singa-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Moaz Reyad (JIRA)" <>
Subject [jira] [Created] (SINGA-417) Adding security channel
Date Sat, 08 Dec 2018 17:29:00 GMT
Moaz Reyad created SINGA-417:

             Summary: Adding security channel
                 Key: SINGA-417
             Project: Singa
          Issue Type: New Feature
          Components: Documentation
            Reporter: Moaz Reyad

According to the [Apache Project Maturity Model|]:

??QU30: The project provides a well-documented, secure and private channel to report security
issues, along with a documented way of responding to them.??

??Apache projects can just point to [] or use their own security
contacts page, which should also point to that.??

This issue can be solved simply by adding a link to Apache Security page to SINGA website.

However, I would also suggest to :
 # create a sub team in SINGA (even starting with one person) for security
 # ask for an email security@singa.apache for project security contacts
 # create a new page for security in SINGA website
 # add SINGA security team (page and email) to [ASF Project Security Information page|]

Machine learning systems like SINGA may work with sensitive data (e.g. medical data, finance,
etc.) and SINGA provides distributed training where data and models can be shared in a network.
If SINGA security team provides details to ensure the best security practices, this can be
an important feature to show in SINGA now or in a future release.

This message was sent by Atlassian JIRA

View raw message