OSG Security

Welcome to OSG Security

The OSG security team's goal is to provide a security framework that enables science and promotes autonomous and open science collaboration among Virtual Organizations (VOs), sites, and software providers. Keeping the balance between the openness, which is necessary for science, and the security is at the core of our work.

Our mission is to protect OSG users and resources from security breaches and provide convenient access to OSG resources.

Reporting a security incident

If you suspect a security problem, please report it immediately.

Note

Also do NOT forget to report security incidents to your local/home organization's incident response team.

Please promptly report security incidents involving OSG resources using any of the following methods. The phone and email address is monitored 24*7:

  • Submit a Ticket
  • Call the Grid Operations Center (GOC) at +1 317-278-9699.
  • Send email to security@opensciencegrid.org. If you would like to submit encrypted information, see Documentation.SecureEmail for instructions.

Please include the following information in your report:

  • Your name, email address, phone number.
  • A description of the incident, including time(s), systems and user accounts involved, and any related event.
  • What is your affiliation with the OSG? Which Virtual Organization are you a member of?
  • Did this incident occur on a Site machine or on a VO machine or on your personal computer? Please provide detailed information (names, IPs, URLs, etc.) if you have
  • Do you think your grid identity (certificate and/or proxy) is compromised?
  • Any additional comments or questions you have

Mailing Lists

The following addresses are open for use by all OSG members, partners, and collaborators:

security@opensciencegrid.org is the standard email address open to the OSG public for reporting of security incidents. Mail to security@opensciencegrid.org is received by the OSG Grid Operations Center (GOC). It is monitored 24x7 and filtered for spam or other off-topic content. The GOC acts immediately on all mail incoming to this address.

The following addresses are for internal use by OSG staff:

osg-security-team@opensciencegrid.org is for internal discussions among OSG security team members.

OSG Security Team PGP key

User ID: Open Science Grid Security <[email protected]>
Key ID: 7FD42669
Expires:  
Fingerprint: 6E5F 4DD8 7ABC 9F68 A49B  F3CA 15E3 B3AD 7FD4 2669

The team key is available from the MIT PGP server. PGP software is available from: GnuPG

OSG Security team members

The OSG Security Team can be contacted at osg-security-team AT opensciencegrid.org

  • OSG Security Officer: Susan Sons sesons AT iu.edu
  • Zalak Shah: zsshah AT iu.edu
  • Dave Dykstra: dwd AT fnal.gov
  • Lisa Giachetti: lisa AT fnal.gov
  • Jeny Teheran: jteheran AT fnal.gov