2023-01-31 Security Subcommittee Meeting Notes
Please find below the Minutes of Meetings and recording for the SECCOM meeting that was held on 31st of January 2023.
Jira No | Summary | Description | Status | Solution |
---|---|---|---|---|
Logging security discussion by Byung | Node vs. pod level logging update, pods logs visible but not yet with content, kyverno used for policy management. Meeting with Justin and Maggie scheduled later today by Byung. | ongoing | Next week conclusion expected. | |
CPS Security review questionaire by Tony | Slot for a meeting with CPS team still under setup. | ongoing | ||
Security issues raised by External researchers |
| ongoing | ||
Upcoming D&TF | Please register! -SECCOM proposals (TBD): https://wiki.lfnetworking.org/display/LN/2023-02+LFN+Developer+Event+Topics+February#id-202302LFNDeveloperEventTopicsFebruary-ONAPTopics | ongoing | ||
Python PoC by Bob | Environment for testing is available ORAN SC is actively using Pylog, libraries under testing, | ongoing | Work in progress. Fiachra still to be contacted. | |
TSC meeting (26th January) | Architecture Subcommittee shared London status: niorttech.net | |||
PTL meeting (30th January) | Review of Release Management tasks – started
| |||
Unmaintained projects update | Jira tickets to be issued for repos (34!) where no changes for last 12 months done. | ongoing | ||
Adoption of security practices | TAC meeting will be addressing it on Wedesday.
| NTIA recommendation on integrity protections on SBOMs to be reviewed by Amy | ||
NSA has just joined ORAN Alliance. | Security logging support by Bob for AI/ML - 25 use cases proposed. | |||
SECCOM MEETING CALL WILL BE HELD ON January 7th February 2023. | Node vs. pod level logging update by Byung. CPS Security review questionaire by Tony. |
Recordings:
SECCOM presentation:
2023-01-31 ONAP Security Meeting - AgendaAndMinutes.pptx