As a major, global and identity federation service, security is at the very foundation of the trust model supporting eduGAIN and its participants.
Operational Security and Incident Response
eduGAIN has a small, dedicated Security Team to manage its security operations and incident response at the inter-federation level providing a unique point of coordination.
The eduGAIN Security Team closely collaborates with the Identity Federations’ security operators and the National Research and Education Network CSIRTs and CERTs in eduGAIN to ensures that all security incidents are investigated as fully as possible.
As such, Sirtfi, the Security Incident Response Trust Framework for Federated Identity is a crucial building block in order to assist the participants through their federations in all operational security activities.
The eduGAIN Security Team values collaborations and international cooperation as key assets, and is both highly connected and largely overlapping with e-infrastructures, for instance represented in WISE, and international scientific user communities.
The eduGAIN Security Team seeks to engage with external entities on incident response, in order to protect affected organisations, identities and individuals. Joining forces and information sharing are essential in order to tackle global threats.
For computer security emergencies or in case a security incident is suspected:
Contact the eduGAIN Security Team: firstname.lastname@example.org
<eduGAIN Security Team PGP key file>
PGP key fingerprint: 0497 8576 D7A6 3151 5401 DB98 697A 900B 7C8E 095E
eduGAIN participants: please follow the Security Incident Response Procedure for Federation Participants