Team,
Call setup 5/25/2081 at 2:00PM EST to discuss the Elastic Stack Security for
Casablanca release. Here are some topics related to we will discuss in this
call.
Location: https://connect12.uc.att.com/attinc4/meet/?ExEventID=82392423&CT=M
1. AAF integration with ELK and understanding. (will AAF cover #2 & #3?)
* Information on how AAF works:
https://wiki.onap.org/display/DW/Application+Authorization+Framework+Documentation
1. ELK role base
a. Kibana dashboard role based authentication.
b. Access to Elastic Search API and data access.
c. Access to Logstash access including config
3. Granular level roles within ELK
4. ELK security audit logging
d. Authentication successes & failures
e. Granted and refused connections
f. Requests that have been tampered with
5. Encrypting Communications
a. Encrypt traffic to, from, and within ELK clusters using SSL/TLS
b. Log spoofing - encryption of data between nodes
c. Require nodes to authenticate as they join the cluster using SSL
certificates
d. Elasticsearch using IP Filtering - Make it more difficult for remote
attackers to issue any commands to Elasticsearch
6. Document-level and field-level security
7. Validation log data - Who can ship logs to Logstash - Certification?
Shishir Thakore
_______________________________________________
onap-discuss mailing list
onap-discuss@lists.onap.org
https://lists.onap.org/mailman/listinfo/onap-discuss
