Imported Translations from Zanata
For more information about this automatic import see: https://docs.openstack.org/i18n/latest/reviewing-translation-import.html Change-Id: Icc053e7f8d079007c85ebcda8e9c4589f9b40a9c Signed-off-by: OpenStack Proposal Bot <openstack-infra@lists.openstack.org> Generated-By: openstack/openstack-zuul-jobs:roles/prepare-zanata-client/files/common_translation_update.sh
This commit is contained in:
OpenStack Proposal Bot
@@ -15,7 +15,7 @@ msgid ""
|
||||
msgstr ""
|
||||
"Project-Id-Version: Security Guide\n"
|
||||
"Report-Msgid-Bugs-To: \n"
|
||||
"POT-Creation-Date: 2021-01-22 18:38+0000\n"
|
||||
"POT-Creation-Date: 2025-09-12 18:32+0000\n"
|
||||
"MIME-Version: 1.0\n"
|
||||
"Content-Type: text/plain; charset=UTF-8\n"
|
||||
"Content-Transfer-Encoding: 8bit\n"
|
||||
@@ -332,40 +332,6 @@ msgstr ""
|
||||
"in ``/etc/nova/nova.conf`` auf einen Wert gesetzt ist, der nicht mit\n"
|
||||
"``https:// ``beginnt."
|
||||
|
||||
msgid ""
|
||||
"**Fail:** If value of parameter ``auth_protocol`` under "
|
||||
"``[keystone_authtoken]`` section in ``barbican.conf`` is set to ``http``, or "
|
||||
"if value of parameter ``identity_uri`` under ``[keystone_authtoken]`` "
|
||||
"section in ``barbican.conf`` is not set to Identity API endpoint starting "
|
||||
"with ``https://`` or value of parameter ``insecure`` under the same "
|
||||
"``[keystone_authtoken]`` section in the same ``barbican.conf`` is set to "
|
||||
"``True``."
|
||||
msgstr ""
|
||||
"** Fail: ** Wenn der Wert des Parameters ``auth_protocol ``unter "
|
||||
"``[keystone_authtoken]`` in ``barbican.conf`` auf ``http`` gesetzt ist oder "
|
||||
"wenn der Wert des Parameters ``identity_uri``unter "
|
||||
"``[keystone_authtoken]``Abschnitt in ``barbican.conf`` ist nicht auf den "
|
||||
"Identity API Endpunkt gesetzt, der mit ``https: //`` beginnt oder Wert des "
|
||||
"Parameters ``insecure`` unter demselben ``[ keystone_authtoken] `` Abschnitt "
|
||||
"im selben `` barbican.conf`` ist auf ``True`` gesetzt."
|
||||
|
||||
msgid ""
|
||||
"**Fail:** If value of parameter ``auth_protocol`` under "
|
||||
"``[keystone_authtoken]`` section in ``manila.conf`` is set to ``http``, or "
|
||||
"if value of parameter ``identity_uri`` under ``[keystone_authtoken]`` "
|
||||
"section in ``manila.conf`` is not set to Identity API endpoint starting with "
|
||||
"``https://`` or value of parameter ``insecure`` under the same "
|
||||
"``[keystone_authtoken]`` section in the same ``manila.conf`` is set to "
|
||||
"``True``."
|
||||
msgstr ""
|
||||
"**Fail:** Wenn der Wert des Parameters ``auth_protocol``unter ``\n"
|
||||
"[keystone_authtoken]``Abschnitt in ``manila.conf`` auf ``http``gesetzt\n"
|
||||
"ist oder wenn Wert des Parameters ``identity_uri`` unter `\n"
|
||||
"`[keystone_authtoken]``Abschnitt in ``manila.conf`` nicht auf Identity\n"
|
||||
"API Endpunkt ``https://`` oder Wert des Parameters ``insecure``\n"
|
||||
" unter dem gleichen ``[ keystone_authtoken]``Abschnitt in der gleichen ``\n"
|
||||
"manila.conf`` auf ``True``gesetzt ist."
|
||||
|
||||
msgid ""
|
||||
"**Fail:** If value of parameter ``auth_strategy`` under ``[DEFAULT]`` "
|
||||
"section in ``/etc/glance/glance-api.conf`` is set to ``noauth`` or value of "
|
||||
@@ -791,40 +757,6 @@ msgstr ""
|
||||
"`/ etc/nova/nova.conf`` auf einen Wert gesetzt ist, der mit` `https:\n"
|
||||
"//`` beginnt."
|
||||
|
||||
msgid ""
|
||||
"**Pass:** If value of parameter ``auth_protocol`` under "
|
||||
"``[keystone_authtoken]`` section in ``barbican.conf`` is set to ``https``, "
|
||||
"or if value of parameter ``identity_uri`` under ``[keystone_authtoken]`` "
|
||||
"section in ``barbican.conf`` is set to Identity API endpoint starting with "
|
||||
"``https://`` and value of parameter ``insecure`` under the same "
|
||||
"``[keystone_authtoken]`` section in the same ``barbican.conf`` is set to "
|
||||
"``False``."
|
||||
msgstr ""
|
||||
"** Pass: ** Wenn der Wert des Parameters ``auth_protocol`` unter "
|
||||
"``[keystone_authtoken] `` in ``barbican.conf`` auf ``https`` gesetzt ist "
|
||||
"oder wenn der Wert des Parameters ``identity_uri``unter "
|
||||
"``[keystone_authtoken]``Abschnitt in ``barbican.conf`` wird auf Identity API "
|
||||
"Endpunkt gesetzt, beginnend mit ``https: //``und Wert des "
|
||||
"Parameters``insecure`` unter demselben ``[keystone_authtoken ] `` Abschnitt "
|
||||
"in derselben ``barbican.conf`` ist auf ``False`` gesetzt."
|
||||
|
||||
msgid ""
|
||||
"**Pass:** If value of parameter ``auth_protocol`` under "
|
||||
"``[keystone_authtoken]`` section in ``manila.conf`` is set to ``https``, or "
|
||||
"if value of parameter ``identity_uri`` under ``[keystone_authtoken]`` "
|
||||
"section in ``manila.conf`` is set to Identity API endpoint starting with "
|
||||
"``https://`` and value of parameter ``insecure`` under the same "
|
||||
"``[keystone_authtoken]`` section in the same ``manila.conf`` is set to "
|
||||
"``False``."
|
||||
msgstr ""
|
||||
"**Pass:** Wenn der Wert des Parameters ``auth_protocol``unter ``\n"
|
||||
"[keystone_authtoken]`` Abschnitt in ``manila.conf`` auf ``https`` gesetzt\n"
|
||||
" ist oder wenn Wert des Parameters ``identity_uri`` unter `\n"
|
||||
"`[keystone_authtoken]``Abschnitt in ``manila.conf`` auf Identity API\n"
|
||||
"Endpunkt mit ``https://`` und Wert des Parameters ``insecure``\n"
|
||||
"unter dem gleichen ``[keystone_authtoken]``Abschnitt in der gleichen ``\n"
|
||||
"manila.conf`` auf ``False`` gesetzt ist."
|
||||
|
||||
msgid ""
|
||||
"**Pass:** If value of parameter ``auth_strategy`` under ``[DEFAULT]`` "
|
||||
"section in ``/etc/cinder/cinder.conf`` is set to ``keystone``."
|
||||
@@ -952,11 +884,11 @@ msgstr ""
|
||||
"existierende Datenträger wird die Option auf ``False`` setzen, und die "
|
||||
"derzeit unsichere Methode auf Behandlung der Dateirechte benutzen. Wenn der "
|
||||
"Wert des Parameter ``nas_secure_file_operations`` im ``[DEFAULT]`` Abschnitt "
|
||||
"in ``/etc/cinder/cinder.conf`` ist auf ``auto`` gesetzt. Wenn es auf \"auto"
|
||||
"\" gesetzt ist, wird ein Check beim Start von Cinder, ob kein Datenträger "
|
||||
"mit der Option ``True`` existiert, sicher ist und NICHT unter ``root`` "
|
||||
"Benutzer läuft. Die Untersuchung auf existierende Datenträger wird die "
|
||||
"Option auf ``False`` setzen, und die derzeit unsichere Methode von "
|
||||
"in ``/etc/cinder/cinder.conf`` ist auf ``auto`` gesetzt. Wenn es auf "
|
||||
"\"auto\" gesetzt ist, wird ein Check beim Start von Cinder, ob kein "
|
||||
"Datenträger mit der Option ``True`` existiert, sicher ist und NICHT unter "
|
||||
"``root`` Benutzer läuft. Die Untersuchung auf existierende Datenträger wird "
|
||||
"die Option auf ``False`` setzen, und die derzeit unsichere Methode von "
|
||||
"laufenden Betrieb als ``root`` Benutzer benutzen. Für neue Installationen, "
|
||||
"wurde eine \"Marker Datei\" geschrieben, sodass is written so dass "
|
||||
"nachfolgende Neustarts von Cinder wissen, was die ursprüngliche Bestimmung "
|
||||
@@ -1406,26 +1338,6 @@ msgstr ""
|
||||
"Instanzen geht über Hardware-Monitoring und Log-Dateien, die nur CRUD-"
|
||||
"Ereignisse enthalten können."
|
||||
|
||||
msgid ""
|
||||
"A common reason to perform a security review on an OpenStack project is to "
|
||||
"enable that project to achieve the *vulnerability:managed* governance tag. "
|
||||
"The OpenStack Vulnerability Management Team (VMT) applies the `vulnerability:"
|
||||
"managed tag <https://governance.openstack.org/reference/tags/"
|
||||
"vulnerability_managed.html>`_ to projects where the report reception and "
|
||||
"disclosure of vulnerabilities is managed by the VMT. One of the requirements "
|
||||
"for gaining the tag is that some form of security review, audit or threat "
|
||||
"analysis has been performed on the project."
|
||||
msgstr ""
|
||||
"Ein gemeinsamer Grund für die Durchführung einer Sicherheitsüberprüfung an "
|
||||
"einem OpenStack-Projekt ist es, dieses Projekt zu ermöglichen, um die "
|
||||
"*vulnerability:managed* governance tag zu erreichen. Das OpenStack "
|
||||
"Vulnerability Management Team (VMT) wendet das `vulnerability:managed tag` "
|
||||
"an <https://governance.openstack.org/reference/tags/vulnerability_managed."
|
||||
"html> `_ zu Projekten, bei denen der Bericht zu Empfang und die Offenlegung "
|
||||
"von Schwachstellen von der VMT verwaltet wird. Eine der Voraussetzungen für "
|
||||
"die Gewinnung des Tags ist, dass irgendeine Form von Sicherheitsüberprüfung, "
|
||||
"Audit- oder Bedrohungsanalyse auf dem Projekt durchgeführt wurde."
