Difference between revisions of "Project Proposals/SRT"
From fd.io
| Line 9: | Line 9: | ||
|projectLead=Christian Ehrhardt | |projectLead=Christian Ehrhardt | ||
|committers= | |committers= | ||
| − | + | ||
| − | + | ||
* C.J. Collier | * C.J. Collier | ||
| − | * | + | * Andi Rowley |
| − | + | ||
}} | }} | ||
| Line 33: | Line 32: | ||
== Description == | == Description == | ||
| − | <!-- Description of the work that will take place in this project --> | + | <!-- Description of the work that will take place in this project |
| + | This section addresses security considerations unique to the second SDLC phase. Key security activities for this phase include: | ||
| + | |||
| + | •Conduct the risk assessment and use the results to supplement the base | ||
| + | line security controls; | ||
| + | |||
| + | •Analyze security requirements; | ||
| + | |||
| + | •Perform functional and security testing; | ||
| + | |||
| + | •Prepare initial documents for system certification and accreditation; and | ||
| + | |||
| + | •Design security architecture. | ||
| + | |||
| + | Although this section presents the information security components in a sequential top-down manner, the order of completion is not necessarily fixed. Security analysis of complex systems will need to be iterated until consistency and completeness is achieved. --> | ||
| + | |||
== Scope == | == Scope == | ||
| − | <!-- Project scope. The project scope should be well defined. It should be possible from the scope to crisply answer whether something belongs or not within the scope of this particular project. | + | <!-- Project scope. The project scope should be well defined. It should be possible from the scope to crisply answer whether something belongs or not within the scope of this particular project. Scopes should not be overly broad. A Project scope must also lie within the overall scope set by the board for projects in fd.io: |
- IO | - IO | ||
– Hardware/vHardware <-> threads/cores | – Hardware/vHardware <-> threads/cores | ||
| Line 50: | Line 64: | ||
- Testing/Tools/Infrastructure | - Testing/Tools/Infrastructure | ||
- Integration with other systems | - Integration with other systems | ||
| + | |||
| + | CHAPTER ONE | ||
| + | INTRODUCTION | ||
| + | Consideration of security in the System Development Life Cycle is essential to | ||
| + | implementing and integrating a comprehensive strategy for managing risk for all | ||
| + | information technology assets in an organization. The National Institute of Standards and | ||
| + | Technology (NIST) Special Publication (SP) 800-64 is intended to assist federal government | ||
| + | agencies to integrate essential security activities into their established system development life | ||
| + | cycle guidelines. | ||
| + | |||
| + | 1.1 Purpose and Scope | ||
| + | The purpose of this guideline is to assist agencies in building security into their IT development | ||
| + | processes. This should result in more cost-effective, risk-appropriate security control | ||
| + | identification, development, and testing. This guide focuses on the information security | ||
| + | components of the SDLC. Overall system implementation and development is considered outside | ||
| + | the scope of this document. Also considered outside scope is an organization’s information | ||
| + | system governance process. First, the guideline describes the key security roles and responsibilities that are needed in | ||
| + | development of most information systems. Second, sufficient information about the SDLC is provided to allow a person who is unfamiliar with the SDLC process to understand the relationship between information security and the SDLC. | ||
| + | The scope of this document is security activities that occur within a waterfall SDLC | ||
| + | methodology. It is intended that this could be translated into any other SDLC methodology that an agency may have adopted. | ||
| + | |||
--> | --> | ||
Revision as of 21:35, 22 July 2016
| deb_dpdk Facts |
|
Project Lead: Christian Ehrhardt
Repository: git clone https://gerrit.fd.io/r/deb_dpdk |
Contents
Name
Project Contact Name and Email
Repository Name
Description
Scope
Initial Committers
Vendor Neutral
Meets Board Policy (including IPR, being within Board defined Scope etc)
Meets board policy as expressed in Technical Community Charter and IP Policy
Administrata
- Request for Project proposal consideration
- Email: (place link to email to TSC proposing project, this can be obtained from TSC Archives
- Date: (date proposed, makes it simpler to calculate the pre-requisite 2 week time period of gestation before being permitted to be voted on)
