This is an old revision of the document!
Security Policy
This page defines the security policy adopted in the mySmartGrid project. Its goal is to ensure that mySmartGrid services achieve the levels of reliability and security expected by its users.
The first section classifies the computer systems used in the project, and explains their purposes. The second section identifies the roles played by team members and describes their respective responsibilities. Finally, the third section elicits general guidelines to be followed by all team members.
Computer Systems
The computer systems currently used in the project are classified in the following types.
S1 - Physical Server - Hosting environment where other machines are deployed as virtual machines.
S2 - Production Server - Virtual machine where production services run.
S3 - Support Server - Virtual machine used by Flukso devices to open reverse
SSH connections that enable remote support.
S4 - Development Server - Virtual machine used for software development and testing purposes.
Roles and Responsibilities
The following list identifies the major roles played by members of the mySmartGrid team, and describes their respective responsibilities.
Admin1 - Primary system administrator, responsible for maintaining and operating the servers S1, S2, and S3. His attributions are detailed in the following.
Software installations, configurations, and updates.
User management.
Certification management, including:
creation, renewal, and revocation of certificates using the mySmartGrid Certification Authority (MSG-CA);
request and replacement of certificates signed by external CAs.
Deployment of software releases prepared by developers, as described at the
Future Arrivals list.
Database administration.
Drupal framework administration.
System backup administration.
System monitoring administration.
Creation of virtual machines such as S3 and S4.
Routinely change passwords (every 6 months, at least).
Share passwords exclusively with Admin2 and Leader.
Admin2 - Secondary system administrator, responsible for assisting Admin1, and assuming his responsibilities, whenever he is either on vacations or unreachable.
A single person can play multiple roles, but each role can be played only by one person at a time, with the exception of Developer. The following table shows the current incumbents.
Team Member | Admin1 | Admin2 | Leader | Developer |
Ely de Oliveira | X | | | X |
Kai Krueger | | X | | |
Mathias Dalheimer | | | X | X |
Stephan Platz | | | | X |
Simon Birbach | | | | X |
Guidelines
The following list presents guidelines to be followed by all team members, except in special cases determined by the project Leader.
The computer systems must be exclusively used for activities related with the mySmartGrid project.
External users should not be given access to any computer systems, except via user accounts on the web portal running on S2.
All data stored in these systems are confidential, and must not leave the ITWM/MSG network.
Passwords must be kept in safe locations within the ITWM/MSG network, such as encrypted keystores. They are never to be emailed or copied to external media devices.
securitypolicy.1315499658.txt.gz · Last modified: 2012/10/30 10:35 (external edit)