Security Procedures for Site/VO Removal
The Security Policy on Site/VO Removal defines the conditions under which the OSG Security Officer will request that a Site or VO be removed from the OSG operational infrastructure. This page describes the associated procedures.
Maintenance of Security Contact Information
The Security Officer ensures that the GOC periodically confirms that all VOs and Sites have valid security contacts registered in OIM. Each Site/VO representative must confirm that they have verified the accuracy of their contact information in OIM. This confirmation is performed at least once per year.
Communication
In cases of Site or VO removal, the Security Officer must communicate the decision to remove the Site/VO to those that need to know and take action, while remaining sensitive to avoiding public embarrassment of the removed Site/VO. The Security Officer will send a private (digitally signed) message to VO/Site/SC security contacts registered in OIM, with instructions to forward as appropriate to the situation, but to not publicize the information further or publicly archive it (in Google, for example). Other announcements, such as updates to the VO package, will refer to the VO/Site being removed, but will not provide sensitive details about reasons for removal. These announcements can refer to removal "for security reasons" and direct questions to [email protected].
The Security Officer and Security Team will also make every effort to communicate with the VO or Site of concern in advance of removal, in the hope of avoiding the need for removal in the first place. According to the policy, VO or Site removal occurs after repeated problems. During each problem, the Security Officer will warn the VO or Site that they will be removed if they continue to violate policy.
The Security Officer will inform the Executive Team in each case when a VO or Site is warned about removal. In the case of immediate removal for operational security threats, the Security Officer will notify the Executive Team of the actions being taken. Other removal actions require explicit approval by the Executive Team.
Site Removal
Before removing a site:
- The Security Officer will repeatedly warn the site security contact(s) that removal is being considered.
- The Security Officer will inform the Executive Team.
- Unless there is an immediate operational security threat, the Security Officer will await Executive Team approval before proceeding.
Removing a site
- The Security Officer will sent an announcement to VO/Site/SC security contacts to stop sending jobs to the suspended site (for example, by reconfiguring the VO's job submission system to exclude the offending site). Unlike other announcements to security contacts, in this case the Security Officer will request the contacts to forward the announcement to VO members and others as appropriate.
- The GOC will mark the site as inactive in MyOSG.
Note that removing the site from OIM or RSV is not considered critical from a security perspective.
Site Reinstatement
If the Executive Team determines that a Site should be re-instated, the following steps will be performed:
- The Security Officer will send an announcement to VO/Site/SC security contacts informing them that the site is no longer considered a security threat.
- The GOC will mark the site as active in MyOSG.
VO Removal
Before removing a VO:
-The Security Officer will repeatedly warn the VO security contact(s) that removal is being considered. - The Security Officer will inform the Executive Team. - Unless there is an immediate operational security threat, the Security Officer will await Executive Team approval before proceeding.
Removing a VO
- The Security Officer will sent a signed announcement to VO/Site/SC security contacts to stop accepting jobs from the suspended VO. Unlike other announcements to security contacts, in this case the Security Officer will request the contacts to forward the announcement to site administrators and others as appropriate.
- GOC will create a new VO package without the offending VO and send an announcement of the package update.
VO Reinstatement
If the Executive Team determines that a VO should be re-instated, the following steps will be performed:
- The Security Officer will send an announcement to VO/Site/SC security contacts informing them that the VO is no longer considered a security threat.
- GOC will create a new VO package including the re-instated VO and send an announcement of the package update.