e4aac82b07
A standard pre-release patch, looking for any obsolete text to remove, and references to newly unsupported releases to remove. Feel free to update the patch if you find other things. Review request: this patch touches many files in a small way. Please try and focus on the small changes, and not the rest of the file ... since many of them do need an edit ;) Change-Id: I383c51acf149bb6553ddfd33cad382f5dd15fe62
128 lines
5.4 KiB
XML
128 lines
5.4 KiB
XML
<?xml version="1.0" encoding="UTF-8"?>
|
|
<book version="5.0" xml:id="os-security-guide"
|
|
xmlns:xi="http://www.w3.org/2001/XInclude"
|
|
xmlns="http://docbook.org/ns/docbook"
|
|
xmlns:xlink="http://www.w3.org/1999/xlink">
|
|
<title>OpenStack Security Guide</title>
|
|
<info>
|
|
<author>
|
|
<personname>
|
|
<firstname/>
|
|
<surname/>
|
|
</personname>
|
|
<affiliation>
|
|
<orgname>OpenStack Foundation</orgname>
|
|
</affiliation>
|
|
</author>
|
|
<copyright>
|
|
<year>2013</year>
|
|
<holder>OpenStack Foundation</holder>
|
|
</copyright>
|
|
<releaseinfo>icehouse</releaseinfo>
|
|
<productname>OpenStack</productname>
|
|
<pubdate/>
|
|
<legalnotice role="cc-by">
|
|
<annotation>
|
|
<remark>Copyright details are filled in by the
|
|
template.</remark>
|
|
</annotation>
|
|
</legalnotice>
|
|
<abstract>
|
|
<para>This book provides best practices and conceptual
|
|
information about securing an OpenStack cloud.</para>
|
|
</abstract>
|
|
<revhistory>
|
|
<!-- ... continue adding more revisions here as you change this document using the markup shown below... -->
|
|
|
|
<revision>
|
|
<date>2013-12-02</date>
|
|
<revdescription>
|
|
<itemizedlist>
|
|
<listitem>
|
|
<para>Chapter on Object Storage added.</para>
|
|
</listitem>
|
|
</itemizedlist>
|
|
</revdescription>
|
|
</revision>
|
|
<revision>
|
|
<date>2013-10-17</date>
|
|
<revdescription>
|
|
<itemizedlist>
|
|
<listitem>
|
|
<para>Havana release.</para>
|
|
</listitem>
|
|
</itemizedlist>
|
|
</revdescription>
|
|
</revision>
|
|
<revision>
|
|
<date>2013-07-02</date>
|
|
<revdescription>
|
|
<itemizedlist>
|
|
<listitem>
|
|
<para>Initial creation...</para>
|
|
</listitem>
|
|
</itemizedlist>
|
|
</revdescription>
|
|
</revision>
|
|
</revhistory>
|
|
</info>
|
|
<xi:include href="../common/ch_preface.xml"/>
|
|
<xi:include href="ch001_acknowledgements.xml"/>
|
|
<xi:include href="ch002_why-and-how-we-wrote-this-book.xml"/>
|
|
<xi:include href="ch004_book-introduction.xml"/>
|
|
<xi:include href="ch005_security-domains.xml"/>
|
|
<xi:include href="ch006_introduction-to-case-studies.xml"/>
|
|
<xi:include href="ch008_system-roles-types.xml"/>
|
|
<xi:include href="ch009_case-studies.xml"/>
|
|
<xi:include href="ch011_management-introduction.xml"/>
|
|
<xi:include href="ch012_configuration-management.xml"/>
|
|
<xi:include href="ch013_node-bootstrapping.xml"/>
|
|
<xi:include
|
|
href="ch014_best-practices-for-operator-mode-access.xml"/>
|
|
<xi:include href="ch015_case-studies-management.xml"/>
|
|
<xi:include
|
|
href="ch017_threat-models-confidence-and-confidentiality.xml"/>
|
|
<xi:include href="ch018_case-studies-pkissl.xml"/>
|
|
<xi:include href="ch020_ssl-everywhere.xml"/>
|
|
<xi:include href="ch021_paste-and-middleware.xml"/>
|
|
<xi:include href="ch022_case-studies-api-endpoints.xml"/>
|
|
<xi:include href="ch024_authentication.xml"/>
|
|
<xi:include href="ch025_web-dashboard.xml"/>
|
|
<xi:include href="ch026_compute.xml"/>
|
|
<xi:include href="ch027_storage.xml"/>
|
|
<xi:include href="ch028_case-studies-identity-management.xml"/>
|
|
<xi:include href="ch030_state-of-networking.xml"/>
|
|
<xi:include href="ch031_neutron-architecture.xml"/>
|
|
<xi:include href="ch032_networking-best-practices.xml"/>
|
|
<xi:include href="ch033_securing-neutron-services.xml"/>
|
|
<xi:include
|
|
href="ch034_tenant-secure-networking-best-practices.xml"/>
|
|
<xi:include href="ch035_case-studies-networking.xml"/>
|
|
<xi:include href="ch037_risks.xml"/>
|
|
<xi:include href="ch038_transport-security.xml"/>
|
|
<xi:include href="ch039_case-studies-messaging.xml"/>
|
|
<xi:include href="ch041_database-backend-considerations.xml"/>
|
|
<xi:include href="ch042_database-overview.xml"/>
|
|
<xi:include href="ch043_database-transport-security.xml"/>
|
|
<xi:include href="ch044_case-studies-database.xml"/>
|
|
<xi:include href="ch046_data-residency.xml"/>
|
|
<xi:include href="ch047_data-encryption.xml"/>
|
|
<xi:include href="ch048_key-management.xml"/>
|
|
<xi:include href="ch049_case-studies-tenant-data.xml"/>
|
|
<xi:include href="ch051_vss-intro.xml"/>
|
|
<xi:include href="ch052_devices.xml"/>
|
|
<xi:include href="ch053_case-studies-instance-isolation.xml"/>
|
|
<xi:include href="ch055_security-services-for-instances.xml"/>
|
|
<xi:include href="ch056_case-studies-instance-management.xml"/>
|
|
<xi:include href="ch058_forensicsincident-response.xml"/>
|
|
<xi:include href="ch059_case-studies-monitoring-logging.xml"/>
|
|
<xi:include href="ch061_compliance-overview.xml"/>
|
|
<xi:include href="ch062_audit-guidance.xml"/>
|
|
<xi:include href="ch063_compliance-activities.xml"/>
|
|
<xi:include href="ch064_certifications-compliance-statements.xml"/>
|
|
<xi:include href="ch065_privacy.xml"/>
|
|
<xi:include href="ch066_case-studies-compliance.xml"/>
|
|
<xi:include href="../common/app_support.xml"/>
|
|
<glossary role="auto"/>
|
|
</book>
|