Documentation work from the OpenStack Security Group (OSSG)
Go to file
Dmitriy Rabotyagov 8dbacc7b42 Fix Barbican PKCS#11 description
Current description is incorrect, since barbican does not store each
projects KEK in HSM. As eventually, that would mean having
thousand of keys, while Thales Luna Network HSM has limit of 100 keys
for DPoD, so it will be unable to use big part of HSM solutions
with that approach.
Instead only MKEK and HMAC are stored in HSM and used to encrypt/decrypt
KEKs.

Change-Id: I8c4eaaa42262797632ce4c4296c04a4fe62b8fcf
2021-05-12 10:07:49 +00:00
case-studies Replace Chinese quotes to English quotes 2018-02-16 05:25:21 +08:00
common Updated from openstack-manuals 2021-02-04 07:19:33 +00:00
security-guide Fix Barbican PKCS#11 description 2021-05-12 10:07:49 +00:00
security-notes OSSN-0089: Missing configuration option in Secure Live Migration guide 2021-04-12 09:46:12 +02:00
security-threat-analysis/source Switch to newer openstackdocstheme version 2020-05-20 12:05:16 +02:00
tools Update for openstack-doc-tools 2.0 2019-08-22 15:36:52 +02:00
.gitignore Adding documentation for security threat analysis 2016-04-24 08:55:44 -05:00
.gitreview OpenDev Migration Patch 2019-04-19 19:35:43 +00:00
.zuul.yaml Enable linter, update for python3 2019-10-31 17:19:56 +01:00
bindep.txt Update bindep.txt 2017-02-24 13:27:25 +00:00
doc-tools-check-languages.conf Build tr_TR security-guide 2017-10-25 13:02:35 +00:00
README.rst Correct the wrong link URL 2018-08-26 23:00:35 +08:00
test-requirements.txt Switch to newer openstackdocstheme version 2020-05-20 12:05:16 +02:00
tox.ini Enable linter, update for python3 2019-10-31 17:19:56 +01:00

Team and repository tags

image

OpenStack Security Documentation

This repository contains the OpenStack Security documentation.

For details on how to contribute to the documentation, see the OpenStack Documentation Contributor Guide.

It includes these manuals:

  • Security Guide
  • Security Notes
  • Security Threat Analysis

The Security Notes are published by the OpenStack Security Project (OSSP) to advise users of security related issues. For more information refer to the Security Notes and Security Note Process.

Security Advisories are issued by the Vulnerability Management Team (VMT). For more information about OpenStack's Vulnerability Management Team (VMT) refer to the Vulnerability Management Process.

Directory Structure

Security Guide is in the directory security-guide, which source files in RST format in the directory security-guide/source.

Security Threat Analysis is in the directory security-threat-analysis, which source files in RST format in the directory security-threat-analysis/source.

The security notes are in the directory security-notes.

Testing of changes and building of the guides

Install the python tox package and run tox from the top-level directory to use the same tests that are done as part of our Jenkins gating jobs.

tox

Contributing

Our community welcomes all people interested in open source cloud computing, and encourages you to join the OpenStack Foundation.

The best way to get involved with the community is to talk with others online or at a meet up and offer contributions through our processes, the OpenStack wiki, blogs, or on IRC at #openstack on irc.freenode.net.

We welcome all types of contributions, from blueprint designs to documentation to testing to deployment scripts.

If you would like to contribute to the documents, please see the OpenStack Documentation contributor guide.

Bugs

Bugs should be filed on Launchpad, not GitHub:

Bugs:openstack-manuals

If you find a security issue in OpenStack, not in the contents of the Security Guide, please see How to Report Security Issues to OpenStack.

Release Notes

https://docs.openstack.org/releasenotes/openstack-manuals

Installing

Refer to the OpenStack Security Guide to see where these documents are published and to learn more about the OpenStack Security Guide.