[Security Review] Kubeflow Project

[akgraner]

Project Name: Kubeflow Project

Github URL: https://github.com/kubeflow/kubeflow/tree/master/security

Currently, we are working with Ricardo to get Kubeflow into the CNCF, we are working on going straight into incubation - cncf/toc#1042 (incubation)

Ricardo suggested that we open this issue now, since we are in the beginning stages of setting up our security team as well as our policies and procedures. I don't think we are ready for the formal security review, but we wanted to make sure you all are aware of our on-going efforts. Please let us know what else you need from us.

CNCF project stage and issue NA

Security Provider: yes (e.g. Is the primary function of the project to support the security of an integrating system?)

• Identify team
  • Project security lead @akgraner
  • Lead security reviewer @sublimino
  • 1 or more additional reviewer(s) @krishnakv @mrcdb @vicenteherrera @victorjunlu @yfolias Observers: @krishnakv
  • Every reviewer has read security reviewer guidelines and stated declaration of conflict
  • Sign off by 2 chairs on reviewer conflicts
• Create slack channel (#sec-assess-kubeflow)
• Project lead provides draft document - see outline
• "Naive question phase" Lead Security Reviewer asks clarifying questions
• Assign issue to security reviewers
• Initial review
• Presentation & discussion
• Share draft findings with project
• Assessment summary and doc checked into /assessments/projects/project-name (require at least 1 co-chair approval)
• CNCF TOC presentation (if requested by TOC)

[mrcdb]

Have you already performed a self-assessment for the project or something similar that you could share to kickstart the discussion? Thanks!

[krishnakv]

I would like to volunteer for this review, please. I have no soft or hard conflicts to report.

[JustinCappos]

Please ping us once you have a draft of the self-assessment and we can start to put a team together.

[sublimino]

Hi @akgraner and team!

I'll be the lead security reviewer for this project.

Do you have any inclination of when you'll be ready to start considering the self-assessment process?

We also have a Security Pals process that can assist you with preparing for the self assessment document if that would be of interest.

I've created a sec-assess-kubeflow channel if you'd like to discuss anything on Slack 🙏

[akgraner]

Hi Andrew et al, Thank you so much. We’re shooting for the end of August. Yes, the Security Pals process would be of interest. I’ve been looking through your guides and checklists so I can share with the team and we can start going through it. Anything you can/would like to share would be greatly appreciated. With gratitude, ~akgraner on behalf of the Kubeflow Security Team

On Thu, Aug 3, 2023 at 8:38 AM Andrew Martin ***@***.***> wrote: Hi @akgraner <https://github.com/akgraner> and team! I'll be the lead security reviewer for this project. Do you have any inclination of when you'll be ready to start considering the self-assessment process? We also have a Security Pals process that can assist you with preparing for the self assessment document if that would be of interest. I've created a sec-assess-kubeflow <https://app.slack.com/client/T08PSQ7BQ/C05L2H3CKJR> channel if you'd like to discuss anything on Slack 🙏 — Reply to this email directly, view it on GitHub <#1079 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/ABPJ3ZOAGEIICZ2KPAEZIBTXTOSV5ANCNFSM6AAAAAAYMK6XZU> . You are receiving this because you were mentioned.Message ID: ***@***.***>

-- Sent from Gmail Mobile

[yfolias]

I would like to volunteer for this review as well, if possible. No soft or hard conflicts on my end

[akgraner]

Thank you all so very much.

On Sat, Aug 12, 2023 at 2:29 PM Yannis Folias ***@***.***> wrote: I would like to volunteer for this review as well, if possible. No soft or hard conflicts on my end — Reply to this email directly, view it on GitHub <#1079 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/ABPJ3ZNXVLDLTUQPOB7DFMDXU7KQJANCNFSM6AAAAAAYMK6XZU> . You are receiving this because you were mentioned.Message ID: ***@***.***>

-- Sent from Gmail Mobile

[victorjunlu]

@sublimino Interested in volunteering for this review. This will be my second time volunteering as tag security reviewer. No conflict on my end.

[sublimino]

Hi @akgraner and team! I hope you've had a great summer. Do you have any indications of your timescale to start this assessment?

[vicenteherrera]

Hi, I would like also to help when this work continues. No conflicts here, just I'm usually into many fronts, but I'll find time for this.