|
||||
|
||||
msgid ""
|
||||
"A complete tutorial on secure boot deployment is beyond the scope of this "
|
||||
"book. Instead, here we provide a framework for how to integrate secure boot "
|
||||
@@ -2722,9 +2634,6 @@ msgstr ""
|
||||
"Zum Beispiel Xen Server XSM oder Xen Security Modules, sVirt, Intel TXT oder "
|
||||
"AppArmor."
|
||||
|
||||
msgid "Ansible"
|
||||
msgstr "Ansible"
|
||||
|
||||
msgid ""
|
||||
"Any changes to ``/etc/manila/policy.json`` are effective immediately, which "
|
||||
"allows new policies to be implemented while the Shared File Systems service "
|
||||
@@ -4030,9 +3939,6 @@ msgstr ""
|
||||
msgid "Checklist"
|
||||
msgstr "Checkliste"
|
||||
|
||||
msgid "Chef"
|
||||
msgstr "Chef"
|
||||
|
||||
msgid ""
|
||||
"Cinder supports an NFS driver which works differently than a traditional "
|
||||
"block storage driver. The NFS driver does not actually allow an instance to "
|
||||
@@ -4069,11 +3975,11 @@ msgstr ""
|
||||
"Strings genauer an."
|
||||
|
||||
msgid ""
|
||||
"Cipher suites using the `RSA <https://en.wikipedia.org/wiki/RSA_"
|
||||
"%28cryptosystem%29>`_ exchange, authentication or either respectively."
|
||||
"Cipher suites using the `RSA <https://en.wikipedia.org/wiki/"
|
||||
"RSA_%28cryptosystem%29>`_ exchange, authentication or either respectively."
|
||||
msgstr ""
|
||||
"Cipher Suiten mit dem `RSA <https://en.wikipedia.org/wiki/RSA_%28cryptosystem"
|
||||
"%29>``Austausch, Authentifizierung oder entweder."
|
||||
"Cipher Suiten mit dem `RSA <https://en.wikipedia.org/wiki/"
|
||||
"RSA_%28cryptosystem%29>``Austausch, Authentifizierung oder entweder."
|
||||
|
||||
msgid ""
|
||||
"Client authentication with TLS requires certificates be issued to services. "
|
||||
@@ -7486,20 +7392,6 @@ msgstr ""
|
||||
"verwaltet werden müssen: diejenigen, die ein Keystone-Token für den Zugriff "
|
||||
"erfordern, und solche, die dies nicht tun."
|
||||
|
||||
msgid ""
|
||||
"In cases where a security review has already been performed by a third "
|
||||
"party, or where a project prefers to use a third party to perform their "
|
||||
"review, information on how to take the output of that third party review and "
|
||||
"submit it to the OSSP for validation will be available in the upcoming third "
|
||||
"party security review process."
|
||||
msgstr ""
|
||||
"In Fällen, in denen eine Sicherheitsüberprüfung bereits von einem Dritten "
|
||||
"durchgeführt wurde oder wenn ein Projekt es vorzieht, einen Dritten zur "
|
||||
"Durchführung seiner Überprüfung zu verwenden, Informationen darüber, wie die "
|
||||
"Ausgabe dieser Drittpartei überprüft werden kann, und übermittelt sie dem "
|
||||
"OSSP zur Validierung wird in der bevorstehenden Drittanbieter-"
|
||||
"Sicherheitsprüfung zur Verfügung stehen."
|
||||
|
||||
msgid ""
|
||||
"In cases where software termination offers insufficient performance, "
|
||||
"hardware accelerators may be worth exploring as an alternative option. It is "
|
||||
@@ -8291,22 +8183,6 @@ msgstr ""
|
||||
"authentication-and-access-control` für alle Komponenten, die eine RPC-"
|
||||
"Kommunikation erfordern."
|
||||
|
||||
msgid ""
|
||||
"It is recommended to avoid the manual image building process as it is "
|
||||
"complex and prone to error. Additionally, using an automated system like Oz "
|
||||
"for image building or a configuration management utility like Chef or Puppet "
|
||||
"for post-boot image hardening gives you the ability to produce a consistent "
|
||||
"image as well as track compliance of your base image to its respective "
|
||||
"hardening guidelines over time."
|
||||
msgstr ""
|
||||
"Es wird empfohlen, den manuellen Abbildaufbau zu vermeiden, da er komplex "
|
||||
"und fehleranfällig ist. Darüber hinaus bietet Ihnen die Verwendung eines "
|
||||
"automatisierten Systems wie Oz für das Image-Building oder ein "
|
||||
"Konfigurationsmanagement-Dienstprogramm wie Chef oder Puppet für die Post-"
|
||||
"Boot-Image-Härtung die Möglichkeit, über die Zeit ein konsistentes Abbild zu "
|
||||
"erstellen und die Übereinstimmung Ihres Basisbildes mit den jeweiligen "
|
||||
"Härtungsrichtlinien zu verfolgen."
|
||||
|
||||
msgid ""
|
||||
"It should be noted that with this type of implementation sensitive access "
|
||||
"tokens will be stored in the browser and will be transmitted with each "
|
||||
@@ -10196,20 +10072,6 @@ msgstr ""
|
||||
"Konsolenzugriff auf Instanzen für Tenants und Administratoren erfolgt, die "
|
||||
"das VNC-Protokoll (Virtual Network Computer) verwenden."
|
||||
|
||||
msgid ""
|
||||
"OpenStack components communicate with each other using various protocols and "
|
||||
"communication might involve sensitive or confidential data. An attacker may "
|
||||
"try to eavesdrop on the channel in order to get access to sensitive "
|
||||
"information. Therefore all components must communicate with each other using "
|
||||
"a secured communication protocol."
|
||||
msgstr ""
|
||||
"OpenStack-Komponenten kommunizieren miteinander unter Verwendung "
|
||||
"verschiedener Protokolle, und die Kommunikation kann sensitive oder "
|
||||
"vertrauliche Daten beinhalten. Ein Angreifer kann versuchen, den Kanal zu "
|
||||
"belauschen, um Zugriff auf vertrauliche Informationen zu erhalten. Daher "
|
||||
"müssen alle Komponenten miteinander über ein gesichertes "
|
||||
"Kommunikationsprotokoll kommunizieren."
|
||||
|
||||
msgid ""
|
||||
"OpenStack components communicate with each other using various protocols and "
|
||||
"the communication might involve sensitive / confidential data. An attacker "
|
||||
@@ -11542,16 +11404,6 @@ msgstr "Beschränkung der Bindungsadresse für MySQL"
|
||||
msgid "Restricting listen address for PostgreSQL"
|
||||
msgstr "Die Listener-Adresse für PostgreSQL einschränken"
|
||||
|
||||
msgid "Review by OpenStack Security Project"
|
||||
msgstr "Überprüfung durch OpenStack Security Project"
|
||||
|
||||
msgid ""
|
||||
"Review by a third party review body, with validation from the OpenStack "
|
||||
"Security Project"
|
||||
msgstr ""
|
||||
"Überprüfung durch eine Drittanbieter-Überprüfung, mit Validierung aus dem "
|
||||
"OpenStack Security Project"
|
||||
|
||||
msgid "Review common security principles."
|
||||
msgstr "Überprüfen Sie die gemeinsamen Sicherheitsgrundsätze."
|
||||
|
||||
@@ -11627,12 +11479,12 @@ msgstr "Runtime Verifizierung"
|
||||
|
||||
msgid ""
|
||||
"SANS Technology Institute, InfoSec Handlers Diary Blog. 2012. `Hacking "
|
||||
"servers that are turned off <https://isc.sans.edu/diary/IPMI%3A+Hacking"
|
||||
"+servers+that+are+turned+%22off%22/13399>`__"
|
||||
"servers that are turned off <https://isc.sans.edu/diary/"
|
||||
"IPMI%3A+Hacking+servers+that+are+turned+%22off%22/13399>`__"
|
||||
msgstr ""
|
||||
"SANS Technology Institute, InfoSec Handler Tagebuch Blog. 2012. `Hacking "
|
||||
"Server, die ausgeschaltet sind <https://isc.sans.edu/diary/IPMI%3A+Hacking"
|
||||
"+servers+that+are+turned+%22off%22/13399> `__"
|
||||
"Server, die ausgeschaltet sind <https://isc.sans.edu/diary/"
|
||||
"IPMI%3A+Hacking+servers+that+are+turned+%22off%22/13399> `__"
|
||||
|
||||
msgid ""
|
||||
"SDN services node: Management, guest and possibly public depending upon "
|
||||
@@ -11722,9 +11574,6 @@ msgstr ""
|
||||
"werden. Um diese Funktion zu aktivieren, muss zunächst ein OpenStack Key "
|
||||
"Manager-Dienst im Stack bereitgestellt werden."
|
||||
|
||||
msgid "Salt Stack"
|
||||
msgstr "Salt Stack"
|
||||
|
||||
msgid ""
|
||||
"Sanitize portable, removable storage devices prior to connecting such "
|
||||
"devices to the cloud infrastructure."
|
||||
@@ -11763,15 +11612,6 @@ msgstr "Sichere Speicher-Backends"
|
||||
msgid "Secret store plugins"
|
||||
msgstr "Secret store plugins"
|
||||
|
||||
msgid ""
|
||||
"Secret store plugins interface with secure storage systems to store the "
|
||||
"secrets within those systems. There are two types of secret store plugins: "
|
||||
"the KMIP plugin and the Dogtag plugin."
|
||||
msgstr ""
|
||||
"Secret Store-Plugins verbinden sich mit sicheren Speichersystemen, um die "
|
||||
"Geheimnisse innerhalb dieser Systeme zu speichern. Es gibt zwei Arten von "
|
||||
"Secret Store Plugins: das KMIP Plugin und das Dogtag Plugin."
|
||||
|
||||
msgid "Secrets Management"
|
||||
msgstr "Geheimnisverwaltung"
|
||||
|
||||
@@ -11970,20 +11810,6 @@ msgstr "Sicherheitsreferenzen für Datenbank-Backends"
|
||||
msgid "Security review"
|
||||
msgstr "Sicherheitsüberprüfung"
|
||||
|
||||
msgid ""
|
||||
"Security review by the OSSP is expected to be the normal route for new "
|
||||
"projects and for cases where third parties have not performed security "
|
||||
"reviews or are unable to share their results. Information for projects that "
|
||||
"require a security review by the OSSP will be available in the upcoming "
|
||||
"security review process."
|
||||
msgstr ""
|
||||
"Die Sicherheitsüberprüfung durch die OSSP wird voraussichtlich die normale "
|
||||
"Route für neue Projekte und für Fälle, in denen Dritte keine "
|
||||
"Sicherheitsüberprüfungen durchgeführt haben oder nicht in der Lage sind, "
|
||||
"ihre Ergebnisse zu teilen. Informationen für Projekte, die eine "
|
||||
"Sicherheitsüberprüfung durch die OSSP erfordern, werden im bevorstehenden "
|
||||
"Sicherheitsüberprüfungsprozess zur Verfügung stehen."
