Versions Compared

Old Version 4

changes.mady.by.user Ken Yi

Saved on

compared with

New Version 5

changes.mady.by.user Wenhui Zhang

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Contents

Table of Contents

Introduction

The Akraino Security Requirements document is a list security items created by the Akraino security sub-committee.  This document includes security best practices/requirements identified by the ONAP project (also a Linux Foundation project) which are also common to the Akraino project.

...

  1. External interface – for consumption by the system
  2. Internal implementation interface/plugin system – to enable integration with pre-existing solutions
  3. Native implementation – does everything that is required for system to be fully operational and secure out of box without any external systems to be used during testing/demoes or by people without hardware solutions at place.

Static Code Scans

 

RecommedationsRecommendations

  • Use Coverity Scan https://scan.coverity.com/ to perform static code scans on all Akraino code.
  • Automate scanning by enabling Jenkins to trigger weekly scans with Coverity Scan.
  • Deliver scan reports to the PTLs (Project Technical Lead) for each project PTLs will be responsible for getting the vulnerabilities resolved (fixed or designated as false positive).
  • All projects in a release must have the high vulnerabilities resolved by MS-3.
  • All projects in a release must have the high and medium vulnerabilities resolved by MS-4.
  • The Security Committee will host session to help projects walk through the scanning process and reports.

...