Re: [openstack-dev] [kolla][security] Finishing the job on threat analysis for Kolla

2016-06-14 Thread Steven Dake (stdake)
Rob,

Do you have the source for reference #2 below?  I believe the next step was to 
produce copies of #2 based upon the special different types of containers in 
the system and combine them into one coherent doc.

I think continuing to use sequence diagrams makes sense.

My phone (out of batteries) has a photograph of the different things we wrote 
down - I was planning to combine that work with multiples of diagram #2, and 
submit it for review - to get the process started.

Regards
-steve

From: Rob C mailto:hyaku...@gmail.com>>
Date: Tuesday, June 14, 2016 at 1:34 AM
To: "OpenStack Development Mailing List (not for usage questions)" 
mailto:openstack-dev@lists.openstack.org>>
Cc: Steven Dake mailto:std...@cisco.com>>, 
"robcl...@uk.ibm.com<mailto:robcl...@uk.ibm.com>" 
mailto:robcl...@uk.ibm.com>>
Subject: Re: [openstack-dev] [kolla][security] Finishing the job on threat 
analysis for Kolla


I have returned from #drownload and I'm super keen to get ontop of this, in 
this email I'll just try to tie a few different threads together.

The etherpad we used at the summit, along with the Sequence Diagram texts are 
online [1] are we happy to continue using web sequence diagrams? I think the 
resulting output is very useful [2] - even if Kolla doesn't fit the typical 
project style that we anticipate using these for - they're better suited to 
more traditional software projects.

There's a big effort to formalize the TA process and have OSSP help as 
guardians of the code base[3] in future, with lots of effort being made to 
ensure that as new projects come into the fold they meet a certain minimum 
security level - we'll also attempt to help more established projects iterate 
to a level of equal security assurance.

I'll leave the process description for our actual documentation but a big part 
of it will be projects submitting security docs to the newly created 
security-analysis repo [4]. Projects are welcome to use this for staging and 
collaboration - the OSSP will largely ignore projects with the WIP flag set.

I think the next step is for Doug and I (and anyone else who cares) to review 
the current diagrams and provide a quick gap analysis for the Kolla devs 
detailing what else is required for us to do a proper review.


[1] https://etherpad.openstack.org/p/kolla-newton-summit-threat-analysis

[2] https://drive.google.com/file/d/0B0osRPn3qBq5X1poTGZqVFBRQW8/view

[3] https://review.openstack.org/#/c/300698/

[4] https://review.openstack.org/#/c/325049/

On Tue, May 31, 2016 at 5:37 PM, Chivers, Doug 
mailto:doug.chiv...@hpe.com>> wrote:
Thanks for following up Steve, the sessions at the summit were extremely useful.

Both Rob and I have been caught up with the day-job since we got back from the 
summit, but will discuss next steps and agree a plan this week.

Regards

Doug




From: "Steven Dake (stdake)" 
mailto:std...@cisco.com><mailto:std...@cisco.com<mailto:std...@cisco.com>>>
Date: Tuesday, 24 May 2016 at 17:16
To: 
"openstack-dev@lists.openstack.org<mailto:openstack-dev@lists.openstack.org><mailto:openstack-dev@lists.openstack.org<mailto:openstack-dev@lists.openstack.org>>"
 
mailto:openstack-dev@lists.openstack.org><mailto:openstack-dev@lists.openstack.org<mailto:openstack-dev@lists.openstack.org>>>
Cc: Doug Chivers 
mailto:doug.chiv...@hpe.com><mailto:doug.chiv...@hpe.com<mailto:doug.chiv...@hpe.com>>>,
 
"robcl...@uk.ibm.com<mailto:robcl...@uk.ibm.com><mailto:robcl...@uk.ibm.com<mailto:robcl...@uk.ibm.com>>"
 
mailto:robcl...@uk.ibm.com><mailto:robcl...@uk.ibm.com<mailto:robcl...@uk.ibm.com>>>
Subject: [kolla][security] Finishing the job on threat analysis for Kolla

Rob and Doug,

At Summit we had 4 hours of highly productive work producing a list of "things" 
that can be "threatened".  We have about 4 or 5 common patterns where we follow 
the principle of least privilege.  On Friday of Summit we produced a list of 
all the things (in this case deployed containers).  I'm not sure who, I think 
it was Rob was working on a flow diagram for the least privileged case.  From 
there, the Kolla coresec team can produce the rest of the diagrams for 
increasing privileges.

I'd like to get that done, then move on to next steps.  Not sure what the next 
steps are, but lets cover the flow diagrams first since we know we need those.

Regards
-steve
__
OpenStack Development Mailing List (not for usage questions)
Unsubscribe: 
openstack-dev-requ...@lists.openstack.org?subject:unsubscribe<http://openstack-dev-requ...@lists.openstack.org?subject:unsubscribe>
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev

__
OpenStack Development Mailing List (not for usage questions)
Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev


Re: [openstack-dev] [kolla][security] Finishing the job on threat analysis for Kolla

2016-06-14 Thread Rob C
I have returned from #drownload and I'm super keen to get ontop of this, in
this email I'll just try to tie a few different threads together.