|
||||
|
||||
msgid "Security reviews"
|
||||
msgstr "Sicherheitsauswertungen"
|
||||
|
||||
@@ -12998,21 +12824,6 @@ msgstr ""
|
||||
"und Mängel in der Gestaltung und Architektur von Diensten zu identifizieren "
|
||||
"und Kontrollen oder Korrekturen vorzuschlagen, um diese Probleme zu lösen."
|
||||
|
||||
msgid ""
|
||||
"The Barbican threat analysis identified eight security findings and two "
|
||||
"recommendations to improve the security of a barbican deployment. These "
|
||||
"results can be reviewed in the `security analysis repo <https://github.com/"
|
||||
"openstack/security-analysis/tree/master/doc/source/artifacts/barbican/"
|
||||
"newton>`_., along with the Barbican architecture diagram and architecture "
|
||||
"description page."
|
||||
msgstr ""
|
||||
"Die Barbican Threat-Analyse identifzierte acht Sicherheitslücken und zwei "
|
||||
"Empfehlungen zur Verbesserung der Sicherheit von Barbican Bereitstellungen. "
|
||||
"Diese Ergebnisse können nachgelesen werden im `security analysis repo "
|
||||
"<https://github.com/openstack/security-analysis/tree/master/doc/source/"
|
||||
"artifacts/barbican/newton>`_., zusammen mit dem Barbican Architekturdiagramm "
|
||||
"und Seite der Architekturbeschreibung."
|
||||
|
||||
msgid ""
|
||||
"The CSA CCM is specifically designed to provide fundamental security "
|
||||
"principles to guide cloud vendors and to assist prospective cloud customers "
|
||||
@@ -13352,9 +13163,9 @@ msgid ""
|
||||
"The Health Insurance Portability and Accountability Act (HIPAA) is a United "
|
||||
"States congressional act that governs the collection, storage, use and "
|
||||
"destruction of patient health records. The act states that Protected Health "
|
||||
"Information (PHI) must be rendered \"unusable, unreadable, or indecipherable"
|
||||
"\" to unauthorized persons and that encryption for data 'at-rest' and "
|
||||
"'inflight' should be addressed."
|
||||
"Information (PHI) must be rendered \"unusable, unreadable, or "
|
||||
"indecipherable\" to unauthorized persons and that encryption for data 'at-"
|
||||
"rest' and 'inflight' should be addressed."
|
||||
msgstr ""
|
||||
"Der Health Insurance Portability and Accountability Act (HIPAA) ist ein "
|
||||
"Kongressgesetz der Vereinigten Staaten, das die Erhebung, Speicherung, "
|
||||
@@ -13527,8 +13338,8 @@ msgstr ""
|
||||
"formalen Zertifizierung angesprochen. Dies beinhaltet in der Regel die "
|
||||
"Implementierung einer segregierten Cloud-Umgebung nach Praktiken auf der "
|
||||
"Grundlage des NIST 800-53 Framework, wie pro FISMA Anforderungen, ergänzt "
|
||||
"mit zusätzlichen Kontrollen, Beschränkung des Zugang nur durch \"US-Personen"
|
||||
"\" und Background-Screening."
|
||||
"mit zusätzlichen Kontrollen, Beschränkung des Zugang nur durch \"US-"
|
||||
"Personen\" und Background-Screening."
|
||||
|
||||
msgid ""
|
||||
"The KVM hypervisor has been Common Criteria certified through the U.S. "
|
||||
@@ -13872,44 +13683,6 @@ msgstr ""
|
||||
"Sicherheitskontrollen aufgrund von Komplexität oder anderen umweltbezogenen "
|
||||
"Details nicht möglich sind."
|
||||
|
||||
msgid ""
|
||||
"The OpenStack Security Project (OSSP) has worked with the VMT to agree that "
|
||||
"an architectural review of the best practice deployment for a project is an "
|
||||
"appropriate form of security review, balancing the need for review with the "
|
||||
"resource requirements for a project of the scale of OpenStack. Security "
|
||||
"architecture review is also often referred to as *threat analysis*, "
|
||||
"*security analysis* or *threat modeling*. In the context of OpenStack "
|
||||
"security review, these terms are synonymous for an architectural security "
|
||||
"review which may identify defects in the design of a project or reference "
|
||||
"architecture, and may lead to further investigative work to verify parts of "
|
||||
"the implementation."
|
||||
msgstr ""
|
||||
"Das OpenStack Security Project (OSSP) hat mit der VMT zusammengearbeitet, um "
|
||||
"zuzustimmen, dass eine architektonische Überprüfung der Best Practice-"
|
||||
"Implementierung für ein Projekt eine angemessene Form der "
|
||||
"Sicherheitsüberprüfung ist, die die Notwendigkeit einer Überprüfung mit den "
|
||||
"Ressourcenanforderungen für ein Projekt der Skala ausgleicht OpenStack "
|
||||
"Security Architecture Review wird auch oft als *Bedrohungsanalyse*, "
|
||||
"*Sicherheitsanalyse* oder *Bedrohungsmodellierung* bezeichnet. Im Rahmen der "
|
||||
"OpenStack-Sicherheitsüberprüfung sind diese Begriffe gleichbedeutend mit "
|
||||
"einer architektonischen Sicherheitsüberprüfung, die Fehler bei der "
|
||||
"Gestaltung einer Projekt- oder Referenzarchitektur erkennen kann und zu "
|
||||
"weiteren Untersuchungsarbeiten führen kann, um Teile der Implementierung zu "
|
||||
"überprüfen."
|
||||
|
||||
msgid ""
|
||||
"The OpenStack Security team is based on voluntary contributions from the "
|
||||
"OpenStack community. You can contact the security community directly in the "
|
||||
"#openstack-security channel on Freenode IRC, or by sending mail to the "
|
||||
"openstack-discuss mailing list with the [security] prefix in the subject "
|
||||
"header."
|
||||
msgstr ""
|
||||
"Das OpenStack Security Team basiert auf freiwilligen Beiträgen der OpenStack "
|
||||
"Community. Sie können die Sicherheits-Community direkt im #openstack-"
|
||||
"security-Kanal auf Freenode IRC kontaktieren oder per E-Mail an die "
|
||||
"openstack-discuss Mailingliste mit dem [security] Präfix im Betreffkopf "
|
||||
"senden."
|
||||
|
||||
msgid ""
|
||||
"The OpenStack components are only a small fraction of the software in a "
|
||||
"cloud. It is important to keep up to date with all of these other "
|
||||
@@ -13957,25 +13730,6 @@ msgstr ""
|
||||
"folgt, sollte sorgfältig ausgewertet werden, bevor die Beschränkungen\n"
|
||||
"entspannt werden."
|
||||
|
||||
msgid ""
|
||||
"The PKCS#11 crypto plugin can be used to interface with a Hardware Security "
|
||||
"Module (HSM) using the PKCS#11 protocol. Secrets are encrypted (and "
|
||||
"decrypted on retrieval) by a project specific Key Encryption Key (KEK) which "
|
||||
"resides in the HSM. Since a different KEK is used for each project, and "
|
||||
"since the KEKs are stored inside an HSM (instead of in plaintext in the "
|
||||
"configuration file) the PKCS#11 plugin is much more secure than the simple "
|
||||
"crypto plugin. It is the most popular back end amongst Barbican deployments."
|
||||
msgstr ""
|
||||
"Das PKCS#11-Crypto-Plugin kann zur Verbindung mit einem Hardware-"
|
||||
"Sicherheitsmodul (HSM) unter Verwendung des PKCS#11-Protokolls verwendet "
|
||||
"werden. Secrets werden durch einen projektspezifischen Key Encryption Key "
|
||||
"(KEK), der sich im HSM befindet, verschlüsselt (und beim Entschlüsseln "
|
||||
"entschlüsselt). Da für jedes Projekt ein anderes KEK verwendet wird und die "
|
||||
"KEKs innerhalb eines HSM (statt in Klartext in der Konfigurationsdatei) "
|
||||
"gespeichert werden, ist das Plugin PKCS #11 wesentlich sicherer als das "
|
||||
"einfache Krypto-Plugin. Es ist das beliebteste Back-End unter den Barbican-"
|
||||
"Einsätzen."
|
||||
|
||||
msgid ""
|
||||
"The Payment Card Industry Data Security Standard (PCI DSS) is defined by the "
|
||||
"Payment Card Industry Standards Council, and created to increase controls "
|
||||
@@ -15046,25 +14800,6 @@ msgstr ""
|
||||
"die Ihre OpenStack-Implementierung umfassen, die täglichen Aktionen von "
|
||||
"Administratoren, Tenants und Gästen."
|
||||
|
||||
msgid ""
|
||||
"The goal of security review in the OpenStack community is to identify "
|
||||
"weaknesses in design or implementation of OpenStack projects. While rare, "
|
||||
"these weaknesses could potentially have catastrophic effects on the security "
|
||||
"of an OpenStack deployment, and therefore work should be undertaken to "
|
||||
"minimize the likelihood of these defects in released projects. The OpenStack "
|
||||
"Security Project asserts that once a security review of a project has been "
|
||||
"completed, the following are known and documented:"
|
||||
msgstr ""
|
||||
"Das Ziel der Sicherheitsüberprüfung in der OpenStack-Community ist es, "
|
||||
"Schwachstellen bei der Gestaltung oder Implementierung von OpenStack-"
|
||||
"Projekten zu identifizieren. Zwar könnten diese Schwächen potenziell "
|
||||
"katastrophale Auswirkungen auf die Sicherheit eines OpenStack-Einsatzes "
|
||||
"haben und deshalb sollte die Arbeit unternommen werden, um die "
|
||||
"Wahrscheinlichkeit dieser Mängel bei freigegebenen Projekten zu minimieren. "
|
||||
"Das OpenStack Security Project behauptet, dass nach dem Abschluss einer "
|
||||
"Sicherheitsüberprüfung eines Projektes folgendes bekannt und dokumentiert "
|
||||
"ist:"
|
||||
|
||||
msgid ""
|
||||
"The importance of encrypting data on behalf of tenants is largely related to "
|
||||
"the risk assumed by a provider that an attacker could access tenant data. "
|
||||
@@ -15816,18 +15551,6 @@ msgstr ""
|
||||
"Cloud-Architekten oder Betreiber vielleicht den Rat von Branchenführern und "
|
||||
"Anbietern zusätzlich zu den hier empfohlenen Anleitungen suchen möchten."
