Versions Compared

Old Version 12

changes.mady.by.user Ken Yi

Saved on

compared with

New Version Current

changes.mady.by.user Daniil Egranov

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Subject: [Akraino The Security Sub-Committee] Akraino Security subgroup bi-weekly meeting
When: Occurs every 2 week(s) on Wednesday effective 1/16/2019 until 12/16/2019 from 9:00 AM to 10:00 AM Pacific Standard Time.
Where: https://zoom.us/j/172722011committee meeting schedule can be found on the Akraino calendar https://lists.akraino.org/g/security/calendar.

The schedule of the meeting is driven by the agenda.  Please send your discussion topics to the security@lists.akraino.org mailing list
a few days before the meeting.


 

Agenda:

ICN BP Security review (Bluval results): Kuralamudhan Ramakrishnan & Igor Duarte Cardoso: - 20 - 30 mins


 

Attendees:

  • Randy Stricklin
  • Ken Yi

Topics:

  • CII badging: Security. Randy
    • How to expand the security sub-committee and involve more participants
    • Randy will ask people from ATT IOT team to talk about IOT edge applications and potential requirements to security
  • Security scan integration (Skipped)


10/09/2019

Attendees:

  • Randy Stricklin
  • Daniil Egranov
  • David Plunkett
  • Ken Yi

Topics:

  • Security tool integration status check
    • PTLs might be under the release pressure, need to talk to PTLs individually. (Ken will follow up)
    • Clarification: Just one sample repo location for each language, no need to list all repos
    • David will fill in the Network Cloud Blueprint Family  as an example
  • CII badging
    • Not all of them relating to security
    • Suggest to TSC to have CII as part of maturing process
    • Each blueprint project is not created for the same audience, can we mandate the same set of requirements?
    • Should process subcomittee to adopt CII badging to have a standard measurement. 


9/25/2019

Attendees:

  • Randy Stricklin
  • Tina Tsou
  • Ken Yi

Topics:

  • CII (Core Infrastructure Initiative) Badging in ONAP - Amy Zwarico
    • Overall is positive, almost all projects passing CII badging
    • Frustration from the projects: Priority, ...
    • Tony's dashboard 
    • ONAP do badge at per project level
    • Using script to auto-generate Jira ticket. 
    • Linux Foundation code of conduct
    • Which part of CII is important for Akraino
    • ONAP vulnerability management process
  • SonarCloud integration - Eric Ball

AI:

  • Randy will drive the CII badging discussions. We will allocate 20 minutes in future sec-committee meetings. 


Meeting Content (minutes / recording / slides / other):

  • July 17, 2019 Meeting cancelled
  • May 22, 2019 minutes / recording / slides
  • May 8, 2019 Meeting cancelled
  • April 24, 2019 minutes / recording / slides
  • April 10, 2019 minutes / recording /slides
  • March 27, 2019 minutes / recording /slides
  • March 13, 2019 minutes / recording /slides (Meeting cancelled due to Zoom technical issues)
  • February 27, 2019 minutes / recording /slides
  • February 13, 2019 minutes / recording/ slides
  • January 30, 2019 minutes / recording / slides
  • January 16, 2019 minutes / recording / slides