Glenna/WeeklyMeet-2015-09-25

From neicext
Jump to navigation Jump to search

Agenda

Meeting 25th of September at 09:30-10:30CEST

Present: Dan, Uwe

Channels: Google Hangouts: https://plus.google.com/hangouts/_/g4g5nyl5glc66wqgbqk4yjvb4ua

Live minutes at: https://docs.google.com/document/d/1Bj6I7osw0P_I14GiNlesqBA2ARIRXMOytBxLPmAsFJY/edit

1. Review of last meeting

2. Action points - progress & issues

  • AP: Daniel cloud security fact finding
  • AP: Daniel consider Glenna architecture
  • AP: Dan & Uwe image repositories
  • AP: Dan investigate Pouta Blueprints inclusion into Glenna
  • AP: Daniel: Cloud Controls Matrix v3.0.1 EGI

3. Todays topics - issues to discuss:

  • Daniels findings:

1. ENISA (European Union Agency for Network and Information Security)- the agency has important resources in Cloud Computing Security for SME and Governmental organizations. https://www.enisa.europa.eu/activities/Resilience-and-CIIP/cloud-computing

2. CSA (Cloud Security Alliance) with detailed information on cloud security standards and research works https://cloudsecurityalliance.org/

3. Amazon WebServices (AWS): has detailed and important information on cloud security https://aws.amazon.com/security/

    The AWS also lists its Compliance with different standards like 

ISO9001, ISO27001 and EU Data

    Protection Directives. This can give us a pointer on which 

standards to focus on for compliance.

4. Datatilsynet Norway: it's an organization responsible for data privacy in Norway and has brief information on Cloud Service Security, but it is not well detailed. www.datatilsynet.no

  • Image bakery: how could that be set up?
  • include Chipster image

Daniel we could use: Cloud Controls Matrix v3.0.1 cloud controls or checks, we could identify the ones that would be relevant to Glenna

Daniel: Uniwise.dk company for digital examinations and use Kalmar for authentication Leif Nixon, EGI fedcloud: https://documents.egi.eu/public/RetrieveFile?docid=47&version=11&filename=EGI-MS405-SVG-47-V12.pdf EGI Fedcloud: https://documents.egi.eu/public/RetrieveFile?docid=86&version=7&filename=EGI-SPG-SecurityPolicy-V1_0.pdf 4. Any other business


5. Next meeting