Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Jira No
SummaryDescriptionStatusSolutionArchitecture review templateByung prsented he current template: ONAP Component Architecture Review Template Security related comments were shared on cotainer hardening, pen testing, API security, logging requirements.  ongoing

TSC electionsNew e-mail for voting process wil be sent.Superblueprint demo updatEnterprise IOT URLLC demo - camera doing the inspection. Severs instalation just copleted. PTLs meeting

Vijay was surprised with latest scans and smal progress - Amy will have a meeting with him on that.

SBOM - Muddasar plans to contact a few PTLs.

Update on the Security Logging Fields  

 Python container PoC and extending Andrew Lang's work on logging architecture.

Additional internal resource might be available from MITRE.

Michal's feedback on modyfing Python base image.

ongoingWe have to identify right PTLs - Pawel and Amy to propose PTL by end of this week. Michal could be involved.Service Mesh plans for London release 

Andreas presented first draft, summarized recent achievements and future plans for Service Mesh. First part (almost completed) is to get ready for ISTIO, get rid of AAF. Many components which are working already. In AAI comunicaio issues between Model Loader and Babel, some minor issues with DCAE, no work done yet for VNFSDK or UUI.  

Daily heath checks are done.Smoke use cases are using Ingress APIs.

Plans for London: please refer to slide 8

View file
nameONAP-ServiceMesh-Kohn-London.pptx
height150

Keycloak and CertManager would be kept outside of ONAP deployments - discusion with Fiachra.


Requirements setup for London release.

AAF and MSB to be removed.

In DMaaP AAF still must be enald to have it running.

Architecture Subcommittee shall do the recomendation to TSC, requirement to e tracked with Requirement Subcommittee.

SECCOM could suport in AuthN/AuthZ policies setup.

Proper upgrade scenario in ONAP to be elaborated. 


Q&A session Security Call Data Record Presentation No feedback received so far received by David.
Slide and 2 pager to be sent to seccom distribution list by David.

NEXUS-IQ scansOnly Master will be scanned, so now % increase will be well represented.  


Python PoCInteral resource wil help. Vijay and Michal in the loop. Base image modification. ongoing

Architecture review templateByung prsented he current template: ONAP Component Architecture Review Template Security related comments were shared on cotainer hardening, pen testing, API security, logging requirements.  ongoing

Daylight saving time To be further elaborated. In US in the week of November 4th, to be checked last weekend of October for Europe/Poland.


SECCOM MEETING CALL WILL BE HELD ON 11th OF October'22. 

Architecture review template to be reviewed.







Recordings: 

View file
name2022-10-04_SECCOM_week.mp4
height150


SECCOM presentation:

View file
nameONAP2022-ServiceMesh-Kohn-London10-04 ONAP Security Meeting - AgendaAndMinutes.pptx
height250150