BMC threat model docs
jrey at linux.ibm.com
Thu Jul 18 02:26:49 AEST 2019
I got a private email asking
> [where are the] BMC project threat model documents?
The approved network threat model is here:
The threat model is very basic and does little more than identify
OpenBMC's network services. The level of detail was initially
superficial to get approval for the document. I hope to add more
details and add new sections for BMC network connections including LDAP,
remote logging, remote media, ip-kvm, event subscriptions, etc. Then
add a section for Redfish security considerations.
The network threat model is only a subset of the overall BMC threat
model. (For example, the BMC faces threats from its environment and its
host system.) The OpenBMC project has no overall BMC threat model, and
mine is in review here:
(You can find other threat model reviews by searching gerrit for
"threat" or "security").
I am using my review to collect information about BMC threats, which in
turn depends on how the BMC is used, so I am collecting information
about BMC use cases too. Any and all contributions are welcome, and can
be added as review comments, email to the community, or directly to me.
I am struggling with the threat model scope, and how to organize the
document. Any feedback is welcome.
More information about the openbmc