...
Blueprints Participating Maturity Review
No. | Project Name | PTL | Main Committer | Self-Certification Page | Documentation Sub-Committee | Security Logs (Vuls, Lynis, KubeHunter, no need CD log) | Security Sub-Committee Randy Stricklin Daniil Egranov Wenhui Zhang Exception requests should be filed at: Maturity Blueprints: Akraino CVE and KHV Vulnerability Exception Request | ||
---|---|---|---|---|---|---|---|---|---|
1 | Maturity Review performed over e-mail on May 5th, 2021. Link to the overview: 2021 year | https://nexus.akraino.org/content/sites/logs/baidu/job/security_scan/aiedge/4/result/ | |||||||
2 | IEC Type 2 for Integrated Edge Cloud (IEC) Blueprint Family | ||||||||
3 | |||||||||
4 |
Documentation Review Meeting notes
EALT-EDGE | Boren Zhang |
Maturity Review Certification of |
EALTEdge | Documentation |
https://nexus.akraino.org/content/sites/logs/ |
huawei/job/ |
https://nexus.akraino.org/content/sites/logs/ysemi/job/v1/validation_results_v5/
https://nexus.akraino.org/content/sites/logs/ysemi/job/v1/validation_results_v6/
https://nexus.akraino.org/content/sites/logs/ysemi/job/v2/lynis_v2/lynis/
Lynis:
Test: Checking SHA_CRYPT_MIN_ROUNDS option in /etc/login.defs: FAILED
2022-06-28 17:30:52 Result: low number of maximum encryption algorithm rounds found: 9000
Please see: https://blog.sys4.de/rounds-and-iterations-for-ssh-and-other-keys-en.html
Performing test ID SSH-7440 (Check OpenSSH option: AllowUsers and AllowGroups): FAILED
2022-06-28 17:31:31 Result: AllowUsers is not set
2022-06-28 17:31:31 Result: AllowGroups is not set
2022-06-28 17:31:31 Result: SSH has no specific user or group limitation. Most likely all valid users can SSH to this machine.
Approved by Process Sub-Commitee.
Smart Cities
https://nexus.akraino.org/content/sites/logs/myais/bluval/3/
https://nexus.akraino.org/content/sites/logs/myais/bluval/4/
fix lynis issue
https://nexus.akraino.org/content/sites/logs/myais/bluval/5/
Fix USB-3000 error;
It's because of different version of lynis, in the lynis.log, SHA_CRYPT_MIN_ROUNDS was
Performing test ID AUTH-9230 (Check password hashing rounds)
Test: Checking SHA_CRYPT_{MIN,MAX}_ROUNDS option in /etc/login.defs
It test ok in the log.
Security-logs/ | 6/8/2023 | 06/26/2023 | 07/20/2023 |
Lynis:
Test: Checking SHA_CRYPT_MIN_ROUNDS option in /etc/login.defs: NOT PRESENT IN THIS LOGPerforming test ID USB-3000 (Check for presence of USBGuard): FAILED
2022-06-23 07:10:51 Checking USBGuard rule for controllers connected before daemon starts (PresentControllerPolicy)
2022-06-23 07:10:51 Result: PresentControllerPolicy = keep
2022-06-23 07:10:51 Consider changing PresentControllerPolicy to "apply-policy", "block" or "reject"
Records of Details
No. | Project Name | PTL | Main Committer | Self-Certification Page | Documentation Sub-Committee | Logs (Vuls, Lynis, KubeHunter) | Security Sub-Committee | Process Sub-Committee | |
---|---|---|---|---|---|---|---|---|---|
41 | Maturity Review Certification of Federated ML Application At Edge Blueprint performed over mail on 01/04 & stored at Documentation Sub-committee reviews for 2022. It is recommended to Akraino TSC to deem the maturity requirements for Documentation to "mature" level as fulfilled and accept the BP graduation request to "Mature" level. | 2/28/2022 Update |
| Approved by Process Sub-Commitee. | |||||
2 | IEC Type 3: Android cloud native applications on Arm servers in edge for Integrated Edge Cloud (IEC) Blueprint Family | Maturity Review Certification of Android Cloud | Documentation Review Meeting notes | https://nexus.akraino.org/content/sites/logs/ysemi/job/v2/lynis_v3/lynis/
|
Approved by Security Sub-Committee. |
Approved by Process Sub-Commitee. | Approved by TSC | ||
3 | Smart Cities | Maturity Review Certification of Smart Cities | Documentation Review Meeting notes |
https://nexus.akraino.org/content/sites/logs/myais/bluval/6/ |
Approved by Security Sub-Committee. |
Approved by Process Sub-Commitee. | |||
4 | IEC Type 5: SmartNIC for Integrated Edge Cloud (IEC) Blueprint Family | Maturity Review Certification of SmartNIC | Documentation Review Meeting notes | https://nexus.akraino.org/content/sites/logs/socnoc/job/security_scan/ |
Approved by Security Sub-Committee. | ||||
5 | EALT-EDGE | Boren Zhang | Maturity Review Certification of EALTEdge | https://nexus.akraino.org/content/sites/logs/huawei/job/Security-logs/ | 2023/6/8 Approved by Security Sub-Committee.
Lynus: Performing test ID BOOT-5184 (Check permissions for boot files/scripts): FAILED Note: Please add links to the Vuls and Kube-hunter logs. | 06/26/2023 | 07/20/2023 | ||