========================== #opnfv-sec: Security Group ========================== Meeting started by LukeHinds at 13:59:10 UTC. The full logs are available at http://ircbot.wl.linuxfoundation.org/meetings/opnfv-sec/2015/opnfv-sec.2015-04-29-13.59.log.html . Meeting summary --------------- * Agenda (nothing fixed for this month) (LukeHinds, 14:01:08) * AGREED: agenda (LukeHinds, 14:03:39) * AGREED: last minutes (LukeHinds, 14:03:58) * work items (LukeHinds, 14:04:05) * Not much of an update from me *. Aric has set up the sec group permissions and I need to get in contact with him. I have been a bit busy internally these past few days, but will get onto that tomorrow I hope. (LukeHinds, 14:05:10) * any others want to update? (LukeHinds, 14:05:34) * Worked on outline of int.security policy to integrate reporting of security issues and the SecurityImpact flagging in gerrit/Jira. Needs to be polished yet. (mwinandy_, 14:07:42) * For those projects that use VM images I think this is useful to include/reference: Center for Internet Security (CIS) benchmarks http://benchmarks.cisecurity.org/downloads/benchmarks/ (mwinandy_, 14:08:22) * LINK: http://benchmarks.cisecurity.org/downloads/benchmarks/ (mwinandy_, 14:08:33) * CIS benchmarks gives advice how to configure, e.g., RedHat or Centos instances when using them as VM images (mwinandy_, 14:09:24) * feel free to put these on the wiki (LukeHinds, 14:10:11) * current draft structure is on etherpad. Please feel free to comment (mwinandy_, 14:10:58) * LINK: https://etherpad.opnfv.org/p/int-sec-policies (mwinandy_, 14:11:18) * looks good (etherpad), but be mindful you have overlap with the secure coding guidelines, better to put your links in there and reference the secure coding page from the int-sec-policies (LukeHinds, 14:13:22) * General Policies for OPNFV Development Infrastructure -> https://wiki.opnfv.org/security/securecode (LukeHinds, 14:14:07) * mwinandy_> yes, will do (still "legacy content" there :) -> understood (LukeHinds, 14:14:34) * inspector: expecting to have a discussion tomorrow in the proposed projects agenda point (aripie, 14:16:54) * any comments on the proposal - any further information you would want to get included? (aripie, 14:17:16) * I can see the gap is there, and you have a good scope to start the project off (LukeHinds, 14:18:55) * Is there any concern about protecting log/audit data integrity in the Inspector project? (mwinandy_, 14:19:21) * LINK: https://wiki.opnfv.org/requirements_projects/inspector (jaosorior, 14:21:31) * , do you have any initial plans on how the data / events will be rendered? (LukeHinds, 14:22:41) * I will make sure I start to populate this #link https://wiki.opnfv.org/security/upstream/etsi as I already have a little insight into ETSI (LukeHinds, 14:24:38) * I just found this that looks like worth a watch #link https://www.openstack.org/summit/openstack-summit-atlanta-2014/session-videos/presentation/an-overview-of-cloud-auditing-support-for-openstack (LukeHinds, 14:31:52) * AGREED: pending approval on inspector, jaosorior will present an overview of auditing in openstack. we will push out an email encouraging other projects to attend, as they will be candidates for auditing events using the CADF framework. (LukeHinds, 14:48:04) * AGREED: preliminary date of 6/5 (Wednesday) (LukeHinds, 14:48:48) * LINK: https://wiki.opnfv.org/requirements_projects/inspector (LukeHinds, 14:51:50) * ACTION: after inspector approval, a etherpad will be put up and emailed out (LukeHinds, 15:04:35) * ACTION: ashutosh to review and suggest additions with the view from the etsi sec group (within etherpad( (LukeHinds, 15:05:01) * - not sure if everyone has done it, but they have filters set up on the mailing list system, you might need to add security (LukeHinds, 15:09:58) Meeting ended at 15:10:19 UTC. Action items, by person ----------------------- * AShutosh * ashutosh to review and suggest additions with the view from the etsi sec group (within etherpad( People present (lines said) --------------------------- * LukeHinds (71) * jaosorior (42) * mwinandy_ (16) * AShutosh (14) * aripie (5) * collabot (3) Generated by `MeetBot`_ 0.1.4