Make a Security Strategy #85

johnml1135 · 2023-08-14T19:58:38Z

What are we securing? How is it being secured? We need to review and document our approach, assumptions, and measures taken to ensure security.

davidbaines · 2023-09-01T09:22:37Z

I had a couple of questions about security:
Will we continue to use AWS S3 in production? I imagine that the security offered there is sufficient for our needs. How do we test that assumption?

Will each project have its own credentials?
Can we be confident that access to one project does not give any way of discovering other projects on the server?
Leaked credentials from one project (such as in an error report) would not affect the security of any other project.

johnml1135 · 2023-09-01T11:42:08Z

@davidbaines - let's continue the discussion here: https://docs.google.com/document/d/1v8DinUykj2IA30TloNN6kUzdned4NOmArnBha0zWeog/edit

johnml1135 · 2023-11-08T14:03:54Z

Completed enough for now.

johnml1135 self-assigned this Aug 14, 2023

johnml1135 added the documentation Improvements or additions to documentation label Aug 14, 2023

johnml1135 added this to the 1.2 Paratext Plugin MVP milestone Aug 14, 2023

johnml1135 closed this as completed Nov 8, 2023

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Make a Security Strategy #85

Make a Security Strategy #85

johnml1135 commented Aug 14, 2023

davidbaines commented Sep 1, 2023

johnml1135 commented Sep 1, 2023

johnml1135 commented Nov 8, 2023

Make a Security Strategy #85

Make a Security Strategy #85

Comments

johnml1135 commented Aug 14, 2023

davidbaines commented Sep 1, 2023

johnml1135 commented Sep 1, 2023

johnml1135 commented Nov 8, 2023