Re: EdgeX Security?


White2, James
 

Hi James,

To date, we have not implemented security features.  We are currently working on some of the first security service implementations and it is our intention that security will be a major part of our California release.  You can checkout the Security Working Group meetings to see and hear (they are recorded) some of the work going on currently.



Jim White
Distinguished Engineer, Software Architect
Dell Technologies | End User Computing, Chief Technology Office (EUC CTO)
Office +1 512-723-6139, mobile/text +1 612-916-6693
james_white2@...


From: edgex-tsc-security-bounces@... <edgex-tsc-security-bounces@...> on behalf of James Kempf <kempf42@...>
Sent: Tuesday, December 19, 2017 10:21 PM
To: edgex-tsc-security@...
Subject: [Edgex-tsc-security] EdgeX Security?
 
Hi,

I'm looking into using EdgeX for an application but there does not seem to be any code there for security, just a whitepaper. Even the architecture seems to treat security as a kind of "nice idea but optional" as a kind of sidecar add-on rather than integrated into the basic operation. In contrast to, for example, Azure Hub, which has security build into the basic operation, requiring either X.509 certs or lightweight tokens to register a device and for a device to connect. And not allowing incoming requests unless they are authorized.

Is there any code currently in process to fix this?

                 jak

Join EdgeX-TSC-Security@lists.edgexfoundry.org to automatically receive all group messages.