Subject: [Akraino Security Sub-Committee] Akraino Security subgroup weekly meeting
When: Occurs weekly starting 6/1/2020 from 11:00 AM to 12:00 PM Pacific Time.
Where:
Join Zoom Meeting
Meeting ID: 941 9591 8783
One tap mobile
+16699006833,,94195918783# US (San Jose) 12532158782,,94195918783# US
+(Tacoma)
Dial by your location
+1 669 900 6833 US (San Jose)
+1 253 215 8782 US (Tacoma)
+1 346 248 7799 US (Houston)
+1 646 558 8656 US (New York)
+1 301 715 8592 US (Germantown)
+1 312 626 6799 US (Chicago)
877 369 0926 US Toll-free
855 880 1246 US Toll-free
Meeting ID: 941 9591 8783
Find your local number: https://zoom.us/u/aee0gyHkh8
Agenda:
ICN BP Security review (Bluval results): Kuralamudhan Ramakrishnan (Deactivated) & Igor D.C.: - 20 - 30 mins
Attendees:
- Randy Stricklin
- Ken Yi
Topics:
- CII badging: Security. Randy
- How to expand the security sub-committee and involve more participants
- Randy will ask people from ATT IOT team to talk about IOT edge applications and potential requirements to security
- Security scan integration (Skipped)
10/09/2019
Attendees:
- Randy Stricklin
- Daniil Egranov
- David Plunkett
- Ken Yi
Topics:
- Security tool integration status check
- PTLs might be under the release pressure, need to talk to PTLs individually. (Ken will follow up)
- Clarification: Just one sample repo location for each language, no need to list all repos
- David will fill in the Network Cloud Blueprint Family as an example
- CII badging
- Not all of them relating to security
- Suggest to TSC to have CII as part of maturing process
- Each blueprint project is not created for the same audience, can we mandate the same set of requirements?
- Should process subcomittee to adopt CII badging to have a standard measurement.
9/25/2019
Attendees:
- Randy Stricklin
- Tina Tsou
- Ken Yi
Topics:
- CII (Core Infrastructure Initiative) Badging in ONAP - Amy Zwarico
- Overall is positive, almost all projects passing CII badging
- Frustration from the projects: Priority, ...
- Tony's dashboard
- ONAP do badge at per project level
- Using script to auto-generate Jira ticket.
- Linux Foundation code of conduct
- Which part of CII is important for Akraino
- ONAP vulnerability management process
- SonarCloud integration - Eric Ball
AI:
- Randy will drive the CII badging discussions. We will allocate 20 minutes in future sec-committee meetings.
Meeting Content (minutes / recording / slides / other):
- July 17, 2019 Meeting cancelled
- May 22, 2019 minutes / recording / slides
- May 8, 2019 Meeting cancelled
- April 24, 2019 minutes / recording / slides
- April 10, 2019 minutes / recording /slides
- March 27, 2019 minutes / recording /slides
- March 13, 2019 minutes / recording /slides (Meeting cancelled due to Zoom technical issues)
- February 27, 2019 minutes / recording /slides
- February 13, 2019 minutes / recording/ slides
- January 30, 2019 minutes / recording / slides
- January 16, 2019 minutes / recording / slides