|
||||
|
||||
msgid ""
|
||||
"There are many configuration management solutions; at the time of this "
|
||||
"writing there are two in the marketplace that are robust in their support of "
|
||||
"OpenStack environments: :term:`Chef` and :term:`Puppet`. A non-exhaustive "
|
||||
"listing of tools in this space is provided below:"
|
||||
msgstr ""
|
||||
"Es gibt viele Konfigurationsmanagementlösungen. Zum Zeitpunkt dieses "
|
||||
"Schreibens gibt es zwei auf dem Markt, die in ihrer Unterstützung von "
|
||||
"OpenStack-Umgebungen robust sind: :term:`Chef` und :term:`Puppet`. Eine "
|
||||
"nicht erschöpfende Auflistung der Werkzeuge in diesem Raum ist unten "
|
||||
"angegeben:"
|
||||
|
||||
msgid ""
|
||||
"There are no general provisions for granular control of database operations "
|
||||
"in OpenStack. Access and privileges are granted simply based on whether a "
|
||||
@@ -15877,13 +15600,14 @@ msgstr ""
|
||||
"Es gibt verschiedene Wegen ein Blockdevice zu löschen (wipe). Der "
|
||||
"traditionelle Weg ist ``lvm_type`` auf ``thin`` zu setzen und dann den "
|
||||
"``volume_clear`` Parameter mit dem LVM backend zu verwenden. Alternativ, "
|
||||
"wenn die Datenträgerverschlüsselungsfunktion verwendet wird ist kein \"wipe"
|
||||
"\" zum löschen notwendig, wenn der zur Datenträgerverschlüsselung verwendete "
|
||||
"Schlüssel gelöscht wird. Weitere Hinweise finden Sie in der OpenStack "
|
||||
"Konfigurationsreferenz unter `Volume Encryption <https://docs.openstack.org/"
|
||||
"cinder/latest/configuration/block-storage/volume-encryption.html>`__ bei den "
|
||||
"Setup Details sowie im `Castellan usage <https://docs.openstack.org/"
|
||||
"castellan/latest/user/index.html>`__ Dokument zum löschen von Schlüsseln."
|
||||
"wenn die Datenträgerverschlüsselungsfunktion verwendet wird ist kein "
|
||||
"\"wipe\" zum löschen notwendig, wenn der zur Datenträgerverschlüsselung "
|
||||
"verwendete Schlüssel gelöscht wird. Weitere Hinweise finden Sie in der "
|
||||
"OpenStack Konfigurationsreferenz unter `Volume Encryption <https://docs."
|
||||
"openstack.org/cinder/latest/configuration/block-storage/volume-encryption."
|
||||
"html>`__ bei den Setup Details sowie im `Castellan usage <https://docs."
|
||||
"openstack.org/castellan/latest/user/index.html>`__ Dokument zum löschen von "
|
||||
"Schlüsseln."
|
||||
|
||||
msgid ""
|
||||
"There are situations where there is a security requirement to assure the "
|
||||
@@ -15904,13 +15628,6 @@ msgstr ""
|
||||
"Es gibt einige wichtige Abschnitte zur Architekturseite, die im Folgenden "
|
||||
"näher erläutert werden:"
|
||||
|
||||
msgid ""
|
||||
"There are two routes that an OpenStack project may take to complete a "
|
||||
"security review:"
|
||||
msgstr ""
|
||||
"Es gibt zwei Routen, die ein OpenStack-Projekt ergreifen kann, um eine "
|
||||
"Sicherheitsüberprüfung abzuschließen:"
|
||||
|
||||
msgid "There are two types of SOC 1 reports:"
|
||||
msgstr "Es gibt zwei Arten von SOC 1 reports:"
|
||||
|
||||
@@ -17646,29 +17363,6 @@ msgstr ""
|
||||
"Ihnen, Ihre OpenStack SSL/TLS-Anforderungen zu bewerten und einer der hier "
|
||||
"besprochenen Architekturen zu folgen."
|
||||
|
||||
msgid ""
|
||||
"We recommend using a separate, isolated network within the management "
|
||||
"security domain for provisioning. This network will handle all PXE traffic, "
|
||||
"along with the subsequent boot stage downloads depicted above. Note that the "
|
||||
"node boot process begins with two insecure operations: DHCP and TFTP. Then "
|
||||
"the boot process uses TLS to download the remaining information required to "
|
||||
"deploy the node. This may be an operating system installer, a basic install "
|
||||
"managed by `Chef <https://www.chef.io/chef/>`__ or `Puppet <https://"
|
||||
"puppetlabs.com/>`__, or even a complete file system image that is written "
|
||||
"directly to disk."
|
||||
msgstr ""
|
||||
"Wir empfehlen, ein separates, isoliertes Netzwerk innerhalb der "
|
||||
"Verwaltungssicherheitsdomäne für die Bereitstellung zu verwenden. Dieses "
|
||||
"Netzwerk verarbeitet alle PXE-Traffic, zusammen mit den nachfolgenden "
|
||||
"Bootstudien-Downloads, die oben dargestellt sind. Beachten Sie, dass der "
|
||||
"Knoten-Bootvorgang mit zwei unsicheren Operationen beginnt: DHCP und TFTP. "
|
||||
"Dann verwendet der Boot-Prozess TLS, um die restlichen Informationen "
|
||||
"herunterzuladen, die für die Bereitstellung des Knotens erforderlich sind. "
|
||||
"Dies kann ein Betriebssystem-Installationsprogramm sein, eine grundlegende "
|
||||
"Installation, die von `Chef verwaltet wird <https://www.chef.io/chef/>`__ "
|
||||
"oder` Puppet <https://puppetlabs.com/>`__, oder sogar ein komplettes "
|
||||
"Dateisystembild, das direkt auf die Festplatte geschrieben wird."
|
||||
|
||||
msgid ""
|
||||
"We recommend you disable filters that parse things that are provided by "
|
||||
"users or are able to be manipulated such as metadata."
|
||||
@@ -18899,11 +18593,6 @@ msgstr "`Oozie <https://oozie.apache.org>`_"
|
||||
msgid "`OpenSCAP <https://www.open-scap.org/>`_"
|
||||
msgstr "`OpenSCAP <https://www.open-scap.org/>`_"
|
||||
|
||||
msgid ""
|
||||
"`OpenSSL and FIPS 140-2 <http://www.openssl.org/docs/fips/fipsnotes.html>`_"
|
||||
msgstr ""
|
||||
"`OpenSSL und FIPS 140-2 <http://www.openssl.org/docs/fips/fipsnotes.html>`_"
|
||||
|
||||
msgid "`Pig <https://pig.apache.org>`_"
|
||||
msgstr "`Pig <https://pig.apache.org>`_"
|
||||
|
||||
@@ -19000,12 +18689,12 @@ msgstr "`Tripwire <http://sourceforge.net/projects/tripwire/>`__"
|
||||
|
||||
msgid ""
|
||||
"`Trusted Security Principles <http://www.aicpa.org/interestareas/"
|
||||
"informationtechnology/resources/soc/trustservices/pages/trust%20services"
|
||||
"%20principles—an%20overview.aspx>`_"
|
||||
"informationtechnology/resources/soc/trustservices/pages/"
|
||||
"trust%20services%20principles—an%20overview.aspx>`_"
|
||||
msgstr ""
|
||||
"`Trusted Security Principles <http://www.aicpa.org/interestareas/"
|
||||
"informationtechnology/resources/soc/trustservices/pages/trust%20services"
|
||||
"%20principles—an%20overview.aspx> `_"
|
||||
"informationtechnology/resources/soc/trustservices/pages/"
|
||||
"trust%20services%20principles—an%20overview.aspx> `_"
|
||||
|
||||
msgid ""
|
||||
"`U.S. NIST FIPS PUB 180-3 <http://csrc.nist.gov/publications/fips/fips180-3/"
|
||||
|
||||
@@ -13,7 +13,7 @@ msgid ""
|
||||
msgstr ""
|
||||
"Project-Id-Version: Security Guide\n"
|
||||
"Report-Msgid-Bugs-To: \n"
|
||||
"POT-Creation-Date: 2021-01-22 18:38+0000\n"
|
||||
"POT-Creation-Date: 2025-09-12 18:32+0000\n"
|
||||
"MIME-Version: 1.0\n"
|
||||
"Content-Type: text/plain; charset=UTF-8\n"
|
||||
"Content-Transfer-Encoding: 8bit\n"
|
||||
@@ -311,40 +311,6 @@ msgstr ""
|
||||
"``api_servers`` di bawah bagian ``[glance]`` di ``/etc/nova/nova.conf`` "
|
||||
"diatur ke nilai yang tidak dimulai dengan ``https://``."
|
||||
|
||||
msgid ""
|
||||
"**Fail:** If value of parameter ``auth_protocol`` under "
|
||||
"``[keystone_authtoken]`` section in ``barbican.conf`` is set to ``http``, or "
|
||||
"if value of parameter ``identity_uri`` under ``[keystone_authtoken]`` "
|
||||
"section in ``barbican.conf`` is not set to Identity API endpoint starting "
|
||||
"with ``https://`` or value of parameter ``insecure`` under the same "
|
||||
"``[keystone_authtoken]`` section in the same ``barbican.conf`` is set to "
|
||||
"``True``."
|
||||
msgstr ""
|
||||
"**Fail:** Jika nilai parameter ``auth_protocol`` di bawah bagian "
|
||||
"``[keystone_authtoken]``dalam ``barbican.conf`` diatur ke ``http``, atau "
|
||||
"jika nilai parameter ``identity_uri`` di bawah bagian "
|
||||
"``[keystone_authtoken]`` dalam ``barbican.conf`` tidak disetel ke Identity "
|
||||
"API endpoint yang dimulai dengan ``https://`` atau nilai parameter "
|
||||
"``insecure`` dibawah bagian ``[keystone_authtoken]`` yang sama dalam "
|
||||
"``barbican.conf`` yang sama diatur ke ``True``."
|
||||
|
||||
msgid ""
|
||||
"**Fail:** If value of parameter ``auth_protocol`` under "
|
||||
"``[keystone_authtoken]`` section in ``manila.conf`` is set to ``http``, or "
|
||||
"if value of parameter ``identity_uri`` under ``[keystone_authtoken]`` "
|
||||
"section in ``manila.conf`` is not set to Identity API endpoint starting with "
|
||||
"``https://`` or value of parameter ``insecure`` under the same "
|
||||
"``[keystone_authtoken]`` section in the same ``manila.conf`` is set to "
|
||||
"``True``."
