search

radon-h2020 / radon-delivery-toolchain

Project listing all delivery toolchain requirements including: RADON orchestrator, Monitoring, Template Library, CI/CD.
Apache License 2.0
0 stars 4 forks source link

R-T5.3-1: The TOSCA blueprint needs to be able to support the definition of security and privacy policy of specific serverless/FaaS provider. #24

Closed cankarm closed 3 years ago

cankarm commented 4 years ago
ID: R-T5.3-1
Type: SECURITY
User story: As an Operations Engineer, I want to define security and privacy policies of my application
Requirement: The TOSCA blueprint needs to be able to support the definition of security and privacy policy of specific serverless/FaaS provider.
Extended Description: The definition of security and privacy policy in TOSCA blueprint must be reflected after the deployment step is finished.
Priority: Must have
Affected Tools: DELIVERY_TOOLCHAIN
Means of Verification: Test if security and privacy policy rules has been applied to deployed application by penetration testing methodologies.
cankarm commented 4 years ago

Currenlty, half of the "policies" undestood from the decription can be complied with a proper confugiration (e.g. location of deployment, etc). The DoS attack or similar security policy handling has been addressed in D5.2.

@gcasale I propose to lower this priority to SHOULD as it needs a better description from a use-case to understand if anything is missing in the picture.

cankarm commented 3 years ago

As there is no more details about the requirements of this issue I propose to close it.

@gcasale

gcasale commented 3 years ago

Approved