cfn/cfn-security
Code Issues Proposed changes
master
cfn-security/sub-group-introduction.md
luli abc3484442 add introduction 
Change-Id: I2bd842c8249bbd932e87cf26dfa2ed6cac0c633b
2024-06-04 17:54:51 +08:00

43 lines
2.8 KiB
Markdown
Raw Permalink Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# **CFN-Security Sub-group Introduction**
## Project Facts
Project Creation Date: *2024/04/25*
Primary Contact: *Li Lu & luli@chinamobile.com*
Project Lead: *Huizheng Geng&genghuizheng@chinamobile.com*
Committers: *Jing Cao& caojing1@caict.ac.cn, Longhai Zhu&zhulh@siwei.com, Tingting Yang&yangtingting@chinamobile.com, Yu Wang&wangyuyjy@chinamobile.com, Yingqing Liu&liuyingqing@chinamobile.com@chinamobile.com, Li Lu&luli@chinamobile.com,PengLin Yang&yangpenglin@hygon.cn*
Mailing List: *computing-force-network@lists.opendev.org*
Meetings: *Use bi-weekly meeting of CFN WG*
Repository: *https://opendev.org/cfn/cfn-security* 
StoryBoard: *https://storyboard.openstack.org/#!/project/cfn/cfn-security*
Open Bugs: *TBD*
## Introduction
*
CFN deeply integrates cloud computing, network and other technologies, can provide ubiquitous computing power and realize the optimal allocation of resources. CFN provides a powerful infrastructure for data processing and computing. However, due to the special architecture and idea of CFN, CFN itself and the services running in CFN may face certain security problems, and it is necessary to explore security solutions. Some security risks and considerations are listed below.
Security levels are different among computing nodes in CFN, risks of data leakage and data tempering are high on low security computing nodes, so it is necessary to introduce mechanisms of secure computing and storage to keep data security. Service data may be delivered to multiple nodes and it is difficult to locate the data leakage point and responsibility, so introducing the mechanism of data flow security is necessary. Many dynamic connections of node to node across systems and domains will be established, which provides more attack paths to network attackers and increase risks for computing nodes, so it is necessary to introduce special security consideration for network resources and computing resources.
CFN security subgroup is committed to provide security solutions or security suggestions according to the possible security risks of the CFN itself and the services in CFN. Main jobs include:
1 Research on security functions that CFN should support and the security suggestions for each component of CFN.
2 Analyzes the security risks of computing or storage services in CFN, and proposes solutions.
3 Studies new security technologies that can be applied to CFN, and proposes the application methods of the technologies in CFN.
*
## Documentation & Training
*None*
## Release Planning & Release Notes
*1 CFN security risks and security control suggestions v1.0
2 CFN secure storage solution based on white-box cryptography v1.0*
***<u>Before filling this part, please plan your tasks in StoryBoard at <u>https://storyboard.openstack.org/#!/project_group/computing-force-network</u></u>***
## Previous Releases
*None*
View Git Blame Copy Permalink