|
||||
msgstr ""
|
||||
"**Fail:** Jika nilai parameter ``auth_protocol`` dibawah bagian "
|
||||
"``[keystone_authtoken]`` dalam ``manila.conf`` diatur ke ``http``, atau jika "
|
||||
"nilai parameter ``identity_uri`` dibawah bagian ``[keystone_authtoken]`` "
|
||||
"dalam ``manila.conf`` tidak disetel ke titik akhir API Identitas yang "
|
||||
"dimulai dengan ``https://`` atau nilai parameter ``insecure`` dibawah bagian "
|
||||
"``[keystone_authtoken]`` yang sama dalam ``manila.conf`` yang sama diatur ke "
|
||||
"``True``."
|
||||
|
||||
msgid ""
|
||||
"**Fail:** If value of parameter ``auth_strategy`` under ``[DEFAULT]`` "
|
||||
"section in ``/etc/glance/glance-api.conf`` is set to ``noauth`` or value of "
|
||||
@@ -836,40 +802,6 @@ msgstr ""
|
||||
"``api_servers`` di bawah bagian ``[glance]``` dalam ``/etc/nova/nova.conf`` "
|
||||
"diatur ke nilai yang dimulai dengan ``https://``."
|
||||
|
||||
msgid ""
|
||||
"**Pass:** If value of parameter ``auth_protocol`` under "
|
||||
"``[keystone_authtoken]`` section in ``barbican.conf`` is set to ``https``, "
|
||||
"or if value of parameter ``identity_uri`` under ``[keystone_authtoken]`` "
|
||||
"section in ``barbican.conf`` is set to Identity API endpoint starting with "
|
||||
"``https://`` and value of parameter ``insecure`` under the same "
|
||||
"``[keystone_authtoken]`` section in the same ``barbican.conf`` is set to "
|
||||
"``False``."
|
||||
msgstr ""
|
||||
"**Pass:** Jika nilai parameter ``auth_protocol`` di bawah bagian "
|
||||
"``[keystone_authtoken] `` di ``barbican.conf`` diatur ke ``https``, atau "
|
||||
"jika nilai parameter ``identity_uri`` di bawah ``[keystone_authtoken ]`` di "
|
||||
"``barbican.conf`` disetel ke Identity API endpoint yang dimulai dengan "
|
||||
"``https: // `` dan nilai parameter ``insecure`` di bawah bagian "
|
||||
"``[keystone_authtoken]`` yang sama dalam ``barbican.conf`` yang sama diatur "
|
||||
"ke ``False``."
|
||||
|
||||
msgid ""
|
||||
"**Pass:** If value of parameter ``auth_protocol`` under "
|
||||
"``[keystone_authtoken]`` section in ``manila.conf`` is set to ``https``, or "
|
||||
"if value of parameter ``identity_uri`` under ``[keystone_authtoken]`` "
|
||||
"section in ``manila.conf`` is set to Identity API endpoint starting with "
|
||||
"``https://`` and value of parameter ``insecure`` under the same "
|
||||
"``[keystone_authtoken]`` section in the same ``manila.conf`` is set to "
|
||||
"``False``."
|
||||
msgstr ""
|
||||
"**Pass:** Jika nilai parameter ``auth_protocol`` dibawah bagian "
|
||||
"``[keystone_authtoken]`` dalam ``manila.conf`` diatur ke ``https``, atau "
|
||||
"jika nilai parameter ``identity_uri`` dibawah bagian "
|
||||
"``[keystone_authtoken]`` dalam ``manila.conf`` diatur ke Identity API "
|
||||
"endpoint yang dimulai dengan ``https://`` dan nilai parameter ``insecure`` "
|
||||
"dibawah bagian ``[keystone_authtoken]`` yang sama dalam ``manila.conf`` "
|
||||
"yang sama diatur ke ``False``."
|
||||
|
||||
msgid ""
|
||||
"**Pass:** If value of parameter ``auth_strategy`` under ``[DEFAULT]`` "
|
||||
"section in ``/etc/cinder/cinder.conf`` is set to ``keystone``."
|
||||
@@ -1458,25 +1390,6 @@ msgstr ""
|
||||
"melampaui pemantauan perangkat keras dan file log yang mungkin berisi "
|
||||
"kejadian CRUD."
|
||||
|
||||
msgid ""
|
||||
"A common reason to perform a security review on an OpenStack project is to "
|
||||
"enable that project to achieve the *vulnerability:managed* governance tag. "
|
||||
"The OpenStack Vulnerability Management Team (VMT) applies the `vulnerability:"
|
||||
"managed tag <https://governance.openstack.org/reference/tags/"
|
||||
"vulnerability_managed.html>`_ to projects where the report reception and "
|
||||
"disclosure of vulnerabilities is managed by the VMT. One of the requirements "
|
||||
"for gaining the tag is that some form of security review, audit or threat "
|
||||
"analysis has been performed on the project."
|
||||
msgstr ""
|
||||
"Alasan umum untuk melakukan tinjauan keamanan pada proyek OpenStack adalah "
|
||||
"untuk memungkinkan proyek tersebut mencapai tag pengelolaan *vulnerability:"
|
||||
"managed* . OpenStack Vulnerability Management Team (VMT) menerapkan "
|
||||
"`vulnerability:managed tag <https://governance.openstack.org/reference/tags/"
|
||||
"vulnerability_managed.html>`_ untuk proyek di mana laporan penerimaan dan "
|
||||
"pengungkapan kerentanan dikelola oleh VMT. Salah satu persyaratan untuk "
|
||||
"mendapatkan tag adalah beberapa bentuk tinjauan keamanan, audit atau "
|
||||
"analisis ancaman telah dilakukan pada proyek."
|
||||
|
||||
msgid ""
|
||||
"A complete tutorial on secure boot deployment is beyond the scope of this "
|
||||
"book. Instead, here we provide a framework for how to integrate secure boot "
|
||||
@@ -2728,9 +2641,6 @@ msgstr ""
|
||||
"tersedianya fitur keamanan tertentu. Secara khusus, fitur. Misalnya, Xen "
|
||||
"Server XSM atau Xen Security Modules, sVirt, Intel TXT, atau AppArmor."
|
||||
|
||||
msgid "Ansible"
|
||||
msgstr "Ansible"
|
||||
|
||||
msgid ""
|
||||
"Any changes to ``/etc/manila/policy.json`` are effective immediately, which "
|
||||
"allows new policies to be implemented while the Shared File Systems service "
|
||||
@@ -3440,8 +3350,8 @@ msgstr ""
|
||||
"Berikut adalah contoh pembagian NFS dengan driver Generik. Setelah share itu "
|
||||
"dibuat, ia memiliki lokasi ekspor ``10.254.0.3:/shares/share-b2874f8d-"
|
||||
"d428-4a5c-b056-e6af80a995de``. Jika Anda mencoba me-mountnya di host dengan "
|
||||
"alamat IP ``10.254.0.4``, Anda akan mendapatkan pesan *\"Permission denied"
|
||||
"\"*."
|
||||
"alamat IP ``10.254.0.4``, Anda akan mendapatkan pesan *\"Permission "
|
||||
"denied\"*."
|
||||
|
||||
msgid ""
|
||||
"Below we provide sample recommended configuration settings for enabling TLS "
|
||||
@@ -4003,9 +3913,6 @@ msgstr ""
|
||||
msgid "Checklist"
|
||||
msgstr "Daftar periksa"
|
||||
|
||||
msgid "Chef"
|
||||
msgstr "Chef"
|
||||
|
||||
msgid ""
|
||||
"Cinder supports an NFS driver which works differently than a traditional "
|
||||
"block storage driver. The NFS driver does not actually allow an instance to "
|
||||
@@ -4040,11 +3947,11 @@ msgstr ""
|
||||
"unsur-unsur dalam contoh string di atas."
|
||||
|
||||
msgid ""
|
||||
"Cipher suites using the `RSA <https://en.wikipedia.org/wiki/RSA_"
|
||||
"%28cryptosystem%29>`_ exchange, authentication or either respectively."
|
||||
"Cipher suites using the `RSA <https://en.wikipedia.org/wiki/"
|
||||
"RSA_%28cryptosystem%29>`_ exchange, authentication or either respectively."
|
||||
msgstr ""
|
||||
"Cipher suite menggunakan `RSA <https://en.wikipedia.org/wiki/RSA_"
|
||||
"%28cryptosystem%29>`_ pertukaran, otentikasi atau masing-masing."
|
||||
"Cipher suite menggunakan `RSA <https://en.wikipedia.org/wiki/"
|
||||
"RSA_%28cryptosystem%29>`_ pertukaran, otentikasi atau masing-masing."
|
||||
|
||||
msgid ""
|
||||
"Client authentication with TLS requires certificates be issued to services. "
|
||||
@@ -7534,19 +7441,6 @@ msgstr ""
|
||||
"Dalam konteks Openstack, ada dua jenis rahasia yang perlu dikelola - yang "
|
||||
"memerlukan token keystone untuk akses, dan yang tidak."
|
||||
|
||||
msgid ""
|
||||
"In cases where a security review has already been performed by a third "
|
||||
"party, or where a project prefers to use a third party to perform their "
|
||||
"review, information on how to take the output of that third party review and "
|
||||
"submit it to the OSSP for validation will be available in the upcoming third "
|
||||
"party security review process."
|
||||
msgstr ""
|
||||
"Dalam kasus di mana review keamanan telah dilakukan oleh pihak ketiga, atau "
|
||||
"bila sebuah proyek lebih suka menggunakan pihak ketiga untuk melakukan "
|
||||
"review mereka, informasi tentang bagaimana mengambil hasil dari review pihak "
|
||||
"ketiga tersebut dan menyerahkannya kepada OSSP untuk validasi akan tersedia "
|
||||
"dalam proses pemeriksaan keamanan pihak ketiga yang akan datang."
|
||||
|
||||
msgid ""
|
||||
"In cases where software termination offers insufficient performance, "
|
||||
"hardware accelerators may be worth exploring as an alternative option. It is "
|
||||
@@ -8334,22 +8228,6 @@ msgstr ""
|
||||
"authentication-and-access-control` untuk semua komponen yang memerlukan "
|
||||
"komunikasi RPC."
|
||||
|
||||
msgid ""
|
||||
"It is recommended to avoid the manual image building process as it is "
|
||||
"complex and prone to error. Additionally, using an automated system like Oz "
|
||||
"for image building or a configuration management utility like Chef or Puppet "
|
||||
"for post-boot image hardening gives you the ability to produce a consistent "
|
||||
"image as well as track compliance of your base image to its respective "
|
||||
"hardening guidelines over time."
|
||||
msgstr ""
|
||||
"Dianjurkan untuk menghindari proses pembuatan image manual karena kompleks "
|
||||
"dan rentan terhadap kesalahan. Selain itu, dengan menggunakan sistem "
|
||||
"otomatis seperti Oz untuk pembuatan image atau utilitas pengelolaan "
|
||||
"konfigurasi seperti Chef atau Puppet untuk pengerasan image post-boot "
|
||||
"memberi Anda kemampuan untuk menghasilkan image yang konsisten serta melacak "
|
||||
"kepatuhan image dasar Anda untuk masing-masing panduan pengerasan dari waktu "
|
||||
"ke waktu."
