Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 46 Next »

This is a wiki page that captures the intent and planned/ongoing actions for the support of security coordination in ONAP.

This covers both the organizational setup and the operations of the onap security subcommittee. 

ONAP security organization

The ONAP security work is split into two parts.  The management of identified vulnerabilities, which is handled by the vulnerability management sub-committee and the coordination and identification of necessary security related activities which is handled by the security sub-committee.

Vulnerability management

Vulnerability management covers how to handle the reception of an identified vulnerability through to solution and communication of the vulnerability.  The process is initiated by the reception of an email to onap-security@lists.onap.org.  The vulnerability management procedures can be found here: ONAP Vulnerability Management.

The vulnerability management procedures are executed on by the vulnerability management sub-committee.

Release Vulnerabilities

This lists the vulnerabilities reported for each Release.

ONAP security sub-committee

The ONAP security sub-committee identifies and creates proposals related to security in ONAP.  As one example, it has created the proposal for the Vulnerability management procedures which are now in effect.  The ongoing efforts of the ONAP security sub-committee are now to explore more proactive security activities. 

The email address for the onap sub-committee is:onap-seccom@lists.onap.org with information on how to subscribe found here: onap security sub-committee email subscription.

The ONAP security sub-committee meeting logistics are:

------------------------------------------------------------------------------------------------------------------

ONAP Security sub-committee Operations

General Meeting Agenda:

  • Information Update
  • Topics to advance
    • Walkthrough identified items to suggest. 
  • Backlog update and review
    • Update or add item backlogs 
  • For coming meeting: 
    • Agree topics for the next meeting
  • AOB

Requested Agenda Items: Please feel free to add topics here that you would like to have on the agenda (or send an email to stephen.Terrill(at)ericsson.com).

  • item A 

Security sub-committee recommendations can be found here: Security Sub-Committee Recommendations 

JIRA project for issue prioritizationhttps://jira.onap.org/projects/SECCOM/

Next Call:

key summary type created updated due assignee reporter priority status resolution
Loading...
Refresh

2nd Week:

key summary type created updated due assignee reporter priority status resolution
Loading...
Refresh

Backlog (items to be done):

key summary type created updated due assignee reporter priority status resolution
Loading...
Refresh


If you want to be involved, please contact Stephen.terrill@ericsson.com or Amy Zwarico


Note: if you would like to change the contents of this site, please contact Stephen terrill or Amy Zwarico.


  • No labels