Skip to content

HIFIS Documentation

Security Procedures

Helmholtz Codebase

HIFIS Documentation

Helmholtz Codebase

General
General
- Overview
- Contact us
- Imprint
- Privacy
- Accessibility
Helmholtz AAI
Helmholtz AAI
- Overview
- Concepts
- How-to
  How-to
  - ... use Helmholtz AAI
  - ... register a VO
  - ... manage groups in VOs
  - ... register a service
  - ... join as an Identity Provider
    ... join as an Identity Provider
    
    Overview
    
    Basic requirements for Attribute Query
    
    Shibboleth 4 configuration
  - ... authorise users for a service
  - ... enable MFA
  - ... use OIDC-Agent
- Organisational
  Organisational
- Additional information
  Additional information
Policies + Guidelines
Policies + Guidelines
- Overview
- Helmholtz AAI Policies
  Helmholtz AAI Policies
- Process Framework for the Cloud Service Portfolio
  Process Framework for the Cloud Service Portfolio
  - Chapter Overview
  - General Points
    General Points
    
    Document History
    
    Validity of this Document
    
    Delimitations
    
    List of Abbreviations
  - Introduction
    Introduction
    
    What is HIFIS
    
    What are the goals of HIFIS Cloud
    
    What are the goals of this Process Framework
  - Service Portfolio Management
    Service Portfolio Management
    
    Service Portfolio Management in terms of ITIL – what’s part of it?
    
    Service Type Definitions
    
    The service catalogue and its structure
    The service catalogue and its structure
    
    Service Catalogue
  - Processes regarding the service portfolio
    Processes regarding the service portfolio
    
    Overview
    
    Service Recruiting Process
    
    On boarding process for new services
    
    Follow-up Onboarding Process
    
    Operation of Services
    
    Offboarding process for services
    
    Review process for the service portfolio
Backbone Core Services
Backbone Core Services
Cloud Services
Cloud Services
- Overview
- Cloud Management
  Cloud Management
  - Cloud Service Portfolio
    Cloud Service Portfolio
    
    Overview
    
    Initial Service Portfolio
    Initial Service Portfolio
    
    Service List Creation
    
    Service Selection Criteria
    
    Service Process
    
    Current Services in Service Portfolio
    
    Service Portfolio Review Documentation
  - Process Framework
  - Cloud Service KPI
    Cloud Service KPI
    
    KPI overview
    
    Details of calculation
  - Interruption Announcements
- Technical Service Integration
  Technical Service Integration
  - Overview + Architecture
  - Helmholtz Cloud Agent
  - Cloud Portal
    Cloud Portal
    
    Architecture
    
    Developer Manual
  - Service specific Docs
    Service specific Docs
    
    Overview
    
    bwSync&Share (KIT)
    
    InfiniteSpace (DESY)
    InfiniteSpace (DESY)
    
    Overview
    
    Apply for Usage
    
    Access Models
    
    AUP
    
    rclone Access
    
    Codebase (HZDR)
    
    Nubes (HZB)
    
    Rancher (DESY)
- Best Practices
  Best Practices
  - Definition of Roles in AAI
    Definition of Roles in AAI
    
    Overview
    
    DataHub
  - Security Considerations
Software Services
Software Services
- Overview
- Two-Factor Authentication
- Helmholtz Codebase
  Helmholtz Codebase
  - Getting Started
  - Continuous Integration
  - Publishing Open Educational Ressources
  - Integrations
    Integrations
    
    Kroki
    
    Dependabot
  - Service Changelog
- Mattermost
  Mattermost
Feedback + Support

Security Incident Response¶

Following our Security Incident Response Procedure, which is part of the Helmholtz AAI Policies, Helmholtz AAI operates a central mailing list for incident response:

security@hifis.net: This is the Infrastructure Security Contact point, which is open for anybody to post.

Subscribers to this list are e.g.:

Contacts for the SP-IdP-Proxy (Unity @ FZJ)
HIFIS Cluster Contacts

Optional:

Service’s site-security contacts (i.e. CERTs of participating sites)

In case of an incident, this Infrastructure Security Contact point will appoint and collaborate with the relevant Security Incident Response Coordinator(s) for the given incident.

SIRTFI¶

The Helmholtz AAI uses SIRTFI, the Security Incident Response Trust Framework for Federated Identity, to communicate and collaborate with other organisations and instances, which are involved in the security incident.