|
||||
|
||||
msgid "It saves time for you and your users."
|
||||
msgstr "Ini menghemat waktu untuk Anda dan pengguna Anda."
|
||||
|
||||
@@ -10228,19 +10106,6 @@ msgstr ""
|
||||
"ke beberapa instance penyewa dan administrator menggunakan protokol Virtual "
|
||||
"Network Computer (VNC)."
|
||||
|
||||
msgid ""
|
||||
"OpenStack components communicate with each other using various protocols and "
|
||||
"communication might involve sensitive or confidential data. An attacker may "
|
||||
"try to eavesdrop on the channel in order to get access to sensitive "
|
||||
"information. Therefore all components must communicate with each other using "
|
||||
"a secured communication protocol."
|
||||
msgstr ""
|
||||
"Komponen OpenStack berkomunikasi satu sama lain dengan menggunakan berbagai "
|
||||
"protokol dan komunikasi mungkin melibatkan data sensitif atau rahasia. "
|
||||
"Penyerang dapat mencoba menguping saluran untuk mendapatkan akses ke "
|
||||
"informasi sensitif. Oleh karena itu semua komponen harus berkomunikasi satu "
|
||||
"sama lain menggunakan protokol komunikasi yang aman."
|
||||
|
||||
msgid ""
|
||||
"OpenStack components communicate with each other using various protocols and "
|
||||
"the communication might involve sensitive / confidential data. An attacker "
|
||||
@@ -11548,16 +11413,6 @@ msgstr "Membatasi alamat pengikat untuk MySQL"
|
||||
msgid "Restricting listen address for PostgreSQL"
|
||||
msgstr "Membatasi alamat mendengarkan PostgreSQL"
|
||||
|
||||
msgid "Review by OpenStack Security Project"
|
||||
msgstr "Review oleh OpenStack Security Project"
|
||||
|
||||
msgid ""
|
||||
"Review by a third party review body, with validation from the OpenStack "
|
||||
"Security Project"
|
||||
msgstr ""
|
||||
"Review oleh badan review pihak ketiga, dengan pengesahan dari OpenStack "
|
||||
"Security Project"
|
||||
|
||||
msgid "Review common security principles."
|
||||
msgstr "Tinjau kembali prinsip keamanan bersama."
|
||||
|
||||
@@ -11631,12 +11486,12 @@ msgstr "Verifikasi runtime"
|
||||
|
||||
msgid ""
|
||||
"SANS Technology Institute, InfoSec Handlers Diary Blog. 2012. `Hacking "
|
||||
"servers that are turned off <https://isc.sans.edu/diary/IPMI%3A+Hacking"
|
||||
"+servers+that+are+turned+%22off%22/13399>`__"
|
||||
"servers that are turned off <https://isc.sans.edu/diary/"
|
||||
"IPMI%3A+Hacking+servers+that+are+turned+%22off%22/13399>`__"
|
||||
msgstr ""
|
||||
"SANS Technology Institute, InfoSec Handlers Diary Blog. 2012. `Hacking "
|
||||
"servers that are turned off <https://isc.sans.edu/diary/IPMI%3A+Hacking"
|
||||
"+servers+that+are+turned+%22off%22/13399>`__"
|
||||
"servers that are turned off <https://isc.sans.edu/diary/"
|
||||
"IPMI%3A+Hacking+servers+that+are+turned+%22off%22/13399>`__"
|
||||
|
||||
msgid ""
|
||||
"SDN services node: Management, guest and possibly public depending upon "
|
||||
@@ -11749,9 +11604,6 @@ msgstr ""
|
||||
"kembali rahasia ini. Untuk mengaktifkan fitur ini, pertama-tama harus ada "
|
||||
"layanan OpenStack Key Manager yang ditempatkan di dalam stack."
|
||||
|
||||
msgid "Salt Stack"
|
||||
msgstr "Salt Stack"
|
||||
|
||||
msgid ""
|
||||
"Sanitize portable, removable storage devices prior to connecting such "
|
||||
"devices to the cloud infrastructure."
|
||||
@@ -11790,15 +11642,6 @@ msgstr "Secret store back ends"
|
||||
msgid "Secret store plugins"
|
||||
msgstr "Plugin penyimpanan rahasia"
|
||||
|
||||
msgid ""
|
||||
"Secret store plugins interface with secure storage systems to store the "
|
||||
"secrets within those systems. There are two types of secret store plugins: "
|
||||
"the KMIP plugin and the Dogtag plugin."
|
||||
msgstr ""
|
||||
"Plugin penyimpanan rahasia terhubung dengan sistem penyimpanan yang aman "
|
||||
"untuk menyimpan rahasia di dalam sistem tersebut. Ada dua jenis plugin "
|
||||
"penyimpanan rahasia: plugin KMIP dan plugin Dogtag."
|
||||
|
||||
msgid "Secrets Management"
|
||||
msgstr "Secrets Management (manajemen rahasia)"
|
||||
|
||||
@@ -12014,19 +11857,6 @@ msgstr "Referensi keamanan untuk database back end"
|
||||
msgid "Security review"
|
||||
msgstr "Ulasan keamanan"
|
||||
|
||||
msgid ""
|
||||
"Security review by the OSSP is expected to be the normal route for new "
|
||||
"projects and for cases where third parties have not performed security "
|
||||
"reviews or are unable to share their results. Information for projects that "
|
||||
"require a security review by the OSSP will be available in the upcoming "
|
||||
"security review process."
|
||||
msgstr ""
|
||||
"Review keamanan oleh OSSP diharapkan menjadi rute normal untuk proyek baru "
|
||||
"dan untuk kasus dimana pihak ketiga belum melakukan review keamanan atau "
|
||||
"tidak dapat membagikan hasilnya. Informasi untuk proyek yang memerlukan "
|
||||
"review keamanan oleh OSSP akan tersedia dalam proses review keamanan yang "
|
||||
"akan datang."
|
||||
|
||||
msgid "Security reviews"
|
||||
msgstr "Tinjauan keamanan"
|
||||
|
||||
@@ -13010,20 +12840,6 @@ msgstr ""
|
||||
"dalam desain dan arsitektur layanan, dan mengusulkan kontrol atau perbaikan "
|
||||
"untuk menyelesaikan masalah ini."
|
||||
|
||||
msgid ""
|
||||
"The Barbican threat analysis identified eight security findings and two "
|
||||
"recommendations to improve the security of a barbican deployment. These "
|
||||
"results can be reviewed in the `security analysis repo <https://github.com/"
|
||||
"openstack/security-analysis/tree/master/doc/source/artifacts/barbican/"
|
||||
"newton>`_., along with the Barbican architecture diagram and architecture "
|
||||
"description page."
|
||||
msgstr ""
|
||||
"Analisis ancaman Barbican mengidentifikasi delapan temuan keamanan dan dua "
|
||||
"rekomendasi untuk memperbaiki keamanan penyebaran barbican. Hasil ini dapat "
|
||||
"ditinjau ulang di `security analysis repo <https://github.com/openstack/"
|
||||
"security-analysis/tree/master/doc/source/artifacts/barbican/newton>`_., "
|
||||
"bersama dengan diagram arsitektur Barbican dan halaman deskripsi arsitektur."
|
||||
|
||||
msgid ""
|
||||
"The CSA CCM is specifically designed to provide fundamental security "
|
||||
"principles to guide cloud vendors and to assist prospective cloud customers "
|
||||
@@ -13354,9 +13170,9 @@ msgid ""
|
||||
"The Health Insurance Portability and Accountability Act (HIPAA) is a United "
|
||||
"States congressional act that governs the collection, storage, use and "
|
||||
"destruction of patient health records. The act states that Protected Health "
|
||||
"Information (PHI) must be rendered \"unusable, unreadable, or indecipherable"
|
||||
"\" to unauthorized persons and that encryption for data 'at-rest' and "
|
||||
"'inflight' should be addressed."
|
||||
"Information (PHI) must be rendered \"unusable, unreadable, or "
|
||||
"indecipherable\" to unauthorized persons and that encryption for data 'at-"
|
||||
"rest' and 'inflight' should be addressed."
|
||||
msgstr ""
|
||||
"The Health Insurance Portability and Accountability Act (HIPAA) adalah "
|
||||
"keputusan kongres Amerika Serikat yang mengatur pengumpulan, penyimpanan, "
|
||||
@@ -13852,41 +13668,6 @@ msgstr ""
|
||||
"kontrol keamanan tertentu tidak dimungkinkan karena kompleksitas atau "
|
||||
"rincian spesifik lingkungan lainnya."
|
||||
|
||||
msgid ""
|
||||
"The OpenStack Security Project (OSSP) has worked with the VMT to agree that "
|
||||
"an architectural review of the best practice deployment for a project is an "
|
||||
"appropriate form of security review, balancing the need for review with the "
|
||||
"resource requirements for a project of the scale of OpenStack. Security "
|
||||
"architecture review is also often referred to as *threat analysis*, "
|
||||
"*security analysis* or *threat modeling*. In the context of OpenStack "
|
||||
"security review, these terms are synonymous for an architectural security "
|
||||
"review which may identify defects in the design of a project or reference "
|
||||
"architecture, and may lead to further investigative work to verify parts of "
|
||||
"the implementation."
|
||||
msgstr ""
|
||||
" OpenStack Security Project (OSSP) telah bekerja dengan VMT untuk menyetujui "
|
||||
"bahwa tinjauan arsitektur penerapan praktik terbaik untuk sebuah proyek "
|
||||
"adalah bentuk tinjauan keamanan yang sesuai, menyeimbangkan kebutuhan untuk "
|
||||
"ditinjau dengan persyaratan sumber daya untuk proyek skala OpenStack. "
|
||||
"Tinjauan arsitektur keamanan juga sering disebut sebagai *threat analysis*, "
|
||||
"*security analysis* atau *threat modeling*. Dalam konteks tinjauan keamanan "
|
||||
"OpenStack, istilah-istilah ini identik untuk tinjauan keamanan arsitektural "
|
||||
"yang dapat mengidentifikasi cacat pada desain proyek atau arsitektur "
|
||||
"referensi, dan dapat menyebabkan pekerjaan investigasi lebih lanjut untuk "
|
||||
"memverifikasi bagian-bagian dari pelaksanaan."
|
||||
|
||||
msgid ""
|
||||
"The OpenStack Security team is based on voluntary contributions from the "
|
||||
"OpenStack community. You can contact the security community directly in the "
|
||||
"#openstack-security channel on Freenode IRC, or by sending mail to the "
|
||||
"openstack-discuss mailing list with the [security] prefix in the subject "
|
||||
"header."
