Versions Compared

Old Version 2

changes.mady.by.user Paweł Pawlak

Saved on

compared with

New Version Current

changes.mady.by.user Paweł Pawlak

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Jira No
SummaryDescriptionStatusSolutionFinishing the RACI Matrix

https://wiki.onap.org/display/DW/Project+State%3A+Unmaintained

Some description modifications "or Delegated" in the TSC responsibility + TSC should be on updates.

ongoingPresent updates to TSC (Muddasar).

List of cryptographic protocols used in ONAP

Currently existing Wiki is not updated:

We could link to IANA with list of cypher up to date:

https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-4

To consider default choice as best practice to use.

We focus first on the external API communication for the cyphers.

Tony proposed to make a direct reference per table to IANA in SECCOM Wiki.

ongoing

PTLs meeting

SECCOM Kohn upgrades status update:

DMaaP is finding false positive misidentification - waiting for more details from Fiachra.

Network Slicing Security Enhancement Security Call Data Record presentation by David Armbrust from MITRE

View file
nameSCDR-Presentation-SECCOM.pptx
height250

STAY TUNED: At the upcoming DTF in Seattle MITRE will demonstrate one use case: detection of stolen or maliciously used credentials from authorized connections but anomalous locations.

Enterprise can use information exposed by SCDR records to identify suspicious behavior in their network slice​.

started

Update on the Security Logging Fields and Global

Requirement  - need PoC for Python based containers. For Java based containers PTLs should strat adopting that. 

Requirement  

We need to have a volunteering PTL for Python container.ongoingWe come back have to PTLs at the next meeting with next update.TSC meeting

Catherine moving to TAC, not clear who is going to be a new TSC chair

3GPP YANG models usage and licensing problem – storing source code

ongoing

LFN projects after Amy’s discussion with Ranny

Security SME discussion for LFN TAC: https://wiki.lfnetworking.org/display/LN/2022+Security+SME+seat+role+definition

  • More secure best practices in place, being more proactice 
  • Security expertise provision to TAC
  • Advising TAC on security topics 
started

Update about Sonarcloud 

Bob opened the ticket: https://jira.linuxfoundation.org/plugins/servlet/theme/portal/2/IT-24461?sda_source=notification-email, all languages that are supported, are enabled. Some test, demo or archived code was obsered.closedTicket created by Thomas Kulik New request from Thomas: https://jira.linuxfoundation.org/plugins/servlet/theme/portal/2/IT-24491 resolved - not an issueidentify right PTLs - Bob to generate the list.

Packages upgrades - updatePlease refer to slide no 3. No active PTLs type of projects have 0%. Some improvement achieved. ongoing

SECCOM MEETING CALL WILL BE HELD ON 27th OF September'22. 

Architecture review template to be reviewed.





...

View file
name2022-09-20_SECCOM_week.mp4
height150

SECCOM presentation:

View file
name2022-09-20 ONAP Security Meeting - AgendaAndMinutes.pptx
height150