David Crooks
Operational security, threat intelligence & distributed computing: the WLCG Security Operations Center Working Group
Crooks, David; Vâlsan, Liviu; Mohammad, Kashif; McKee, Shawn; Clark, Paul; Boutcher, Adam; Padée, Adam; Wójcik, Michał; Giemza, Henryk; Kreukniet, Bas
Authors
Liviu Vâlsan
Kashif Mohammad
Shawn McKee
Paul Clark paul.w.clark@durham.ac.uk
Technical Manager (IPPP Systems)
Adam Boutcher adam.j.boutcher@durham.ac.uk
Senior Manager (IPPP Systems)
Adam Padée
Michał Wójcik
Henryk Giemza
Bas Kreukniet
Contributors
A. Forti
Editor
L. Betev
Editor
M. Litmaath
Editor
O. Smirnova
Editor
P. Hristov
Editor
Abstract
The modern security landscape for distributed computing in High Energy Physics (HEP) includes a wide range of threats employing different attack vectors. The nature of these threats is such that the most effective method for dealing with them is to work collaboratively, both within the HEP community and with partners further afield - these can, and should, include institutional and campus security teams. In parallel with this work, an appropriate technology stack is essential, incorporating current work on Big Data analytics. The work of the Worldwide LHC Computing Grid (WLCG) Security Operations Center (SOC) Working Group (WG) [1] is to pursue these goals to form a reference design (or guidelines) for WLCG sites of different types. The strategy of the group is to identify necessary components - starting with threat intelligence (MISP [2]) and network intrusion detection (Bro [3]), building a working model over time. We present on the progress of the working group thus far, in particular on the programme of workshops now underway. These workshops give an opportunity to engage with sites to allow the development of advice and procedures for deployment, as well as facilitating wider discussions on how to best work with trust groups at different levels. These trust groups vary in scope but can include institutes, National Grid Infrastructures and the WLCG as a whole.
Citation
Crooks, D., Vâlsan, L., Mohammad, K., McKee, S., Clark, P., Boutcher, A., Padée, A., Wójcik, M., Giemza, H., & Kreukniet, B. (2018, July). Operational security, threat intelligence & distributed computing: the WLCG Security Operations Center Working Group. Presented at 23rd International Conference on Computing in High Energy and Nuclear Physics (CHEP 2018), Sofia, Bulgaria
| Presentation Conference Type | Conference Paper (published) |
|---|---|
| Conference Name | 23rd International Conference on Computing in High Energy and Nuclear Physics (CHEP 2018) |
| Start Date | Jul 9, 2018 |
| End Date | Jul 13, 2018 |
| Online Publication Date | Sep 17, 2019 |
| Publication Date | 2019 |
| Deposit Date | Jul 25, 2024 |
| Publicly Available Date | Jul 26, 2024 |
| Journal | EPJ Web of Conferences |
| Electronic ISSN | 2100-014X |
| Publisher | Società Italiana di Fisica |
| Peer Reviewed | Peer Reviewed |
| Volume | 214 |
| Pages | 03029 |
| DOI | https://doi.org/10.1051/epjconf/201921403029 |
| Public URL | https://durham-repository.worktribe.com/output/2525592 |
Files
Published Conference Paper
(468 Kb)
PDF
Publisher Licence URL
http://creativecommons.org/licenses/by/4.0/
You might also like
Collaborative Operational Security: The future of Cybersecurity for Research and Education
(2024)
Presentation / Conference Contribution
Caching technologies for Tier-2 sites: A UK perspective
(2019)
Presentation / Conference Contribution
Downloadable Citations
About Durham Research Online (DRO)
Administrator e-mail: dro.admin@durham.ac.uk
This application uses the following open-source libraries:
SheetJS Community Edition
Apache License Version 2.0 (http://www.apache.org/licenses/)
PDF.js
Apache License Version 2.0 (http://www.apache.org/licenses/)
Font Awesome
SIL OFL 1.1 (http://scripts.sil.org/OFL)
MIT License (http://opensource.org/licenses/mit-license.html)
CC BY 3.0 ( http://creativecommons.org/licenses/by/3.0/)
Powered by Worktribe © 2025
Advanced Search