OSG Security Policies
OSG security policies should address topics of importance to OSG stakeholders. The policies should be succinct and few.
OSG security policies are developed by the OSG security team, when appropriate in conjunction with Joint Security Policy Group(see below). The security team develops implementation and assessment procedures concurrently with the policies. Draft policies are approved by the OSG Executive Board and then officially endorsed by the OSG Council according to the OSG Statement on Agreements and Policies.
Approved Security Policies
The following policies are approved and in effect in OSG:
- Master Information Security Policy & Procedures
- Status: v1.0 Approved by OSG Executive Director on Dec-1-2019
- Grid Site Operations Policy approved by OSG Council on 2007
- OSG-VO Registration Policy and Procedure
- OSG VO Member Acceptable Use Policy
- VO AUP Template Policy
- Service Agreement: OSG Doc 87
- Status: v1.0.4 approved by OSG EB Mar-15-2005 and endorsed by the OSG Council.
- Status: v3.8 approved by OSG Executive Director on Dec-16-2008.
- Certificate Authorities: OSG Doc 752
- Status: v1.0 approved by OSG Facilities Aug-09-2007. v2.2 approved by OSG Executive Director on Dec-16-2008.
- JSPG Doc v2.5 approved by WLCG and EGEE. v2.8 approved by WLCG MB and EGEE TMB Aug 2008.
- Note: v1.0 of the OSG policy adds operational details to the JSPG policy.
- OSG Service Container Security Policy
- v1.0 Approved by OSG Executive Director on Dec-1-2019
- Security Incident Response Policy
- OSG Connect Login Server Open Port Policy