[akgraner]

Awesome! Thank you all! ~Amber Sent from Gmail Mobile

…

On Wed, Dec 20, 2023 at 12:17 PM Vicente Herrera ***@***.***> wrote: Hi, I would like also to help when this work continues. No conflicts here, just I'm usually into many fronts, but I'll find time for this. — Reply to this email directly, view it on GitHub <#1079 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/ABPJ3ZMLD5FQCOI7EAK2V7TYKMTSVAVCNFSM6AAAAAAYMK6XZWVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTQNRUHEZDKMRXGM> . You are receiving this because you were mentioned.Message ID: ***@***.***>

[lcostea]

If possible I would like to be an observer. No conflicts on my end. Thanks.

[TheFoxAtWork]

@akgraner following up on this - is Kubeflow ready to engage with TAG Security on this? The joint-review will need members of Kubeflow to support TAG Security in completing the jointly completing the assessment.

[akgraner]

@TheFoxAtWork - we aren't ready for the official joint assessment, but we are working through the joint assessment.

[sublimino]

We have begun the security-pals self-assessment process today, with an intro call and working document.

The goals are to understand current security efforts, ensure collation of relevant documentation, and scope the joint assessment through the self-assessment document. We'll work through another meeting, present and gain corrections from the maintainers, and aim for the joint assessment post-Kubecon — where we hope to meet at the STAG Unconference 😊 Many thanks for attending @akgraner, your contributions are invaluable.

/cc @TheFoxAtWork

[TheFoxAtWork]

Wicked! Thanks!

[sublimino]

Hello all, we'll continue the self-assessment preparation this Wednesday 21st, 2pm UK time (other TZs):

Kubeflow Threat Model Working Session (TAG Security)
Wednesday, 21 February · 14:00 – 15:00
Time zone: Europe/London
Google Meet joining info
Video call link: https://meet.google.com/ayp-ctvn-oee
Or dial: ‪(GB) +44 20 3957 1685‬ PIN: ‪642 661 786‬#
More phone numbers: https://tel.meet/ayp-ctvn-oee?pin=5129528357352

[akgraner]

Thank you for setting this up. I’ll share with the team and get some more folks to contribute to the assignment and see if they can join. Sent from Gmail Mobile

…

On Fri, Feb 16, 2024 at 8:49 AM Andrew Martin ***@***.***> wrote: Hello all, we'll continue the self-assessment preparation this Wednesday 21st, 2pm UK time (other TZs <https://www.worldtimebuddy.com/?qm=1&lid=2643743,5397765,3169070&h=2643743&date=2024-2-21&sln=14-15&hf=1> ): Kubeflow Threat Model Working Session (TAG Security) Wednesday, 21 February · 14:00 – 15:00 Time zone: Europe/London Google Meet joining info Video call link: https://meet.google.com/ayp-ctvn-oee Or dial: ‪(GB) +44 20 3957 1685‬ PIN: ‪642 661 786‬# More phone numbers: https://tel.meet/ayp-ctvn-oee?pin=5129528357352 — Reply to this email directly, view it on GitHub <#1079 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/ABPJ3ZLXD4BT67GURRZZT5TYT5WWNAVCNFSM6AAAAAAYMK6XZWVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTSNBYGUZDCNRWHE> . You are receiving this because you were mentioned.Message ID: ***@***.***>

[JustinCappos]

This looks stalled. If not, please update the issue and I'll move it to the appropriate part of the queue

[mrcdb]

Hi @JustinCappos !

We are currently in a naive questions phase on this project, and we have set up a follow-up meeting with @akgraner to discuss the next steps for Tuesday, 9/4. Details have been shared in the Slack channel.

The working document (based on the self-assessment template) is here, we highlighted the open questions for the Kubeflow team: https://docs.google.com/document/d/1ROvqsHtmEOxbX3fvN1fkDCtELHaRRDdA-UKezz59ZKQ/edit#heading=h.ri0460k7tpla

[PushkarJ]

Signing off with co-chair hat that the reviewers have indicated looking at the GitHub issue comments that they do not have any conflicts.

(Please point me to a comment if there is one where a conflict of interest was highlighted that I missed)

[mrcdb]

@PushkarJ I confirm I have no hard or soft conflicts as a reviewer on this assessment.

[sublimino]

Hi @akgraner, congratulations on the Kubeflow 1.9 rc!

We're stalled waiting for comments from the project on the review doc https://docs.google.com/document/d/1ROvqsHtmEOxbX3fvN1fkDCtELHaRRDdA-UKezz59ZKQ/edit

We can't move further until we have more detailed guidance, so please let us know when there's likely to be bandwidth from the Kubeflow team and we can schedule in more time.