canmove, Confirmed users
1,220
edits
Security/B2G: Difference between revisions
Jump to navigation
Jump to search
→Ongoing work
Ptheriault (talk | contribs) |
Ptheriault (talk | contribs) |
||
| Line 13: | Line 13: | ||
|} | |} | ||
== | ==Team Responsibilities== | ||
==== Security Assurance ==== | |||
''Objective: “Ensure security throughout OS development lifecycle”'' | |||
* Embedding/team support/security guidance | |||
* Catching security oversights | |||
* Identifying and promoting good security practices (consistency, patterns and practices) | |||
* Closing the bug loop, pushing security bugs to resolution | |||
==== Security Improvement ==== | |||
''Objective: “Drive security improvements to support evolving device and app requirements, and to bring us to parity with other mobile platforms”'' | |||
* Update Firefox OS Application security model to address emerging APIs, use cases and threats | |||
* Coordinate between platform & B2G teams on security feature development | |||
* Contribute patches for minor security improvements | |||
* Coordinating/encouraging community security contributions | |||
* Drive development of new security features (e.g. crypto support) | |||
==== Ecosystem Security ==== | |||
''Objective: “Empower community to help secure Firefox OS”'' | |||
* Improve effectiveness and scalability of Marketplace security review process | |||
* Provide security guidance to developers & reviewers (e.g MDN documentation) | |||
* Development of tools for app developers & reviewers | |||
* App security incident response (vulnerable or malicious apps) | |||
==== Partner Security Program ==== | |||
''Objective: “Help and monitor partners to ensure our users are protected”'' | |||
* Work with partners to ensure security of vendor modifications & co-ordinate security updates | |||
* Enforce security through partner certification program | |||
* Security incident response, management, and partner fix coordination | |||
== Useful Links == | == Useful Links == | ||