Introduction

On January 1996, esCERT-UPC , the Spanish CERT became operative. It is sponsored by the Spanish government (through CICYT: TIC95-0903-C02-01, TEL-96-1626-CE), the Catalan Government (through CUR: PQS-95), and the European Commission (through TA ICE-TEL) and the UPC (Universitat Politècnica de Catalunya), a public university, and plans to give service to the whole Spanish Internet community. Nearly a the same time, RedIris, the Spanish academic network, set up his own CERT, Iris-CERT, that has to give service to the academic network (RedIris) members.

The goals of esCERT-UPC are:

• Provide information about security tools and mechanisms
• Promote awareness and skilful about security problems through conferences, tutorials and seminars
• Help organizations connected to Internet to define security policies.
• Handle Security incidents where Spanish organizations of any kind are involved.

Our team at the UPC has been active in the analysis of the computer security related problems for about 10 years now. We have been participating in computer security European Commission funded projects, and also in the security working groups of European organizations like TERENA (formerly RARE), EWOS (CEN/CENELEC) Standardization organization, etc.

Having been recognized as a Spanish CERT by several Spanish organizations and Internet service access providers, we would like to become a formal member of FIRST, in order to be able to establish full bilateral cooperation with other CERTs around the world, in the co-ordination of incidents or emergencies where Spanish organizations are involved.

This framework describes esCERT-UPC, its organization and its basic policies