You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 13 Next »

Brief Service Description

Federation as a Service supports NRENs by providing them with the infrastructure needed to operate a classic Identity federation (web based Single Sign-on). 

Detailed service information is available from Federation-as-a-Service

FaaS showcase by Marina Vermezovic

Service Manager

Name 

Nebojsa Ilic

nebojsa.ilic@amres.ac.rs

 

Service Team

NameEmail

 

 
  
  
  

Security-related information and sources

FaaS instances are deployed on servers running CentOS 6.7 operating system. In order for FaaS service to operate properly, there are quite a number of applications and tools installed on FaaS servers. Majority of applications are installed using CentOS package manager (yum) but there are several tools which are installed using github or source code. Some applications are critical for the FaaS operation (such as pyff, jagger, lunacm), while others are important for server management and monitoring (nagios). From the security standpoint, it is important to constantly follow newly discovered vulnerabilities and bugs in applications used on FaaS servers.

Operating system / ApplicationSource of informationComment
CentOS 6.7https://lists.centos.org/mailman/listinfo/centos-announceMailing-list used for forwarding security-related and general information about CentOS
Pyffhttps://github.com/leifj/pyFF/issuesIssues found in Pyff. Contains bug information.
Jaggerhttps://github.com/Edugate/Jagger/issuesIssues found in Jagger. Contains bug information.
PHPhttps://www.cvedetails.com/vulnerability-list/vendor_id-74/product_id-128/PHP-PHP.htmlList of vulnerabilities found for PHP, published in the form of CVE list.

Perl

https://www.cvedetails.com/vulnerability-list/vendor_id-1885/product_id-13879/Perl-Perl.htmlList of vulnerabilities found for Perl, published in the form of CVE list.
Pythonhttps://www.cvedetails.com/vulnerability-list/vendor_id-1238/product_id-2147/Python-Software-Foundation-Python.htmlList of vulnerabilities found for Perl, published in the form of CVE list.
MySQLhttps://www.cvedetails.com/vulnerability-list/vendor_id-185/Mysql.htmlList of vulnerabilities found for MySQL, published in the form of CVE list.
Nagioshttps://www.cvedetails.com/vulnerability-list/vendor_id-1424/product_id-2468/Nagios-Nagios.htmlList of vulnerabilities found for Nagios, published in the form of CVE list.
Shibboleth

https://www.cvedetails.com/vulnerability-list/vendor_id-11435/Shibboleth.html

https://wiki.shibboleth.net/confluence/display/SHIB2/SecurityAdvisories

List of vulnerabilities found for Shibboleth, published in the form of CVE list.

Security advisories listed on Shibboleth.

OpenSSLhttps://www.cvedetails.com/vulnerability-list/vendor_id-217/product_id-383/Openssl-Openssl.htmlList of vulnerabilities found for OpenSSL, published in the form of CVE list.
OpenSSHhttps://www.cvedetails.com/vulnerability-list/vendor_id-97/product_id-585/Openbsd-Openssh.htmlList of vulnerabilities found for OpenSSH, published in the form of CVE list.

 

Security issues that need to be addressed asap.

Operating system / ApplicationIssueRecommendation
None--

 

Status Overview

 

Insert DatePhaseDelivery DateIssues/risksMitigationComments (please provide update)RAG status
 

Testing

Migrating

Production

     
 
  •  
  •  
  •  
    GREEN
 
  •  
  •  
  •  
    GREEN
 
  •  
  •  
  •  
    GREEN
 
  •  
  •  
  •  
    GREEN
 
  •  
  •  
  •  
    GREEN

 

 

 


 

 

 

 

 

  • No labels