|
||||
msgstr ""
|
||||
"Tim OpenStack Security didasarkan pada kontribusi sukarela dari komunitas "
|
||||
"OpenStack. Anda dapat menghubungi komunitas keamanan secara langsung di "
|
||||
"saluran #openstack-security di Freenode IRC, atau dengan mengirim email ke "
|
||||
"daftar mailing openstack-discuss dengan awalan [security] di header subjek."
|
||||
|
||||
msgid ""
|
||||
"The OpenStack components are only a small fraction of the software in a "
|
||||
"cloud. It is important to keep up to date with all of these other "
|
||||
@@ -13930,24 +13711,6 @@ msgstr ""
|
||||
"Setiap dasbor yang tidak mengikuti pengaturan keamanan yang disarankan ini "
|
||||
"harus dievaluasi secara hati-hati sebelum batasan rileks."
|
||||
|
||||
msgid ""
|
||||
"The PKCS#11 crypto plugin can be used to interface with a Hardware Security "
|
||||
"Module (HSM) using the PKCS#11 protocol. Secrets are encrypted (and "
|
||||
"decrypted on retrieval) by a project specific Key Encryption Key (KEK) which "
|
||||
"resides in the HSM. Since a different KEK is used for each project, and "
|
||||
"since the KEKs are stored inside an HSM (instead of in plaintext in the "
|
||||
"configuration file) the PKCS#11 plugin is much more secure than the simple "
|
||||
"crypto plugin. It is the most popular back end amongst Barbican deployments."
|
||||
msgstr ""
|
||||
"Plugin kripto PKCS # 11 dapat digunakan untuk berinteraksi dengan Hardware "
|
||||
"Security Module (HSM) menggunakan protokol PKCS # 11. Rahasia dienkripsi "
|
||||
"(dan didekripsi saat pengambilan) oleh Key Key Enkripsi (KEK) spesifik "
|
||||
"proyek yang berada di HSM. Karena KEK yang berbeda digunakan untuk setiap "
|
||||
"proyek, dan karena KEK disimpan di dalam sebuah HSM (bukan di plaintext "
|
||||
"dalam file konfigurasi) plugin PKCS # 11 jauh lebih aman daripada plugin "
|
||||
"kripto sederhana. Ini adalah bagian belakang yang paling populer di antara "
|
||||
"penyebaran Barbican."
|
||||
|
||||
msgid ""
|
||||
"The Payment Card Industry Data Security Standard (PCI DSS) is defined by the "
|
||||
"Payment Card Industry Standards Council, and created to increase controls "
|
||||
@@ -14985,24 +14748,6 @@ msgstr ""
|
||||
"penghitungan, jaringan, dan penyimpanan dan komponen lainnya yang menyusun "
|
||||
"penerapan OpenStack Anda."
|
||||
|
||||
msgid ""
|
||||
"The goal of security review in the OpenStack community is to identify "
|
||||
"weaknesses in design or implementation of OpenStack projects. While rare, "
|
||||
"these weaknesses could potentially have catastrophic effects on the security "
|
||||
"of an OpenStack deployment, and therefore work should be undertaken to "
|
||||
"minimize the likelihood of these defects in released projects. The OpenStack "
|
||||
"Security Project asserts that once a security review of a project has been "
|
||||
"completed, the following are known and documented:"
|
||||
msgstr ""
|
||||
"Tujuan tinjauan keamanan di komunitas OpenStack adalah untuk "
|
||||
"mengidentifikasi kelemahan dalam perancangan atau pelaksanaan proyek "
|
||||
"OpenStack. Meskipun jarang terjadi, kelemahan ini berpotensi menimbulkan "
|
||||
"dampak bencana terhadap keamanan penempatan OpenStack, dan oleh karena itu, "
|
||||
"pekerjaan harus dilakukan untuk meminimalkan kemungkinan cacat pada proyek "
|
||||
"yang diluncurkan. OpenStack Security Project menegaskan bahwa setelah "
|
||||
"tinjauan keamanan atas sebuah proyek selesai, berikut ini diketahui dan "
|
||||
"didokumentasikan:"
|
||||
|
||||
msgid ""
|
||||
"The importance of encrypting data on behalf of tenants is largely related to "
|
||||
"the risk assumed by a provider that an attacker could access tenant data. "
|
||||
@@ -15720,17 +15465,6 @@ msgstr ""
|
||||
"operator mungkin ingin mencari saran dari pemimpin industri dan vendor "
|
||||
"disamping panduan yang direkomendasikan di sini."
|
||||
|
||||
msgid ""
|
||||
"There are many configuration management solutions; at the time of this "
|
||||
"writing there are two in the marketplace that are robust in their support of "
|
||||
"OpenStack environments: :term:`Chef` and :term:`Puppet`. A non-exhaustive "
|
||||
"listing of tools in this space is provided below:"
|
||||
msgstr ""
|
||||
"Ada banyak solusi manajemen konfigurasi; Pada saat penulisan ini ada dua di "
|
||||
"pasar yang kuat dalam mendukung lingkungan OpenStack: :term:`Chef` dan :term:"
|
||||
"`Puppet`. Daftar alat yang tidak lengkap (non-exhaustive) di ruang ini "
|
||||
"disediakan di bawah ini:"
|
||||
|
||||
msgid ""
|
||||
"There are no general provisions for granular control of database operations "
|
||||
"in OpenStack. Access and privileges are granted simply based on whether a "
|
||||
@@ -15804,13 +15538,6 @@ msgstr ""
|
||||
"Ada beberapa bagian kunci pada halaman arsitektur, yang dijelaskan lebih "
|
||||
"rinci di bawah ini:"
|
||||
|
||||
msgid ""
|
||||
"There are two routes that an OpenStack project may take to complete a "
|
||||
"security review:"
|
||||
msgstr ""
|
||||
"Ada dua rute yang dibutuhkan proyek OpenStack untuk menyelesaikan tinjauan "
|
||||
"keamanan:"
|
||||
|
||||
msgid "There are two types of SOC 1 reports:"
|
||||
msgstr "Ada dua jenis laporan SOC 1:"
|
||||
|
||||
@@ -17517,28 +17244,6 @@ msgstr ""
|
||||
"TLS di mana saja terlalu sulit, sebaiknya Anda mengevaluasi kebutuhan "
|
||||
"OpenStack SSL/TLS dan mengikuti salah satu arsitektur yang dibahas di sini."
|
||||
|
||||
msgid ""
|
||||
"We recommend using a separate, isolated network within the management "
|
||||
"security domain for provisioning. This network will handle all PXE traffic, "
|
||||
"along with the subsequent boot stage downloads depicted above. Note that the "
|
||||
"node boot process begins with two insecure operations: DHCP and TFTP. Then "
|
||||
"the boot process uses TLS to download the remaining information required to "
|
||||
"deploy the node. This may be an operating system installer, a basic install "
|
||||
"managed by `Chef <https://www.chef.io/chef/>`__ or `Puppet <https://"
|
||||
"puppetlabs.com/>`__, or even a complete file system image that is written "
|
||||
"directly to disk."
|
||||
msgstr ""
|
||||
"Sebaiknya gunakan jaringan terpisah yang terisolasi dalam domain keamanan "
|
||||
"manajemen untuk penyediaan. Jaringan ini akan menangani semua lalu lintas "
|
||||
"PXE, bersamaan dengan unduhan tahap boot berikutnya yang digambarkan di "
|
||||
"atas. Perhatikan bahwa proses boot node dimulai dengan dua operasi tidak "
|
||||
"aman: DHCP dan TFTP. Kemudian proses booting menggunakan TLS untuk "
|
||||
"mendownload sisa informasi yang dibutuhkan untuk menyebarkan node. Ini "
|
||||
"mungkin sebuah installer sistem operasi, sebuah instalasi dasar yang "
|
||||
"dikelola oleh `Chef <https://www.chef.io/chef/>`__ atau `Puppet <https://"
|
||||
"puppetlabs.com/>`__, atau bahkan image sistem file lengkap yang ditulis "
|
||||
"langsung ke disk."
|
||||
|
||||
msgid ""
|
||||
"We recommend you disable filters that parse things that are provided by "
|
||||
"users or are able to be manipulated such as metadata."
|
||||
@@ -18728,11 +18433,6 @@ msgstr "`Oozie <https://oozie.apache.org>`_"
|
||||
msgid "`OpenSCAP <https://www.open-scap.org/>`_"
|
||||
msgstr "`OpenSCAP <https://www.open-scap.org/>`_"
|
||||
|
||||
msgid ""
|
||||
"`OpenSSL and FIPS 140-2 <http://www.openssl.org/docs/fips/fipsnotes.html>`_"
|
||||
msgstr ""
|
||||
"`OpenSSL and FIPS 140-2 <http://www.openssl.org/docs/fips/fipsnotes.html>`_"
|
||||
|
||||
msgid "`Pig <https://pig.apache.org>`_"
|
||||
msgstr "`Pig <https://pig.apache.org>`_"
|
||||
|
||||
@@ -18839,12 +18539,12 @@ msgstr "`Tripwire <http://sourceforge.net/projects/tripwire/>`__"
|
||||
|
||||
msgid ""
|
||||
"`Trusted Security Principles <http://www.aicpa.org/interestareas/"
|
||||
"informationtechnology/resources/soc/trustservices/pages/trust%20services"
|
||||
"%20principles—an%20overview.aspx>`_"
|
||||
"informationtechnology/resources/soc/trustservices/pages/"
|
||||
"trust%20services%20principles—an%20overview.aspx>`_"
|
||||
msgstr ""
|
||||
"`Trusted Security Principles <http://www.aicpa.org/interestareas/"
|
||||
"informationtechnology/resources/soc/trustservices/pages/trust%20services"
|
||||
"%20principles—an%20overview.aspx>`_"
|
||||
"informationtechnology/resources/soc/trustservices/pages/"
|
||||
"trust%20services%20principles—an%20overview.aspx>`_"
|
||||
|
||||
msgid ""
|
||||
"`U.S. NIST FIPS PUB 180-3 <http://csrc.nist.gov/publications/fips/fips180-3/"
|
||||
|
||||
@@ -22,7 +22,7 @@ msgid ""
|
||||
msgstr ""
|
||||
"Project-Id-Version: Security Guide\n"
|
||||
"Report-Msgid-Bugs-To: \n"
|
||||
"POT-Creation-Date: 2021-01-22 18:38+0000\n"
|
||||
"POT-Creation-Date: 2025-09-12 18:32+0000\n"
|
||||
"MIME-Version: 1.0\n"
|
||||
"Content-Type: text/plain; charset=UTF-8\n"
|
||||
"Content-Transfer-Encoding: 8bit\n"
|
||||
@@ -148,22 +148,6 @@ msgstr ""
|
||||
"**失敗:** ``/etc/openstack-dashboard/local_settings.py`` の "
|
||||
"``SESSION_COOKIE_SECURE`` パラメーターが ``False`` に設定されている場合。"
|
||||
|
||||
msgid ""
|
||||
"**Fail:** If value of parameter ``auth_protocol`` under "
|
||||
"``[keystone_authtoken]`` section in ``manila.conf`` is set to ``http``, or "
|
||||
"if value of parameter ``identity_uri`` under ``[keystone_authtoken]`` "
|
||||
"section in ``manila.conf`` is not set to Identity API endpoint starting with "
|
||||
"``https://`` or value of parameter ``insecure`` under the same "
|
||||
"``[keystone_authtoken]`` section in the same ``manila.conf`` is set to "
|
||||
"``True``."
