Abstract
The role of security in modern IT systems is continuously growing. Large infrastructures have to be protected against sophisticated attacks on organizational, technical and logical levels. Achieving sufficient security level becomes even more difficult for distributed and, often, heterogeneous environments that involve valuable assets and data – like grids. The main goal of the work described within this paper is to provide maximum level of protection against network attackers to the PL-Grid – Polish National Grid Initiative – infrastructure.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
National Data Storage Project, http://nds.psnc.pl
Research projects of WCNS, http://www.wcss.wroc.pl//english/r.php
Liferay portal multiple vulnerabilities. Secunia Advisory SA28742 (February 2008), http://secunia.com/advisories/28742
Liferay portal script insertion and jsp code execution vulnerabilities. Secunia Advisory SA38088 (January 2010), http://secunia.com/advisories/38088
Adamski, M., Frankowski, G., Jerzak, M., Stokłosa, D., Rzepka, M.: Defense in depth strategy – a use case scenario of security a virtual laboratory (2011)
Balcerek, B., Kosicki, G., Smutnicki, A., Teodorczyk, M.: Zalecenia bezpieczeństwa dotyczące instalacji klastrów lokalnych v0.95 (2010)
Balcerek, B., Szurgot, B., Uchroński, M., Waga, W.: ACARM-ng – Next Generation Correlation Framework. In: Bubak, M., Szepieniec, T., Wiatr, K. (eds.) PL-Grid 2011. LNCS, vol. 7136, pp. 114–127. Springer, Heidelberg (2012)
Brzeźniak, M., Jankowski, G., Meyer, N.: National Data Storage 2 – Secure sparing, publishing and exchanging data (February 2011), http://www.terena.org/activities/tf-storage/ws10/slides/20110204-nds2.pdf
Center for Internet Security, http://www.cisecurity.org/
Domeny.pl, CertytfikatySSL.pl: Bezpieczeństwo zakupów w polskich serwisach internetowych, p. 10 (2011), https://certyfikatyssl.pl/resources/bezpieczenstwo_zakupow_w_polskich_e-sklepach_raport.pdf
EUGridPMA (2010), http://www.eugridpma.org
EuGridPMA: Authentication Profile for Classic X.509 Public Key Certification Authorities with secured infrastructure (2010)
Franklin, J., Paxson, V., Perrig, A., Savage, S.: An inquiry into the nature and causes of the wealth of internet miscreants, p. 12
Frankowski, G., Rzepka, M.: SARA – System for Inventory and Static Security Control in a Grid Infrastructure. In: Bubak, M., Szepieniec, T., Wiatr, K. (eds.) PL-Grid 2011. LNCS, vol. 7136, pp. 102–113. Springer, Heidelberg (2012)
Herman, S., Lambert, S., Ostwald, T., Shostack, A.: Thread modeling – uncover security design flaws using the STRIDE approach. MSDN Magazine (November 2006)
Howard, M., LeBlanc, D.: Writing secure code, p. 347. Microsoft Press (2002)
IGTF: IGTF One Statement Certificate Policies (2011), http://www.eugridpma.org/guidelines/1scp
IGTF: International Grid Trust Federation, version 1.1 (2011), http://www.igtf.net/new-doc/IGTF-Federation-20051005-1-igtf.pdf
Institute for Security and Open Methodologies, http://www.isecom.org/osstmm/
Jain, N., Swaminathan, B.: Agile overview – embrace uncertainty, http://www.slideshare.net/nashjain/agile-overview
Krakowian, M.: Procedura rejestracji użytkowników v1.0.1 (2010)
Kuczyński, T., Nowak, T.: Conference i3, badania poziomu bezpieczeństwa portalu dostępowego do infrastruktury PL-Grid (December 2010)
McConnell, S.: Code Complete – A Practical Handbook of Software Construction, 2nd edn. Microsoft Press (2004)
Meier, J., Mackman, A., Dunner, M., Vasireddy, S., Escamilla, R., Murukan, A.: Improving web application security: Threats and countermeasures. MSDN Magazine (June 2003)
Odlyzko, A.: Economics, psychology and sociology of security (2003)
United States Government Accountability Office. Information assurance – national partnership offers benefits, but faces considerable challenges. Tech. rep. (March 2006)
Open Information Systems Security Group, http://www.oissg.org/issaf/
PL-Grid: Introduction to PL-Grid project, http://www.plgrid.pl/en/project/introduction
Polish Grid CA (2010), http://www.man.poznan.pl/plgrid-ca/
Portal (2010), http://www.portal.plgrid.pl/
PricewaterhouseCoopers: Information security breaches survey 2010 – technical report, p. 2, http://www.infosec.co.uk/files/isbs_2010_technical_report_single_pages.pdf
National Institute of Standards and Technology: Standards for Security Categorization of Federal Information and Information Systems (February 2004)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this chapter
Cite this chapter
Balcerek, B., Frankowski, G., Kwiecień, A., Smutnicki, A., Teodorczyk, M. (2012). Security Best Practices: Applying Defense-in-Depth Strategy to Protect the NGI_PL. In: Bubak, M., Szepieniec, T., Wiatr, K. (eds) Building a National Distributed e-Infrastructure–PL-Grid. Lecture Notes in Computer Science, vol 7136. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-28267-6_10
Download citation
DOI: https://doi.org/10.1007/978-3-642-28267-6_10
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-28266-9
Online ISBN: 978-3-642-28267-6
eBook Packages: Computer ScienceComputer Science (R0)