MySmartGrid Developer Wiki

This document defines the security policy adopted in the mySmartGrid project. Its goal is to ensure that mySmartGrid services achieve the levels of reliability and security expected by their users.

It is organized in two sections. The first one classifies the computer systems used in the project, and explains their purposes. The second one identifies the roles played by team members and describes their respective responsibilities.

For the sake of simplicity and the benefit of the reader, the gender-specific pronouns and adjective he, him, and his are used throughout the document to refer gender-neutral nouns such as user and team member.

The computer systems currently used in the project compose the MSG network, which is a subset of the ITWM network. They are classified in the following types.

• S1 - Physical Server - Hosting environment where other machines are deployed as virtual machines. It can not be accessed from outside the ITWM network.
• S2 - Production Server - Virtual machine where production services run.
• S3 - Support Server - Virtual machine used by Flukso devices to open reverse SSH connections that enable remote support. This machine is allowed to open connections only with the devices, via SSH tunneling.
• S4 - Development Server - Virtual machine used for software development and testing purposes. It can not be accessed from outside the ITWM network.

• Admin1 - Primary system administrator, responsible for maintaining and operating the servers S1, S2, and S3. His attributions are detailed in the following.
  • Software installations, configurations, and updates.
  • User management.
  • Certificates management, including:
    • creation, renewal, and revocation of certificates using the mySmartGrid Certification Authority (MSG-CA);
    • request and replacement of certificates signed by external CAs.
  • Deployment of software releases prepared by developers, as described at the Future Arrivals list.
  • Database administration.
  • Drupal framework administration.
  • System backup administration.
  • System monitoring administration.
  • Creation of virtual machines such as S3 and S4.
  • Routinely change passwords (every 6 months, at least).
  • Share passwords exclusively with Admin2 and Coordinator.

• Admin2 - Secondary system administrator, responsible for assisting Admin1, and assuming his responsibilities, whenever he is either on vacations or unreachable.

• Coordinator - Responsible for assigning roles to team members and assuming Admin1 responsibilities when both administrators are unreachable.

• Developer - Responsible for developing and testing software and hardware components. His main attributions are:
  • Preparation of new feature release notes at the Future Arrivals list to enable Admin1 to deploy new software components on S2 and S3.
  • System administration of his own S4 server, including:
    • software installations and updates,
    • user management,
    • the administration of local services such as databases, monitoring, and the Drupal framework.

• Worker - Any member of the mySmartGrid team, who works with the computer systems and data managed in the project. He is required to follow the guidelines listed bellow, except in special cases determined by the Coordinator.
  • The computer systems must be exclusively used for activities related with the mySmartGrid project.
  • External users should not be given access to any computer system, except via user accounts on the web portal running on S2.
  • All data stored in these systems is confidential, and must not leave the ITWM network.
  • Passwords must be kept in safe locations within the ITWM network, such as encrypted keystores. They are never to be emailed or copied to external media devices.
  • Admin1 must be immediately informed of any security flaw identified in the system, by sending an email to msg-support@itwm.fraunhofer.de.

A single person can play multiple roles, but each role can be played by only one person at a time, with the exception of Developer and Worker. The following table shows the current incumbents of the four most specific roles.