Moaz Reyad created SINGA-417: -------------------------------- Summary: Adding security channel Key: SINGA-417 URL: https://issues.apache.org/jira/browse/SINGA-417 Project: Singa Issue Type: New Feature Components: Documentation Reporter: Moaz Reyad
According to the [Apache Project Maturity Model|https://community.apache.org/apache-way/apache-project-maturity-model.html]: ??QU30: The project provides a well-documented, secure and private channel to report security issues, along with a documented way of responding to them.?? ??Apache projects can just point to [http://www.apache.org/security/] or use their own security contacts page, which should also point to that.?? This issue can be solved simply by adding a link to Apache Security page to SINGA website. However, I would also suggest to : # create a sub team in SINGA (even starting with one person) for security # ask for an email security@singa.apache for project security contacts # create a new page for security in SINGA website # add SINGA security team (page and email) to [ASF Project Security Information page|https://www.apache.org/security/projects.html] Machine learning systems like SINGA may work with sensitive data (e.g. medical data, finance, etc.) and SINGA provides distributed training where data and models can be shared in a network. If SINGA security team provides details to ensure the best security practices, this can be an important feature to show in SINGA now or in a future release. -- This message was sent by Atlassian JIRA (v7.6.3#76005)