Table of Contents
Security Outline Pages
- Table of Contents
- Introduction
- Common Policies
- Observatory Control System (OCS)
- Archive Operation System (AOS)
- Distributed Processing System (DPS)
- Community Service System (CSS)
- Visitor Network
- Event System
- Summit and Base Facility
- Archive Center
- Data Access Center (DAC)
- Applications
- External Use Cases
- Internal Use Cases
- Threats
This page is part of the Security topic.
Note: This wiki version of the security plan is out of date - see the attached document, security-plan.doc/pdf, for the current working draft.
Security Plan Outline
- Introduction - Bill - Draft started
- LSST Security Priorities
- Purpose of this document
- Partners & sponsoring institutions
- Common Policies - Ray & Bill (reviewed by Heather) - Draft started
- Security in LSST Systems
- Observatory Control System - Ron & Jim (reviewed by Tom) - Draft complete
- Archive Operations Systems - Bill & Ray (reviewed by Lee)
- Distributed Processing System - Bill & Ray (reviewed by Jim)
- Community Service System - Tom - Draft started
- Visitor Network - Heather (reviewed by Tom) - Draft complete
- Event System - Bill - Draft started
- Security in LSST Sites
- Summit and Base Facility - reviewed by Ray & Bill
- Archive Center
- Including Science Centers and Software Development Centers
- Data Access Centers
- Education and Public Outreach Centers
- Applications - merge with Common Policies
- User Authentication and Authorization
- Service Trust
- Risks/Threats - Lee (reviewed by Tom & Ray) - Draft started
Internal Outline for Systems
The major systems (OCS, AOC, CSS, DPS) have unique security requirements; using the Visitor Network as a model, we can describe them all with a similar structure:
- Introduction
- Responsibilities
- Physical Operating Environment
- System Descriptions
- Include a description of each major component
- Data Products
- Data that are consumed, produced, and stored
- Sources and destinations
- Confidentiality
- Integrity
- Availability
- Management, Operational, and Technical Controls Descriptions
- Access Control
- Awareness and Training
- Audit and Accountability
- Configuration Management
- Contingency Planning
- Maintenance
- Media Protection
- Physical and Environmental Protection
- Security Planning
- Personnel Security
- Risk Assessment
- Systems and Services Acquisition
- System and Communications Policy
- System and Information Integrity
Level of Detail
The goal of this document is to describe LSST's major security issues and how to address them. It is one step in the process of developing a detailed security implementation.
- Requirements: We need to clearly state them
- Policies: High-level policies need to be clearly stated; details may still need to be worked out, especially when it comes to internal work flows
- Architecture: Abstract. Our first priority is to identify the major parts of LSST's security anatomy; some details are clear, and others still need to be worked out.
- Implementation: Examples. It will be helpful to mention representative technologies and products that would work, but it is not yet time to pin them all down.
Attachments
-
Draft High Level Overview.jpg
(182.5 kB) - added by bbaker
8 months ago.
Diagram of whole of LSST network and facilities
- SitesAndSystems.pdf (454.6 kB) - added by RayPlante 5 months ago.
-
security-plan_20080822_thh.doc
(0.9 MB) - added by thh
4 months ago.
thh updates on the 20080822 version of security plan
- security-plan-20080819_thh.doc (1.2 MB) - added by thh 4 months ago.
- security-plan.doc (2.1 MB) - added by bbaker 3 months ago.
- security-plan.pdf (2.3 MB) - added by bbaker 3 months ago.
