This is a wiki page that captures the intent and planned/ongoing actions for the support of security coordination in ONAP.
This covers both the organizational setup and the operations of the onap security subcommittee.
...
ONAP Security sub-committee Operations
Agenda for next meeting:
- Information Update
- S3P (carrier grade) - security aspects. Re: Carrier Grade Requirements (consolidated) common authentication/authorization service (amy)
- There has been comments and discussion on the security part, this is to consolidate and finalize our input.
- Topics to advance
- Static Code Scanning
- Status update of using Coverity.
- Next steps
- Credential protection and managementStatic Code Scanningmanagement
- Proposal walkthrough.
- Next steps to close on our proposal
- If time: Sonatype CLM / Nexus IQ Tool (management of dependancies and known vulnerabilities)
- Static Code Scanning
- AOB
Requested Agenda Items: Please feel free to add topics here that you would like to have on the agenda (or send an email to stephen.Terrill(at)ericsson.com).
...