Solum/SecurityRequirements
Note: This is currently a living document under frequent updates. This is meant to capture the Solum community's collective stance on security features but is not approved at this point.
Solum Security Requirements
Solum is a relatively large project with a diverse set of contributors. This page will attempt to capture the security features which will be implemented in Solum's core code base in order to coordinate efforts with the community. This will also include a list of features that the Solum operator/administrator should implement.
Why doesn't Solum implement all security features? There are many Solum implementation options and local environment requirements that would make this extremely difficult to impossible.
Much of the material used in this document comes from the OpenStack Security Guide: http://docs.openstack.org/security-guide/content/openstack_user_guide.html
Assumptions:
- Will consider Solum to be equivalent to an OSSG-defined "public cloud" with regard to threat model
Solum Security Features
TODO
Operator Security Features
TODO