Jump to: navigation, search

Difference between revisions of "Solum/SecurityRequirements"

Line 14: Line 14:
  
  
=== Solum Security Features ===
+
=== OSSG-based Solum Security Features ===
 
{| class="wikitable sortable"
 
{| class="wikitable sortable"
 
|-
 
|-
Line 24: Line 24:
 
|}
 
|}
  
=== Operator Security Features ===
+
 
These are recommended security features that an operator should implement but it is ultimately the operator's choice.
+
=== OSSG-based Operator Security Features ===
 +
These are recommended security features that an operator should implement but it is ultimately the operator's choice.  These requirements are outside the scope of Solum's core code.
  
 
{| class="wikitable sortable"
 
{| class="wikitable sortable"
Line 31: Line 32:
 
! Req # !! Doc Link !! Description
 
! Req # !! Doc Link !! Description
 
|-
 
|-
|  || [http://docs.openstack.org/security-guide/content/ch008_system-roles-types.html#ch008_system-roles-types-idp50832 Chapter 6 - Hardware Inventory] || Configuration Management Database: CMDB's are normally used for hardware asset tracking and overall life-cycle management. By leveraging a CMDB, an organization can quickly identify cloud infrastructure hardware (e.g. compute nodes, storage nodes, and network devices) that exists on the network but may not be adequately protected and/or forgotten.
+
|  || [http://docs.openstack.org/security-guide/content/ch008_system-roles-types.html#ch008_system-roles-types-idp48496 Chapter 6 - System Inventory] || Documentation should provide a general description of the OpenStack environment and cover all systems used (production, development, test, etc.). Documenting system components, networks, services, and software often provides the bird's-eye view needed to thoroughly cover and consider security concerns, attack vectors and possible security domain bridging points.  A system inventory may need to capture ephemeral resources such as virtual machines or virtual disk volumes that would otherwise be persistent resources in a traditional IT system.
 +
|-
 +
|  || [http://docs.openstack.org/security-guide/content/ch012_configuration-management.html#ch012_configuration-management-idp44720 Chapter 9 - Vulnerability Management] || Operators should sign up for the [http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-announce OpenStack Announce mailing list] to receive security notifications and monitor the OpenStack Security Advisories (OSSA) and OpenStack Security Notes (OSSN).
 +
|-
 +
|  || [http://docs.openstack.org/security-guide/content/ch012_configuration-management.html#ch012_configuration-management-idp10160 Chapter 9 - Secure Backup and Recovery] || Ensure only authenticated users and backup clients have access to the backup server, use data encryption options for storage and transmission of backups, Use a dedicated and hardened backup server(s). The backup server's logs should be monitored daily and should be accessible by only few individuals and Test data recovery options regularly
 +
|-
 +
|  || [http://docs.openstack.org/security-guide/content/ch012_configuration-management.html#ch012_configuration-management-idp131856 Chapter 9 - Security Auditing Tools] || Security auditing tools automate the process of verifying that a large number of security controls are satisfied for a given system configuration
 +
|-
 +
|  || [http://docs.openstack.org/security-guide/content/ch013_node-bootstrapping.html#ch013_node-bootstrapping-idp44768 Chapter 10 - Secure Bootstrapping] || Nodes in the cloud should utilize a secure boot technology such as TPM, Intel TXT, DRTM and UEFI to ensure that nodes are provisioned consistently and correctly
 +
|-
 +
|  || [link link_text] || desc
 
|-
 
|-
|  || [http://docs.openstack.org/security-guide/content/ch008_system-roles-types.html#ch008_system-roles-types-idp53536 Chapter 6 - Software Inventory] || all software components within the OpenStack deployment should be documented. Components here should include system databases; OpenStack software components and supporting sub-components; and, supporting infrastructure software such as load-balancers, reverse proxies, and network address translators. Having an authoritative list like this may be critical toward understanding total system impact due to a compromise or vulnerability of a specific class of software.
+
|  || [link link_text] || desc
 +
|-
 +
|  || [link link_text] || desc
 +
|-
 +
|  || [link link_text] || desc
  
 
|}
 
|}
 +
 +
 +
=== Solum-specific Security Requirements ===
 +
These requirements were derived from discussions in the Solum community.

Revision as of 19:57, 11 December 2013

Note: This is currently a living document under frequent updates. This is meant to capture the Solum community's collective stance on security features but is not approved at this point.

Solum Security Requirements

Solum is a relatively large project with a diverse set of contributors. This page will attempt to capture the security features which will be implemented in Solum's core code base in order to coordinate efforts with the community. This will also include a list of features that the Solum operator/administrator should implement.

Why doesn't Solum implement all security features? There are many Solum implementation options and local environment requirements that would make this extremely difficult to impossible. Each operator will likely have their own level of security requirements.

Much of the material used in this document comes from the OpenStack Security Guide: http://docs.openstack.org/security-guide/content/openstack_user_guide.html


Assumptions:

  • Will consider Solum to be equivalent to an OSSG-defined "public cloud" with regard to threat model


OSSG-based Solum Security Features

Req # Status Milestone Doc Location Description
1 2 3 4 5
a b c d e


OSSG-based Operator Security Features

These are recommended security features that an operator should implement but it is ultimately the operator's choice. These requirements are outside the scope of Solum's core code.

Req # Doc Link Description
Chapter 6 - System Inventory Documentation should provide a general description of the OpenStack environment and cover all systems used (production, development, test, etc.). Documenting system components, networks, services, and software often provides the bird's-eye view needed to thoroughly cover and consider security concerns, attack vectors and possible security domain bridging points. A system inventory may need to capture ephemeral resources such as virtual machines or virtual disk volumes that would otherwise be persistent resources in a traditional IT system.
Chapter 9 - Vulnerability Management Operators should sign up for the OpenStack Announce mailing list to receive security notifications and monitor the OpenStack Security Advisories (OSSA) and OpenStack Security Notes (OSSN).
Chapter 9 - Secure Backup and Recovery Ensure only authenticated users and backup clients have access to the backup server, use data encryption options for storage and transmission of backups, Use a dedicated and hardened backup server(s). The backup server's logs should be monitored daily and should be accessible by only few individuals and Test data recovery options regularly
Chapter 9 - Security Auditing Tools Security auditing tools automate the process of verifying that a large number of security controls are satisfied for a given system configuration
Chapter 10 - Secure Bootstrapping Nodes in the cloud should utilize a secure boot technology such as TPM, Intel TXT, DRTM and UEFI to ensure that nodes are provisioned consistently and correctly
[link link_text] desc
[link link_text] desc
[link link_text] desc
[link link_text] desc


Solum-specific Security Requirements

These requirements were derived from discussions in the Solum community.

Retrieved from "https://wiki.openstack.org/w/index.php?title=Solum/SecurityRequirements&oldid=38008"