 [attachment:Asset-Valuation-and-Risk-Assessment-Report.pdf Click here for document] [[BR]] [[MilestoneDate(CompSec: S2.c)]] Review and Update of Asset Valuation and Risk Assessment report [[BR]] [[MilestoneDate(CompSec: S2.d)]] Threat & Vulnerability Report v. 0.1 [[BR]] [[MilestoneDate(CompSec: S2.e)]] Aggregate Provider Agreement v. 0.1 [attachment:"GENI Aggregate Provider Agreement v0.1.pdf" Click here for document] [[BR]] [[MilestoneDate(CompSec: S2.f)]] Interim Operational Security Plan [attachment:InterimOperationalSecurityPlan.pdf Click here for document] [[BR]] [[MilestoneDate(CompSec: S2.g)]] Review and Update of Aggregate Provider Agreement [[BR]] [[MilestoneDate(CompSec: S3.a Aggregate Provider Agreement v. 0.3)]] [[BR]] [[MilestoneDate(CompSec: S3.b "Legal, Law Enforcement and Regulatory Plan v. 0.1. ")]] [[BR]] [[MilestoneDate(CompSec: S3.c Operational Security Plan v. 0.5)]] [[BR]] [[MilestoneDate(CompSec: S3.d Clearing House Agreement v 0.1)]] [[BR]] [[MilestoneDate(CompSec: S3.e Operational Security Plan v. 1.0)]] [[BR]] == Project Technical Documents == [attachment:GENI-Security-Use-Cases-and-Stakeholders.pdf Security Use Cases & Stakeholders] === Quarterly Status Reports === [wiki:CompSec-QSR-1Q2010 1st Quarter 2010] [[BR]] [wiki:CompSec-QSR-2Q2010 2nd Quarter 2010] [[BR]] [wiki:CompSec-QSR-3Q2010 Report 1 Spiral 3] [wiki:CompSec-QSR-1Q2011 Report 2 Spiral 3] === Spiral 2 Connectivity === Not applicable. This project is developing a plan for GENI security. === Related Projects === Includes non-GENI projects.