Skip to content

lsst-sqre/sqr-037

Repository files navigation

image

image

SQuaRE security risk assessment

SQR-037

SQuaRE runs project infrastructure and multiple security-sensitive services, and SQuaRE team members have substantial access permissions. This tech note proposes a threat model for analyzing SQuaRE-related security risks (excluding the RSP and public APIs), catalogs known gaps under that threat model, and recommends mitigations for those gaps.

Links:

Build this technical note

You can clone this repository and build the technote locally with Sphinx:

Note

In a Conda environment, pip install -r requirements.txt doesn't work as expected. Instead, pip install the packages listed in requirements.txt individually.

The built technote is located at _build/html/index.html.

Editing this technical note

You can edit the index.rst file, which is a reStructuredText document. The DM reStructuredText Style Guide is a good resource for how we write reStructuredText.

Remember that images and other types of assets should be stored in the _static/ directory of this repository. See _static/README.rst for more information.

The published technote at https://sqr-037.lsst.io will be automatically rebuilt whenever you push your changes to the master branch on GitHub.

Updating metadata

This technote's metadata is maintained in metadata.yaml. In this metadata you can edit the technote's title, authors, publication date, etc.. metadata.yaml is self-documenting with inline comments.

Using the bibliographies

The bibliography files in lsstbib/ are copies from lsst-texmf. You can update them to the current lsst-texmf versions with:

make refresh-bib

Add new bibliography items to the local.bib file in the root directory (and later add them to lsst-texmf).

About

No description, website, or topics provided.

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages