Tag-security: 2018-08-21 TOC Presentation Prep

Created on 2 Aug 2018  路  7Comments  路  Source: cncf/tag-security

  • PR SAFE WG before 2018-08-21

    • [x] Assign responsible party for PR? Dan Shaw

    • [x] What date do we want to land it on? Proposed date Thursday, 2018-08-16.

    • [x] 2 page overview of SAFE WG. (No need to present WG overview again. Slides are the anchor for kicking of TOC voting.)

    • [ ] Who will present the presentation? JJ or Sabree

Following quick overview of work, Chris Aniszczyk will kick off TOC voting.

Most helpful comment

DRAFT PR page

CNCF SAFE WG Proposal

TOC Sponsor

Ken Owens

Objective

Secure Access for Everyone (SAFE) Working Group will explore secure access, policy control and safety for operators, administrators, developers, and end-users across the cloud native ecosystem.

Goals and Expected Outcomes

  • Synthesize findings into white papers:

    • Key Elements of a Trustworthy System

    • Cloud Native Policy Architecture

  • Publish artifacts from iterative, human-centered design process

    • use cases with primary source references from cloud-native operators, administrators, developers

    • references to documents from experts outside of the working group

  • Develop Container Policy Interface implementations
  • Provide feedback on proposed TOC projects related to SAFE
  • Consider additional recommendations to CNCF TOC, such as:

    • specifications that may be needed to address SAFE concerns

    • project proposals needed to address gaps in the SAFE ecosystem

Non Goals

  • Choose a single identity or security technology
  • Be a standards body for creating standards

Initial Interested Parties

Dan Shaw (@dshaw)
Sarah Allen (@ultrasaurus)
Jeyappragash JJ (@pragashj)
Devarajan P Ramaswamy (@deva)
Kamil Pawlowski (@kbpawlowski)
Geri Jennings (@izgeri)
Howard Huang (@hannibalhuang)
Jason Melo (@jasonmelo)
Torin Sandall (@tsandall)
Sree Tummidi (@sreetummidi)
Christian Kemper (@ckemper67)
Ray Colline (@rcolline)
Doug Davis (@duglin)
Sabree Blackmon (@heavypackets)
Justin Cormack (@justincormack)
Liz Rice (@lizrice)
Erik St. Martin (@erikstmartin)
Cheney Hester (@quiqie)
Erica von Buelow (@ericavonb)
Mark Underwood (@knowlengr)

All 7 comments

DRAFT PR page

CNCF SAFE WG Proposal

TOC Sponsor

Ken Owens

Objective

Secure Access for Everyone (SAFE) Working Group will explore secure access, policy control and safety for operators, administrators, developers, and end-users across the cloud native ecosystem.

Goals and Expected Outcomes

  • Synthesize findings into white papers:

    • Key Elements of a Trustworthy System

    • Cloud Native Policy Architecture

  • Publish artifacts from iterative, human-centered design process

    • use cases with primary source references from cloud-native operators, administrators, developers

    • references to documents from experts outside of the working group

  • Develop Container Policy Interface implementations
  • Provide feedback on proposed TOC projects related to SAFE
  • Consider additional recommendations to CNCF TOC, such as:

    • specifications that may be needed to address SAFE concerns

    • project proposals needed to address gaps in the SAFE ecosystem

Non Goals

  • Choose a single identity or security technology
  • Be a standards body for creating standards

Initial Interested Parties

Dan Shaw (@dshaw)
Sarah Allen (@ultrasaurus)
Jeyappragash JJ (@pragashj)
Devarajan P Ramaswamy (@deva)
Kamil Pawlowski (@kbpawlowski)
Geri Jennings (@izgeri)
Howard Huang (@hannibalhuang)
Jason Melo (@jasonmelo)
Torin Sandall (@tsandall)
Sree Tummidi (@sreetummidi)
Christian Kemper (@ckemper67)
Ray Colline (@rcolline)
Doug Davis (@duglin)
Sabree Blackmon (@heavypackets)
Justin Cormack (@justincormack)
Liz Rice (@lizrice)
Erik St. Martin (@erikstmartin)
Cheney Hester (@quiqie)
Erica von Buelow (@ericavonb)
Mark Underwood (@knowlengr)

Objective

Safe Access for Everyone (SAFE) Working Group will explore secure access, policy control and safety for operators, administrators, developers, and end-users across the cloud native ecosystem.

Goals and Expected Outcomes

change first two bullets to clarify that we'll follow an iterative, human-centered design process...

  • Synthesize findings into two white papers:

    • Key Elements of a Trustworthy System

    • Cloud Native Policy Architecture

  • Published artifacts from iterative, human-centered design process

    • use cases with primary source references from cloud-native operators, administrators, developers

    • references to documents from experts outside of the working group

_Previous iteration_

Goals and Expected Outcomes

  • Create Key Elements of a Trustworthy System white paper
  • Create Cloud Native Policy Architecture white paper
  • Container Policy Interface implementations
  • Explore specifications for SAFE concerns to propose to the CNCF
  • Bring recommendations to the TOC on SAFE concerns projects in CNCF

Goals and Expected Outcomes

  • Synthesize findings into white papers:

    • Key Elements of a Trustworthy System

    • Cloud Native Policy Architecture

  • Publish artifacts from iterative, human-centered design process

    • use cases with primary source references from cloud-native operators, administrators, developers

    • references to documents from experts outside of the working group

  • Develop Container Policy Interface implementations
  • Provide feedback on proposed TOC projects related to SAFE
  • Consider additional recommendations to CNCF TOC, such as:

    • specifications that may be needed to address SAFE concerns

    • project proposals needed to address gaps in the SAFE ecosystem

Thanks, @ultrasaurus.

Was this page helpful?
0 / 5 - 0 ratings