Ben, Craig, Mike

Related to   NDS-1251 - Getting issue details... STATUS


Project organization/development process

  • Purdue: PI, PM, 20% dev
  • ISDA: PI, Dev
  • Quarterly showcases

Organization option:

  • We discussed a few things around project organization.
  • The NDS team currently mixes NCSA's OpenSource Atlassian tools (Confluence, JIRA) and Github for source control
  • We'd like to continue this process for Workbench development for CHEESE
  • We recognize that CHEESE needs to develop it's own community
  • Suggest a new github/dockerhub organization
    • "cheesehub"?
    • Will contain catalog of specs used by Workbench and Docker image definitions
    • Community can build using standard Github tools (issues/wikis/pull requests, etc).
    • Provisioning (terraform/cloudformation templates)

Features:

  • 12+ containers from Try-CybSI
    • Network security, secure coding, cybersecurity research, cryptography
  • Usage tracking/reporting
  • "Community engagement extensions"
    • Message boards, ticketing systems, leader boards
      • Can this be centered around Github?
    • Application requests
    • Leaderboard
    • Soft rewards
  • Docker/Kubernetes security (high risk)
  • Jupyter Notebook support
  • Usability
  • AWS in year 3


Concerns/issues:

  • Retaining access to unpatched images (private registry?)
  • Conference targets/deadlines


Security:

  • OS choice, update strategy (NCSA security recommendation)
  • UID/GID management
  • Egress filtering
  • Audit
  • Kubernetes RBAC/Security Policies
  • Logging/syslog (NCSA security)
  • Qualys scanning, when relevant
  • Image signing?
  • No labels