Adobe, the Adobe logo, Acrobat and Adobe Connect are either registered trademarks or trademarks of Adobe Systems Incorporated in the United States and/or other countries.
S Security task force is the group in charge of fixing known security issues, and providing security policies document in order to improve the scalability of OpenNCP components.
A first testing session (security and load) has been run from a end to end flow (client --> NCPB --> NCPA).
Technical vulnerabilities and remediation
Background:
Decision has been made to fix the clients in order to provide safe clients even if not part of OpenNCP
Then we'll start again the security test and execute component per component testing
Liferay:
Kostas Karkaletsis has solved already a number of issues & installed a new version of Liferay 6.2.0-CE-GA1).
has installed locally the version 6.2-CE-GA6 (which seems to have solved some of the security issues)
trying to migrate the installation from previous version to the new one
S is asking if we are expecting issues with the migration?
Normally it should be easy. Kostas will probably be finished by tomorrow evening
Database:no update script, this is done automatically
has installed https://portswigger.net/burp/ which is a web application security testing tool in order to be able to do this testing my own, before sending it to your team in order to have faster results
S will check the availability of the server and will check with Marco to follow the same process and planning for the other portal
Is it possible to have a public installation? Server not available at the moment. But Jerôme will organize a quick call with Kostas
Relaxations
Massimiliano Masi: The biggest problem we have is regarding the integration with the national connector on the national infrastructure side
It make sense to write a document with functional requirements and then handover it to Kostas, Joao and Jerôme
Massimiliano Masi proposes to start a kick off document trying to formalizing the discussions by e-mail
What Massi needs is a fresh version of deliverable - Please see section/wiki/spaces/ncp/pages/72417298where the document "epSOS Security Deviations Fact Sheet"is displayed
How to implement and to deal with message signature?
epSOS approach
Current version of OpenNCP: no message signature, only assertions
Question is : Do we have a secure conversation (sign every message but without the key) between NCPs? Or xml digital signature (each message is signed using the key of the identity provider)
Secure conversation is relevant if we have a real conversation
xml digital signature is good if we have only a few conversations => Ok for Massi because at the end we do not exchange that much messages (experience from the pilot)
Massimiliano Masi: VPN = secure network, TLS = host-to-host security, we need application-to-application security
Reference to document D 3.A EED v0.8 section 4.3.5.2
How/who can we decide on this topic?
Proposition of Massi:
Analyse the implications of both approach
Present and discuss at the Technical Committee meeting and then decide by voting
need for a comparison between both approach before voting => need to prepare a document before the Technical Committee
Proposition Kostas:
Better to have a list of all the issues and then prioritize them
S will make the list and prepare a proposition for thisTechnical Committee on
Both approaches could be in parallel. Choice of how to implement and priority
List pros and con's on the wiki for discussions, from the page dedicated on security
Massimiliano Masi will start a document with the functional requirements regarding the integration with the national connector on the national infrastructure side. This document will be shared with Kostas, Joao and Jerôme
S will make a list of issues and a first proposition of prioritization