From abc34844425e6c102d3edbc3e5ad940bf0698714 Mon Sep 17 00:00:00 2001 From: luli Date: Tue, 4 Jun 2024 17:29:17 +0800 Subject: [PATCH] add introduction Change-Id: I2bd842c8249bbd932e87cf26dfa2ed6cac0c633b --- sub-group-introduction.md | 43 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 43 insertions(+) create mode 100644 sub-group-introduction.md diff --git a/sub-group-introduction.md b/sub-group-introduction.md new file mode 100644 index 0000000..a500dd9 --- /dev/null +++ b/sub-group-introduction.md @@ -0,0 +1,43 @@ +# **CFN-Security Sub-group Introduction** + + +## Project Facts +Project Creation Date: *2024/04/25* + +Primary Contact: *Li Lu & luli@chinamobile.com* + +Project Lead: *Huizheng Geng&genghuizheng@chinamobile.com* + +Committers: *Jing Cao& caojing1@caict.ac.cn, Longhai Zhu&zhulh@siwei.com, Tingting Yang&yangtingting@chinamobile.com, Yu Wang&wangyuyjy@chinamobile.com, Yingqing Liu&liuyingqing@chinamobile.com@chinamobile.com, Li Lu&luli@chinamobile.com,PengLin Yang&yangpenglin@hygon.cn* + +Mailing List: *computing-force-network@lists.opendev.org* + +Meetings: *Use bi-weekly meeting of CFN WG* + +Repository: *https://opendev.org/cfn/cfn-security*  + +StoryBoard: *https://storyboard.openstack.org/#!/project/cfn/cfn-security* + +Open Bugs: *TBD* + +## Introduction +* +CFN deeply integrates cloud computing, network and other technologies, can provide ubiquitous computing power and realize the optimal allocation of resources. CFN provides a powerful infrastructure for data processing and computing. However, due to the special architecture and idea of CFN, CFN itself and the services running in CFN may face certain security problems, and it is necessary to explore security solutions. Some security risks and considerations are listed below. +Security levels are different among computing nodes in CFN, risks of data leakage and data tempering are high on low security computing nodes, so it is necessary to introduce mechanisms of secure computing and storage to keep data security. Service data may be delivered to multiple nodes and it is difficult to locate the data leakage point and responsibility, so introducing the mechanism of data flow security is necessary. Many dynamic connections of node to node across systems and domains will be established, which provides more attack paths to network attackers and increase risks for computing nodes, so it is necessary to introduce special security consideration for network resources and computing resources. +CFN security subgroup is committed to provide security solutions or security suggestions according to the possible security risks of the CFN itself and the services in CFN. Main jobs include: +1 Research on security functions that CFN should support and the security suggestions for each component of CFN. +2 Analyzes the security risks of computing or storage services in CFN, and proposes solutions. +3 Studies new security technologies that can be applied to CFN, and proposes the application methods of the technologies in CFN. +* + +## Documentation & Training +*None* + +## Release Planning & Release Notes +*1 CFN security risks and security control suggestions v1.0 + 2 CFN secure storage solution based on white-box cryptography v1.0* + +***Before filling this part, please plan your tasks in StoryBoard at https://storyboard.openstack.org/#!/project_group/computing-force-network*** + +## Previous Releases +*None* \ No newline at end of file