Security is taken very seriously in the federation, at all levels - network, application and operational. Network security is usually in the domain of the relevant NREN; since the ROC spans several countries, there is some liaison with the regional RENS in Africa - ASREN, WACREN and the Ubuntunet Alliance in order to coordinate network security.
Overall, the infrastructure services are secured via Public Key Infrastructure; all hosts are issued digital x.509 certificates from trusted Certificate Authorities. These CA's form part of the International Global Trust Federation (IGTF)
. Authentication and Authorisation is usually done via some form of X.509 proxy - either of a personal certificate or of a robot certificate from a SAML delegation. All in all, there is a very small attack surface on the core grid infrastucture and computational, data and other services at the sites.
There are always bad people out there who want to do bad things, so inevitably there are security incidents at sites. Since an attack on one site is potentially an attack on all, there is strong coordination between the sites, the ROC and the CSIRT to identify, diagnose and address vulnerabilities in a proactive manner.
Maintaining operational security is not a once-off affair, it is a continuous labour of ... well, not quite love, but one gets the idea ! The ROC ensures a smooth flow and coordination of information coming from security researchers at and CSIRTs. In particular, advisories from the EGI CSIRT are communicated to the site security contacts as they arise, and vice-versa sites are encouraged to report incidents
EGI maintains a list of procedures for various security incidents. See ROD Security
for more information.