Security Team

Name of the Team: 

EOSC EU Node CSIRT (EEN CSIRT): The EOSC EU Node Computer Security Incident Response Team. 

Contact

Reporting Security Incidents and Vulnerabilities: 

security@open-science-cloud.ec.europa.eu 

This address can be used to report all security incidents and vulnerabilities which relate to the 

EOSC EU Node Services. This is a mail alias that relays mail to the human(s) on duty for the EOSC EU Node CSIRT. 

Time Zone 

GMT+1 (GMT+2 with DST or summer time, which starts on the last Sunday in March and ends on the last Sunday in October). 

Public Keys and Other Encryption Information 

• The EOSC EU Node CSIRT has a PGP key, whose fingerprint is: 

B8802D6CE3F7EDA28932A83C2993BFFA153FEDC7

• The key and its signatures can be found at the following public keyservers: 
  • https://keys.openpgp.org/, 
  • https://pgp.surfnet.nl/, 
  • https://keyserver.ubuntu.com/,
  • https://pgp.circl.lu. 

Mission Statement 

The EOSC EU Node CSIRT provides a central contact and support point for security incidents for the EOSC EU Node services in the domain open-science-cloud.ec.europa.eu. It works in close collaboration with, and handles the escalation to the EC security entities in course of investigation and resolution of suspected security incidents at the EOSC EU Node. 

Note that all IT security incident reports affecting services in ec.europa.eu but not in the subdomain open-science-cloud.ec.europa.eu should be directly reported to EC-DIGITCSIRC@ec.europa.eu.

Constituency 

The constituency is the users, providers and systems under the open-science-cloud.ec.europa.eu. 

The European Open Science Cloud (EOSC), is a federated virtual environment aimed at European researchers and professionals with open and seamless services for storage, management, analysis and re-use of research data, across borders and scientific disciplines. 

Please refer to the EOSC EU Node public webpage for further details. 

Sponsorship and/or Affiliation 

EOSC EU Node CSIRT team members are funded by their respective organisations, contracted by DG CNECT Unit C1 to provide the EOSC EU Node services. 

Authority 

EOSC EU Node CSIRT operates with authority delegated by DG CNECT Unit C1 to coordinate incident response at the EOSC EU Node level and provide the services described in section 5 of this document. 

Policies

The EOSC EU Node policy framework is based on the applicable Policies and Standards available at the page Security standards applying to all European Commission information systems. 

Types of Incidents and Level of Support

All IT security incidents that may have an impact on the Confidentiality, Integrity, Availability of the EOSC EU Node services. 

EOSC EU Node CSIRT provides the service in accordance to the agreements with DG CNECT Unit C1.

Co-operation, Interaction and Disclosure of Information

The EOSC EU Node CSIRT closely collaborates with the Organisation Security Contacts providing the EOSC EU Node Services, the Local Informatics Security Officer of the EOSC EU Node, the ECs Security Directorate, the Education Network CSIRTs and CERTs to ensure that all the parties affected by a security incident at the EOSC EU Node level are timely alerted and supported in the investigation, limitation and remediation processes. 

The roles and interactions of the different entities relevant to the incident response within the EOSC EU Node are described in the Mission Statement section above. 

EOSC EU Node CSIRT reports to the EOSC EU Node System Owner (SO) at DG CNECT Unit C1. 

All incoming information is handled confidentially by EOSC EU Node CSIRT, regardless of its priority. 

Information that is evidently sensitive in nature is only communicated and stored in a secure environment, if necessary, using encryption technologies. When reporting an incident of sensitive nature, please state so explicitly, e.g. by using the label SENSITIVE in the subject field of the e-mail, and if possible using encryption as well. 

EOSC EU Node CSIRT supports the information sharing Traffic Light Protocol. Information that comes in with the tags CLEAR (WHITE), GREEN, AMBER or RED will be handled appropriately. 

EOSC EU Node CSIRT will use the information you provide to help solve security incidents, as all CERTs do. This means that by default the information will be distributed further to the appropriate parties – but only on a need-to-know base, and preferably in an anonymised fashion. 

If you object to this default behaviour of EOSC EU Node CSIRT, please make explicit what EOSC EU Node CSIRT can do with the information you provide. EOSC EU Node CSIRT will adhere to your policy, but will also point out to you if that means that EOSC EU Node CSIRT cannot act on the information provided. 

EOSC EU Node CSIRT does not report incidents to law enforcement, unless national law requires so. Likewise, EOSC EU Node CSIRT only cooperates with law enforcement EITHER in the course of an official investigation – meaning that a court order is present – OR in the case where a constituent requests that EOSC EU Node CSIRT cooperates in an investigation. When a court order is absent, EOSC EU Node CSIRT will only provide information on a need-to-know base.