TeraGrid Security Working Group (security-wg) Charter v.1.0

Purpose:

The TeraGrid Security Working Group reviews security policy and
security-related implementation issues to make recommendations to the
TeraGrid Executive Committee regarding security policies and practices
that should be adopted by TeraGrid member sites an d users. The
participants of the TeraGrid Security-WG DO NOT constitute the information
security incident response staff for the TeraGrid.

Because even a small design change can dramatically effect the overall
security of a system, the Executive committee will consult the Security WG
for modifications to the TG operation for possible security implications
prior to any implementation. The security working group will work with
each of the other TeraGrid working groups to review and address security
implications of software, services, and policies developed in those
working groups. Where possible, the security working group will maintain a
liason to each of the other TeraGrid working groups. 


Activities:

- Guide Initial and Periodic TeraGrid Security Risk Assessments
- Develop and Maintain TeraGrid Site Security Contact Directory and
Security Playbook
- Weekly review of security-related policy and implementation concerns
- Drafting recommendations for TeraGrid Security Policies
- Recommend approaches to reconcile differences in TeraGrid site security
policies and regulations


Products:

Documents produced with guidance from the TeraGrid Security Working Group
will include: 
- TeraGrid Security Recommendations Log
- TeraGrid Certificate Management and Authorization Policy
- TeraGrid User Security Policy and Procedures, including Acceptable Use, 
Security Issues Reporting Procedures, etc.
- TeraGrid Site Security Contact Directory
- TeraGrid Security Playbook including Detailed Incident Handling Procedures
- Diagrams/Charts showing Lines of Authority per Site, Contact Sequence, 
Information Control