The SIRTFI group is looking at processes for expressing security incident handling requirements as an assurance profile for federations and other requirements needed to effectively deploy and enhance incident response processes for FIM. This wiki page details information relating to that work.
The work of this group has been divided into three main phases:
Develop the SIRTFI Trust Framework specification, which defines basic security incident response capabilities to which member organizations can self-assert compliance.
This initial draft is intended to be a simplified framework that lays the groundwork for how such an approach should be defined. Significant effort will be needed to understand how this might be deployed in the existing R&E FIM environment.
Sirtfi v1.0 approved by the REFEDS steering committee and published.
Metadata extensions confirmed Guide for Federation Participants
Sirtfi added to IANA assurance profiles registry. https://www.iana.org/assignments/loa-profiles/loa-profiles.xhtml
Establish the means by which member organisations in all R&E federations can indicate their compliance with the SIRTFI Trust Framework and how they can be contacted to initiate coordinated response to a federated security incident.
Will follow phase 1. Some work incorporated into AARC2 work plan.
Metadata Guide for Federation Participants
GN4-2 will support tools for maintaining security contacts and monitoring adherence
Moodle training course for Sirtfi under AARC
Establish the means for proactive notification of an account compromise when it can be expected to produce a substantial impact to an at-risk SP organisation.
Will follow phase 2. Work incorporated into AARC2 work plan.
Mailing list archive: https://www.terena.org/mail-archives/sirtfi/threads.html. has been migrated to https://lists.refeds.org/sympa/info/sirtfi. Join the SIRTFI list at: https://lists.refeds.org/sympa/info/sirtfi.
Technical Training Wiki: SIRTFI Home
Security Contact Metadata Extension: Security Contact Metadata Extension Schema
Sirtfi Home Page (Public Facing): https://refeds.org/sirtfi
- https://refeds.org/wp-content/uploads/2016/01/Sirtfi-1.0.pdf The published version of Sirtfi 1.0
- http://goo.gl/2xnf2G is the old working document for the framework on Google Docs.
- Proposed workplan.
- Sirtfi Normative Description: https://refeds.org/wp-content/uploads/2016/11/Sirtfi-certification-v1.0.pdf
- GN4 Sirtfi Interview Survey Report
SIRTFI has been presented at the following events:
- FIM4R BoF at TNC2014.
- REFEDS, October 2014.
- FIM4R, CERN, February 2015.
- TechEx, Cleveland, October 2015
- FIM4R, EWTI, December 2015
- Kantara, Working Group Special meeting, April 2016
- Internet2 Webinar, May 2016
- TF-CSIRT, May 2016
- AARC Meeting, Incident Response, May 2016
- SWITCH ICT Focus, November 2016
- IAMOnline Europe, March 2017
- WISE, March 2017
- TNC17, May 2017
- DeIC Conference, September 2017
Face to Face Meetings:
- 8th June 2014 in Amsterdam, Netherlands.
- Morning of 31st October 2014 in Indianapolis, Indiana.
- 17 June 2015, informal gathering during TNC 2015
- 6 October 2015, informal gathering during TechEx
- 28 September 2016, ACAMP Session
- 22nd February 2017, TIIME Workshop Session
- 1st October 2014 at 16.30 CEST via Skype.
- 29th January 2015 via Skype.
- 14th December 2015 via Vidyo, Consultation Feedback and Changes
- 25th January 2016 via Vidyo
- 18th April 2016 via Vidyo Sirtfi Metadata Consultation Followup.pdf
- 6th July 2016 via Vidyo SirtfiWGCallNotes201606.pdf
- 9th August 2016 via Vidyo SPTaggingCallNotes20160809.pdf
- 2nd November 2016 via Vidyo Sirtfi Normative Description Consultation Followup
- 9th Feb 2017 via Vidyo NotesSirtfiWGCallFebruary9th1530CET.pdf
- 12th of July 2017 via Vidyo Sirtfi Call July 2017.pdf
- 7th of August 2017 via Vidyo Sirtfi Call August 2017.pdf
- 2nd of October 2017 via Vidyo Sirtfi Call September 2017
- EDIT THE CALENDAR
Customise the different types of events you'd like to manage in this calendar.#legIndex/#totalLegs
- RESTRICT THE CALENDAR
Optionally, restrict who can view or add events to the team calendar.#legIndex/#totalLegs
- SHARE WITH YOUR TEAM
Grab the calendar's URL and email it to your team, or paste it on a page to embed the calendar.#legIndex/#totalLegs
- ADD AN EVENT
The calendar is ready to go! Click any day on the calendar to add an event or use the Add event button.#legIndex/#totalLegs
Training Material/Outreach Inventory:
Benefits of Sirtfi
Steps to follow
Logo (to act as a trust mark on compliant sites)
Sirtfi Framework Doc
PDF on Web Page
|Sirtfi emailer helper||End users||Web page||http://sirtfi.cern.ch|
|Sirtfi Moodle Course||Entities||Moodle||https://e-academy.geant.org/moodle/|