CII Badging Program for CLAMP Xue Gao, Pierre Close, Anael Closson

Slides:



Advertisements
Similar presentations
Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.
Advertisements

Authenticating Users. Objectives Explain why authentication is a critical aspect of network security Explain why firewalls authenticate and how they identify.
SSL AND E- COMMERCE S ECURITY gz2155 Guangwei Zhang.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Principles of Information Security, 2nd edition1 Cryptography.
Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.
CMSC 414 Computer and Network Security Lecture 17 Jonathan Katz.
CMSC 414 Computer and Network Security Lecture 16 Jonathan Katz.
CMSC 414 Computer and Network Security Lecture 22 Jonathan Katz.
CMSC 414 Computer and Network Security Lecture 13 Jonathan Katz.
Key Management Guidelines. 1. Introduction 2. Glossary of Terms and Acronyms 3. Cryptographic Algorithms, Keys and Other Keying Material 4. Key Management.
Page 1 Secure Communication Paul Krzyzanowski Distributed Systems Except as otherwise noted, the content of this presentation.
Part Two Network Security Applications Chapter 4 Key Distribution and User Authentication.
1 Chapter 8 Copyright 2003 Prentice-Hall Cryptographic Systems: SSL/TLS, VPNs, and Kerberos.
Practices in Security Bruhadeshwar Bezawada. Key Management Set of techniques and procedures supporting the establishment and maintenance of keying relationships.
Key Management. Session and Interchange Keys  Key management – distribution of cryptographic keys, mechanisms used to bind an identity to a key, and.
Cryptography and Network Security Chapter 14 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
CIT 380: Securing Computer SystemsSlide #1 CIT 380: Securing Computer Systems Web Security.
7.6 Secure Network Security / G.Steffen1. In This Section Threats to Protection List Overview of Encrypted Processing Example.
 Encryption provides confidentiality  Information is unreadable to anyone without knowledge of the key  Hashing provides integrity  Verify the integrity.
Security By Meenal Mandalia. What is ? stands for Electronic Mail. much the same as a letter, only that it is exchanged in a different.
Cryptography and Network Security Chapter 14 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Effective Password Management Neil Kownacki. Passwords we use today PINs, smartphone unlock codes, computer accounts, websites Passwords are used to protect.
Key management issues in PGP
CII badging program for ONAP ONAP security committee Stephen Terrill
ONAP security meeting
RSA Laboratories’ PKCS Series - a Tutorial
Web Applications Security Cryptography 1
VNF Package CSAR Format Tal Halfon, Amdocs Andrei Kojukhov, PhD, Amdocs Aug 3, 2017.
ONAP security meeting
Intrusion Tolerant Architectures
VNF Package Integrity and Authenticity – Public key based
Security Outline Encryption Algorithms Authentication Protocols
Outline Properties of keys Key management Key servers Certificates.
Symmetric Cryptography
Tutorial on Creating Certificates SSH Kerberos
TASHKENT UNIVERSITY OF INFORMATION TECHNOLOGIES NAMED AFTER MUHAMMAD AL-KHWARIZMI THE SMART HOME IS A BASIC OF SMART CITIES: SECURITY AND METHODS OF.
Computer Communication & Networks
Cryptography and Network Security
e-Health Platform End 2 End encryption
ONAP security meeting
Chapter 5: The Art of Ensuring Integrity
Authentication Applications
ONAP security meeting
Exam Review.
Instructor Materials Chapter 5: The Art of Ensuring Integrity
Challenge-Response New Authentication Scheme
Tutorial on Creating Certificates SSH Kerberos
ONAP Security Sub-committee Update
NET 311 Information Security
CompTIA Security+ Study Guide (SY0-501)
Cryptographic Hash Functions Part I
Cryptography Basics and Symmetric Cryptography
Message Digest Cryptographic checksum One-way function Relevance
刘振 上海交通大学 计算机科学与工程系 电信群楼3-509
Chapt. 10 – Key Management Dr. Wayne Summers
Digital Certificates and X.509
Security Analysis of Network Protocols
Public Key Infrastructure
Instructor Materials Chapter 5: The Art of Ensuring Integrity
Elections Choose wisely, this is your chance to prove if election by popular vote works or not.
Chapter -7 CRYPTOGRAPHIC HASH FUNCTIONS
Exercise: Hashing, Password security, And File Integrity
CS5220 Advanced Topics in Web Programming Secure REST API
Hashing Hash are the auxiliary values that are used in cryptography.
Electronic Payment Security Technologies
Instructor Materials Chapter 5: Ensuring Integrity
Blockchains Lecture 4.
What Does it Mean to Get Gold in CII Badging?
ONAP Security Requirements ONAP Virtual F2F, December overall requirements - security by design Stephen Terrill, et al.
Presentation transcript:

CII Badging Program for CLAMP Xue Gao, Pierre Close, Anael Closson September 20, 2017

The CII Badging Program Core Infrastructure Initiative Website: https://bestpractices.coreinfrastructure.org/ Evaluate how projects follow best practices using voluntary self- certification Three levels: Passing, Silver and Gold LF target level recommendation is Gold ONAP Pilot Project: CLAMP https://bestpractices.coreinfrastructure.org/projects/1197

The Questionnaire Edition is limited to a subset of users Main editor can nominate other users as editors Divided into clear sections For each section, a set of questions is provided, addressing best practices relating to the parent section Each question asks if a criterion is Met, unmet, not applicable, or unknown Criteria are generally high-level as targeted to best practices, e.g. “The project MUST have one or more mechanisms for discussion” “The project SHOULD provide documentation in English”

The Goals Give confidence in the project being delivered By quickly knowing what the project supports See what should be improved Self-questioning helps project stakeholders identifying strengths and weaknesses, do’s and don'ts Align all projects using the same ratings Makes projects connected together to follow the same practices Call for continuous improvement Increase self rating and reach better software quality

To Be Discussed Introduce test coverage rules: how many tests should be added for each code changes Digital signature: use digital signature in delivered packages (already in the plan?) Vulnerability fixing SLA: vulnerabilities should be fixed within 60 days Security mechanisms Which cryptographic algorithms to use to encrypt password The security mechanisms within the software produced by the project SHOULD implement perfect forward secrecy for key agreement protocols so a session key derived from a set of long-term keys cannot be compromised if one of the long-term keys is compromised in the future. If the software produced by the project causes the storing of passwords for authentication of external users, the passwords MUST be stored as iterated hashes with a per-user salt by using a key stretching (iterated) algorithm (e.g., PBKDF2, Bcrypt or Scrypt). The security mechanisms within the software produced by the project MUST generate all cryptographic keys and nonces using a cryptographically secure random number generator, and MUST NOT do so using generators that are cryptographically insecure

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.