The etherpad we used at the summit, along with the Sequence Diagram texts
are online [1] are we happy to continue using web sequence diagrams? I
think the resulting output is very useful [2] - even if Kolla doesn't fit
the typical project style that we anticipate using these for - they're
better suited to more traditional software projects.

There's a big effort to formalize the TA process and have OSSP help as
guardians of the code base[3] in future, with lots of effort being made to
ensure that as new projects come into the fold they meet a certain minimum
security level - we'll also attempt to help more established projects
iterate to a level of equal security assurance.

I'll leave the process description for our actual documentation but a big
part of it will be projects submitting security docs to the newly created
security-analysis repo [4]. Projects are welcome to use this for staging
and collaboration - the OSSP will largely ignore projects with the WIP flag
set.

I think the next step is for Doug and I (and anyone else who cares) to
review the current diagrams and provide a quick gap analysis for the Kolla
devs detailing what else is required for us to do a proper review.


[1] https://etherpad.openstack.org/p/kolla-newton-summit-threat-analysis

[2] https://drive.google.com/file/d/0B0osRPn3qBq5X1poTGZqVFBRQW8/view

[3] https://review.openstack.org/#/c/300698/

[4] https://review.openstack.org/#/c/325049/

On Tue, May 31, 2016 at 5:37 PM, Chivers, Doug  wrote:

> Thanks for following up Steve, the sessions at the summit were extremely
> useful.
>
> Both Rob and I have been caught up with the day-job since we got back from
> the summit, but will discuss next steps and agree a plan this week.
>
> Regards
>
> Doug
>
>
>
>
> From: "Steven Dake (stdake)" mailto:std...@cisco.com>>
> Date: Tuesday, 24 May 2016 at 17:16
> To: "openstack-dev@lists.openstack.org openstack-dev@lists.openstack.org>"  >
> Cc: Doug Chivers mailto:doug.chiv...@hpe.com>>, "
> robcl...@uk.ibm.com"  >
> Subject: [kolla][security] Finishing the job on threat analysis for Kolla
>
> Rob and Doug,
>
> At Summit we had 4 hours of highly productive work producing a list of
> "things" that can be "threatened".  We have about 4 or 5 common patterns
> where we follow the principle of least privilege.  On Friday of Summit we
> produced a list of all the things (in this case deployed containers).  I'm
> not sure who, I think it was Rob was working on a flow diagram for the
> least privileged case.  From there, the Kolla coresec team can produce the
> rest of the diagrams for increasing privileges.
>
> I'd like to get that done, then move on to next steps.  Not sure what the
> next steps are, but lets cover the flow diagrams first since we know we
> need those.
>
> Regards
> -steve
> __
> OpenStack Development Mailing List (not for usage questions)
> Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>
__
OpenStack Development Mailing List (not for usage questions)
Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev


Re: [openstack-dev] [kolla][security] Finishing the job on threat analysis for Kolla

2016-05-31 Thread Chivers, Doug
Thanks for following up Steve, the sessions at the summit were extremely useful.

Both Rob and I have been caught up with the day-job since we got back from the 
summit, but will discuss next steps and agree a plan this week.

Regards

Doug




From: "Steven Dake (stdake)" mailto:std...@cisco.com>>
Date: Tuesday, 24 May 2016 at 17:16
To: 
"openstack-dev@lists.openstack.org" 
mailto:openstack-dev@lists.openstack.org>>
Cc: Doug Chivers mailto:doug.chiv...@hpe.com>>, 
"robcl...@uk.ibm.com" 
mailto:robcl...@uk.ibm.com>>
Subject: [kolla][security] Finishing the job on threat analysis for Kolla

Rob and Doug,

At Summit we had 4 hours of highly productive work producing a list of "things" 
that can be "threatened".  We have about 4 or 5 common patterns where we follow 
the principle of least privilege.  On Friday of Summit we produced a list of 
all the things (in this case deployed containers).  I'm not sure who, I think 
it was Rob was working on a flow diagram for the least privileged case.  From 
there, the Kolla coresec team can produce the rest of the diagrams for 
increasing privileges.

I'd like to get that done, then move on to next steps.  Not sure what the next 
steps are, but lets cover the flow diagrams first since we know we need those.

Regards
-steve
__
OpenStack Development Mailing List (not for usage questions)
Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev


[openstack-dev] [kolla][security] Finishing the job on threat analysis for Kolla

2016-05-24 Thread Steven Dake (stdake)
Rob and Doug,

At Summit we had 4 hours of highly productive work producing a list of "things" 
that can be "threatened".  We have about 4 or 5 common patterns where we follow 
the principle of least privilege.  On Friday of Summit we produced a list of 
all the things (in this case deployed containers).  I'm not sure who, I think 
it was Rob was working on a flow diagram for the least privileged case.  From 
there, the Kolla coresec team can produce the rest of the diagrams for 
increasing privileges.

I'd like to get that done, then move on to next steps.  Not sure what the next 
steps are, but lets cover the flow diagrams first since we know we need those.

Regards
-steve
__
OpenStack Development Mailing List (not for usage questions)
Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev