Difference between revisions of "Project Proposals/SRT"

From fd.io
Jump to: navigation, search
(Description)
(Description)
Line 44: Line 44:
 
* Prepare initial documents for system certification and accreditation; and  
 
* Prepare initial documents for system certification and accreditation; and  
  
* Design security architecture.  
+
* Design security architecture.
  
* Maintain CPE registrations with the NIST
+
* Maintain CPE registrations with the NIST on behalf of all FD.io projects
 +
 
 +
* Monitor National Vulnerability Database for issues which may apply to CPEs registered by FD.io
  
 
<!-->Although this section presents the information security components in a sequential top-down manner, the order of completion is not necessarily fixed. Security analysis of complex systems will need to be iterated until consistency and completeness is achieved.
 
<!-->Although this section presents the information security components in a sequential top-down manner, the order of completion is not necessarily fixed. Security analysis of complex systems will need to be iterated until consistency and completeness is achieved.

Revision as of 02:12, 23 July 2016



srt Facts

Project Lead: Andi Rowley
Committers:

  • C.J. Collier
  • Andi Rowley

Repository: git clone https://gerrit.fd.io/r/srt
Mailing List: srt-dev@lists.fd.io
Jenkins: jenkins silo
Gerrit Patches: code patches/reviews
Bugs: unspecified

Name

Security Response Team

Project Contact Name and Email

Repository Name

srt

Description

Key security activities performed by the SRT include:

  • Conduct the risk assessment and use the results to supplement the base line security controls;
  • Analyze security requirements;
  • Perform functional and security testing;
  • Prepare initial documents for system certification and accreditation; and
  • Design security architecture.
  • Maintain CPE registrations with the NIST on behalf of all FD.io projects
  • Monitor National Vulnerability Database for issues which may apply to CPEs registered by FD.io


Scope

Initial Committers

Vendor Neutral

No issue regarding vendor neutrality.

Meets Board Policy (including IPR, being within Board defined Scope etc)

Meets board policy as expressed in Technical Community Charter and IP Policy

Administrata

  • Request for Project proposal consideration
  • Email:
  • Date: July 22nd 2016