Doug CC'd has volunteered to help and will hopefully be coming to Seattle. -Rob From: Abu Shohel Ahmed [mailto:ahmed.shohel at ericsson.com] Sent: 12 June 2014 11:35 To: Openstack-security at lists.openstack.org , Subject: [Openstack-security] Security Threat modelling work for OpenStack Hi, At OSSG, we are currently doing Threat Modelling of OpenStack and as a starter we have already performed initial work for Keystone. Work on Nova has also started. The current status of the work is located at https://wiki.openstack.org/wiki/Security/Threat_Analysis https://github.com/shohel02/OpenStack_Threat_Modelling.git <https://github.com/criscad/OpenStack_Threat_Modelling.git> https://github.com/criscad/OpenStack_Threat_Modelling.git In the mid review starting at July 14th, we will go through threat modelling process for Openstack projects, and for Keystone we go through a component break down and enumerate possible threats and attack vectors. Interested? Put your name in etherpad Threat Modelling section. We are especially hoping to get support and participation from Keystone core developers . I think there are some in this mailing list too :) https://etherpad.openstack.org/p/ossg-juno-meetup Cheers, Shohel -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.openstack.org/pipermail/openstack-security/attachments/20140612/2f56debe/attachment.html> -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 6187 bytes Desc: not available URL: <http://lists.openstack.org/pipermail/openstack-security/attachments/20140612/2f56debe/attachment.bin>