2022-12-09 - Network Traffic Control Working Group Meeting Notes

45 Min

Proposal site structure

Group diskussion

• Site structrue

  • Definitions within environment(s) to investigate
    
    

    • classes of threats

      • External generic - i.e script kiddies, without folio-specific knowledge

      • "Bad user" - has a folio account and password. Either leaked account/password or evil user

      • Internal non-folio - Has access to (parts of) folio network but no account

      • non-malicious - I.e Ooops- script or command. User with foilo-account that had bad luck when thinking

    • classes of networks
      
      

      • public net

      • internals net(s)

    • classes of FOLIO services

      • FOLIO Backend modules

      • FOLIO permission/managing service - OKAPI

      • Secondary services

        • Kafka

        • Elastic Search

        • Database

        • FOLIO-Reporting?

        • Monitoring?

    • classes of tools to explore

      • webservers / proxies

      • firewalls

      • treat/suspicous traffic detection services (log scanning eg. elastic search)

      • others?

    • scope:

      • start with API 

      • later: UI

      • later: secondary services (Kafka, Elastic Search, Database etc.)

    • out of scope:

      • Bringing down / securing secondary services

    • several stages of aproach
      
      

      • Investigation → stories and (ab)use cases

        • Matrix of cases to explore 

        • eg. bringing down Okapi

        • clause of from external network

        • clause from internal net to bring down modules directly

      • Defining test case/environments

      • Creating test environment and verifying

      • Outcome should be a documentation

        • no need to specify this on at this stage

    • (Diagrams where needed)

5 Min

Meeting times and frequencies

All

• Fridays 11 CET every week to start

• stay in huddle for the moment

• could lower frequency later for asychronous work