2022-01-11 - ONAP Security: Jakarta Global Requirements and Best Practices

Topic Description

1 hour @Byung-Woo Jun, @Robert Heinemann, @Tony Hansen , @Pawel Pawlak , @Amy Zwarico

Proposed Agenda:

ONAP Security Requirements (25 mins)
1. Version updates: package upgrades, Java/Python upgrades, infrastructure
2. CII badging targets
3. Integration base images
4. Service-Mesh-Based mTLS communication between Components
5. Authentication and Authorization Architecture
Deep Dive: Logging architecture leveraging open-source logging framework (35 mins)
1. The WHY of Security Logging
  1. Security Logging for Containerized Environments
  2. Required log fields
  3. Logging Metadata needed to support great security analytics downstream
2. The HOW of Security Logging
  1. Log Generation thru STDOUT/STDERR
  2. Log Collection, Aggregation, Persistence and Visualization Roadmap

1) ONAP Security Requirements (25 mins)

1.1 Version updates: package upgrades, Java/Python upgrades, infrastructure

1.2 CII badging targets

1.3 Integration base images

1.4 Service-Mesh-Based mTLS communication between Components

1.5 Authentication and Authorization Architecture

2) Deep Dive: Logging architecture leveraging open-source logging framework (20 mins)

2.1 The WHY of Security Logging

2.1.1 Security Logging for Containerized Environments

2.1.2 Required log fields

2.1.3 Logging Metadata needed to support great security analytics downstream

2.2 The HOW of Security Logging

2.2.1 Log Generation thru STDOUT/STDERR

2.2.2 Log Collection, Aggregation, Persistence and Visualization Roadmap

Please indicate your session type in the blank space below and then remove this Info field.

Demo / Informational (non-interactive)
- You may be asked to pre-record this session which will be made available on-demand.
Live Interactive Session

Recording: zoom_0.mp4

LFN Staff may elect to publish some videos to YouTube. Please indicate here if you do not want your session to be published to YouTube.

Live Interactive Session