2022-10-04 Security Subcommittee Meeting Notes

Please find below the Minutes of Meetings and recording for the SECCOM meeting that was held on 4th of October 2022.

Jira No

Summary

Description

Status

Solution

Jira No

Summary

Description

Status

Solution

 

Service Mesh plans for London release 

Andreas presented first draft, summarized recent achievements and future plans for Service Mesh. First part (almost completed) is to get ready for ISTIO, get rid of AAF. Many components which are working already. In AAI comunicaio issues between Model Loader and Babel, some minor issues with DCAE, no work done yet for VNFSDK or UUI.  

Daily heath checks are done.Smoke use cases are using Ingress APIs.

Plans for London: please refer to slide 8

Keycloak and CertManager would be kept outside of ONAP deployments - discusion with Fiachra.

 

Requirements setup for London release.

AAF and MSB to be removed.

In DMaaP AAF still must be enald to have it running.

Architecture Subcommittee shall do the recomendation to TSC, requirement to e tracked with Requirement Subcommittee.

SECCOM could suport in AuthN/AuthZ policies setup.

Proper upgrade scenario in ONAP to be elaborated. 

 

Q&A session Security Call Data Record Presentation 

No feedback received so far received by David.

 

Slide and 2 pager to be sent to seccom distribution list by David.

 

NEXUS-IQ scans

Only Master will be scanned, so now % increase will be well represented.  

 

 

 

Python PoC

Interal resource wil help. Vijay and Michal in the loop. Base image modification. 

ongoing

 

 

Architecture review template

Byung prsented he current template: ONAP Component Architecture Review Template Security related comments were shared on cotainer hardening, pen testing, API security, logging requirements.  

ongoing

 

 

Daylight saving time 

To be further elaborated. In US in the week of November 4th, last weekend of October for Europe/Poland.

 

 

 

SECCOM MEETING CALL WILL BE HELD ON 11th OF October'22. 

 

 

 

 

 

 

Recordings: 

 

SECCOM presentation: