OSG Security Policies
OSG security policies should address topics of importance to OSG stakeholders. The policies should be succinct and few.
OSG security policies are developed by the OSG security team, when appropriate in conjunction with Joint Security Policy Group(see below). The security team develops implementation and assessment procedures concurrently with the policies. Draft policies are approved by the OSG Executive Board and then officially endorsed by the OSG Council according to the OSG Statement on Agreements and Policies.
Approved Security Policies
The following policies are approved and in effect in OSG:
- Master Information Security Policy & Procedures
- Status: v1.0 Approved by OSG Executive Director on Dec-1-2019
- Grid Site Operations Policy approved by OSG Council on 2007
- OSG-VO Registration Policy and Procedure
- Site/VO Removal
- OSG Doc 737
- Status: Approved by OSG Executive Director on Jul-15-2009.
- OSG VO Member Acceptable Use Policy
- OSG Doc 742
- Status: approved in April 2018.
- Old version: OSG Doc 86
- Status: v2.0 approved by OSG EB on Feb-9-2006 and endorsed by OSG Council.
- JSPG Doc v3.1 approved by WLCG MB on 28-Nov-2005.
- Note: The OSG and JSPG policies are identical.
- OSG Doc 742
- VO AUP Template Policy
- Service Agreement: OSG Doc 87
- Status: v1.0.4 approved by OSG EB Mar-15-2005 and endorsed by the OSG Council.
- Open Science Grid Privacy Policy: OSG Doc 741
- Status: v3.8 approved by OSG Executive Director on Dec-16-2008.
- Certificate Authorities: OSG Doc 752
- Status: v1.0 approved by OSG Facilities Aug-09-2007. v2.2 approved by OSG Executive Director on Dec-16-2008.
- JSPG Doc v2.5 approved by WLCG and EGEE. v2.8 approved by WLCG MB and EGEE TMB Aug 2008.
- Note: v1.0 of the OSG policy adds operational details to the JSPG policy.
- OSG Service Container Security Policy
- v1.0 Approved by OSG Executive Director on Dec-1-2019
- Security Incident Response Policy
- Incident Response policies and Procedures
- v1.0 Approved by OSG Executive Director on Dec-1-2019
- Incident Discovery/Reporting
- OSG Doc 875
- Incident Response policies and Procedures
- OSG Connect Login Server Open Port Policy