Skip to content

OSG Security

Welcome to OSG Security

The OSG security team's goal is to provide a security framework that enables science and promotes autonomous and open science collaboration among Virtual Organizations (VOs), sites, and software providers. Keeping the balance between the openness, which is necessary for science, and the security is at the core of our work.

Our mission is to protect OSG users and resources from security breaches and provide convenient access to OSG resources.

Reporting a security incident

If you suspect a security problem, please report it immediately.

Note

Also do NOT forget to report security incidents to your local/home organization's incident response team.

Please promptly report security incidents involving OSG resources via email to security@osg-htc.org. Please include the following information in your report:

  • Your name, email address, phone number.
  • A description of the incident, including time(s), systems and user accounts involved, and any related event.
  • What is your affiliation with the OSG? Which Virtual Organization are you a member of?
  • Do you think your grid identity (certificate and/or proxy) is compromised?
  • Any additional comments or questions you have

For urgent incidents or security issues, please escalate reports to security team members (below) via direct message in the OSG Slack Server or ask your team lead to contact the Information Security Officer via phone or SMS.

Mailing Lists

The following addresses are open for use by all OSG members, partners, and collaborators:

security@osg-htc.org is the standard email address open to the OSG public for reporting of security incidents.

security-announcements@osg-htc.org is a google group which recieves OSG security annoucements and public incident reports from the OSG Security Team. Membership is open to the public subject to approval by the security team.

OSG Security Team PGP key

User ID: Open Science Grid Security <[email protected]>
Key ID: 7FD42669
Expires:  
Fingerprint: 6E5F 4DD8 7ABC 9F68 A49B  F3CA 15E3 B3AD 7FD4 2669

The team key is available from the MIT PGP server. PGP software is available from: GnuPG