|
||||
msgstr ""
|
||||
"**失敗:** ``manila.conf`` の ``[keystone_authtoken]`` にある "
|
||||
"``auth_protocol``パラメーターの値が ``https`` に設定されている場合。または、 "
|
||||
"``manila.conf`` の ``[keystone_authtoken]`` にある ``identity_uri`` パラメー"
|
||||
"ターの値が ``https://`` から始まる Identity API に設定されている場合、また"
|
||||
"は、同じ ``manila.conf`` の ``[keystone_authtoken]`` セクションにある "
|
||||
"``insecure`` パラメーターの値が ``True`` に設定されている場合。"
|
||||
|
||||
msgid ""
|
||||
"**Fail:** If value of parameter ``auth_strategy`` under ``[DEFAULT]`` "
|
||||
"section is set to ``noauth`` or ``noauth2``."
|
||||
@@ -306,22 +290,6 @@ msgstr ""
|
||||
"**成功:** ``/etc/openstack-dashboard/local_settings.py`` の "
|
||||
"``SESSION_COOKIE_SECURE`` パラメーターが ``True`` に設定されている場合。"
|
||||
|
||||
msgid ""
|
||||
"**Pass:** If value of parameter ``auth_protocol`` under "
|
||||
"``[keystone_authtoken]`` section in ``manila.conf`` is set to ``https``, or "
|
||||
"if value of parameter ``identity_uri`` under ``[keystone_authtoken]`` "
|
||||
"section in ``manila.conf`` is set to Identity API endpoint starting with "
|
||||
"``https://`` and value of parameter ``insecure`` under the same "
|
||||
"``[keystone_authtoken]`` section in the same ``manila.conf`` is set to "
|
||||
"``False``."
|
||||
msgstr ""
|
||||
"**成功:** ``manila.conf`` の ``[keystone_authtoken]`` にある "
|
||||
"``auth_protocol``パラメーターの値が ``https`` に設定されている場合。または、 "
|
||||
"``manila.conf`` の ``[keystone_authtoken]`` にある ``identity_uri`` パラメー"
|
||||
"ターの値が ``https://`` から始まる Identity API に設定されていて、同じ "
|
||||
"``manila.conf`` の ``[keystone_authtoken]`` セクションにある ``insecure`` パ"
|
||||
"ラメーターの値が ``False`` に設定されている場合。"
|
||||
|
||||
msgid ""
|
||||
"**Pass:** If value of parameter ``auth_strategy`` under ``[DEFAULT]`` "
|
||||
"section in ``/etc/cinder/cinder.conf`` is set to ``keystone``."
|
||||
@@ -900,9 +868,6 @@ msgstr ""
|
||||
"ドクラウドのホスティング環境向けに設計されたサーバーセキュリティ製品のセキュ"
|
||||
"リティ研究チームを率いています。"
|
||||
|
||||
msgid "Ansible"
|
||||
msgstr "Ansible"
|
||||
|
||||
msgid "Apache"
|
||||
msgstr "Apache"
|
||||
|
||||
@@ -1424,9 +1389,6 @@ msgstr ""
|
||||
msgid "Checklist"
|
||||
msgstr "チェックリスト"
|
||||
|
||||
msgid "Chef"
|
||||
msgstr "Chef"
|
||||
|
||||
msgid "Cinder volume data"
|
||||
msgstr "Cinder のボリュームデータ"
|
||||
|
||||
@@ -4634,12 +4596,12 @@ msgstr "ランタイムの検証"
|
||||
|
||||
msgid ""
|
||||
"SANS Technology Institute, InfoSec Handlers Diary Blog. 2012. `Hacking "
|
||||
"servers that are turned off <https://isc.sans.edu/diary/IPMI%3A+Hacking"
|
||||
"+servers+that+are+turned+%22off%22/13399>`__"
|
||||
"servers that are turned off <https://isc.sans.edu/diary/"
|
||||
"IPMI%3A+Hacking+servers+that+are+turned+%22off%22/13399>`__"
|
||||
msgstr ""
|
||||
"SANS Technology Institute, InfoSec Handlers Diary Blog. 2012. `Hacking "
|
||||
"servers that are turned off <https://isc.sans.edu/diary/IPMI%3A+Hacking"
|
||||
"+servers+that+are+turned+%22off%22/13399>`__"
|
||||
"servers that are turned off <https://isc.sans.edu/diary/"
|
||||
"IPMI%3A+Hacking+servers+that+are+turned+%22off%22/13399>`__"
|
||||
|
||||
msgid ""
|
||||
"SDN services node: Management, guest and possibly public depending upon "
|
||||
@@ -4672,9 +4634,6 @@ msgstr "SR-IOV, MR-IOV, ATS"
|
||||
msgid "SSL/TLS proxy in front"
|
||||
msgstr "前段の SSL/TLS"
|
||||
|
||||
msgid "Salt Stack"
|
||||
msgstr "Salt Stack"
|
||||
|
||||
msgid ""
|
||||
"Sanitize portable, removable storage devices prior to connecting such "
|
||||
"devices to the cloud infrastructure."
|
||||
@@ -5322,9 +5281,9 @@ msgid ""
|
||||
"The Health Insurance Portability and Accountability Act (HIPAA) is a United "
|
||||
"States congressional act that governs the collection, storage, use and "
|
||||
"destruction of patient health records. The act states that Protected Health "
|
||||
"Information (PHI) must be rendered \"unusable, unreadable, or indecipherable"
|
||||
"\" to unauthorized persons and that encryption for data 'at-rest' and "
|
||||
"'inflight' should be addressed."
|
||||
"Information (PHI) must be rendered \"unusable, unreadable, or "
|
||||
"indecipherable\" to unauthorized persons and that encryption for data 'at-"
|
||||
"rest' and 'inflight' should be addressed."
|
||||
msgstr ""
|
||||
"Health Insurance Portability and Accountability Act (HIPAA)は米国の健康保険に"
|
||||
"おける可搬性と責任に関する法律で、カルテ情報の収集、保存、および廃棄に関する"
|
||||
@@ -7428,11 +7387,6 @@ msgstr ""
|
||||
msgid "`Oozie <https://oozie.apache.org>`_"
|
||||
msgstr "`Oozie <https://oozie.apache.org>`_"
|
||||
|
||||
msgid ""
|
||||
"`OpenSSL and FIPS 140-2 <http://www.openssl.org/docs/fips/fipsnotes.html>`_"
|
||||
msgstr ""
|
||||
"`OpenSSL and FIPS 140-2 <http://www.openssl.org/docs/fips/fipsnotes.html>`_"
|
||||
|
||||
msgid "`Pig <https://pig.apache.org>`_"
|
||||
msgstr "`Pig <https://pig.apache.org>`_"
|
||||
|
||||
|
||||
@@ -10,7 +10,7 @@ msgid ""
|
||||
msgstr ""
|
||||
"Project-Id-Version: Security Guide\n"
|
||||
"Report-Msgid-Bugs-To: \n"
|
||||
"POT-Creation-Date: 2021-01-22 18:38+0000\n"
|
||||
"POT-Creation-Date: 2025-09-12 18:32+0000\n"
|
||||
"MIME-Version: 1.0\n"
|
||||
"Content-Type: text/plain; charset=UTF-8\n"
|
||||
"Content-Transfer-Encoding: 8bit\n"
|
||||
@@ -273,23 +273,6 @@ msgstr ""
|
||||
"conf`` dosyasındaki ``[glance]`` bölümündeki ``api_servers`` parametresinin "
|
||||
"değeri ``https://`` ile başlayan bir değer değil ise."
|
||||
|
||||
msgid ""
|
||||
"**Fail:** If value of parameter ``auth_protocol`` under "
|
||||
"``[keystone_authtoken]`` section in ``manila.conf`` is set to ``http``, or "
|
||||
"if value of parameter ``identity_uri`` under ``[keystone_authtoken]`` "
|
||||
"section in ``manila.conf`` is not set to Identity API endpoint starting with "
|
||||
"``https://`` or value of parameter ``insecure`` under the same "
|
||||
"``[keystone_authtoken]`` section in the same ``manila.conf`` is set to "
|
||||
"``True``."
|
||||
msgstr ""
|
||||
"**Başarısız:** ``manila.conf`` dosyasında ``[keystone_authtoken]`` "
|
||||
"bölümündeki ``auth_protocol`` parametresinin değeri ``http`` ise ya da "
|
||||
"``manila.conf`` dosyasında ``[keystone_authtoken]`` bölümündeki "
|
||||
"``identity_uri`` paramtresinin değeri ``https://`` ile başlayan bir Kimlik "
|
||||
"API'ye ayarlı değilse ya da ``manila.conf`` dosyasında "
|
||||
"``[keystone_authtoken]`` bölümündeki ``insecure`` parametresinin değeri "
|
||||
"``True`` ise."
|
||||
|
||||
msgid ""
|
||||
"**Fail:** If value of parameter ``auth_strategy`` under ``[DEFAULT]`` "
|
||||
"section in ``/etc/glance/glance-api.conf`` is set to ``noauth`` or value of "
|
||||
@@ -577,22 +560,6 @@ msgstr ""
|
||||
"conf`` dosyasındaki ``[glance]`` bölümündeki ``api_servers`` parametresinin "
|
||||
"değeri ``https://`` ile başlayan bir değer ise."
|
||||
|
||||
msgid ""
|
||||
"**Pass:** If value of parameter ``auth_protocol`` under "
|
||||
"``[keystone_authtoken]`` section in ``manila.conf`` is set to ``https``, or "
|
||||
"if value of parameter ``identity_uri`` under ``[keystone_authtoken]`` "
|
||||
"section in ``manila.conf`` is set to Identity API endpoint starting with "
|
||||
"``https://`` and value of parameter ``insecure`` under the same "
|
||||
"``[keystone_authtoken]`` section in the same ``manila.conf`` is set to "
|
||||
"``False``."
|
||||
msgstr ""
|
||||
"**Başarılı:** ``manila.conf`` dosyasında ``[keystone_authtoken]`` "
|
||||
"bölümündeki ``auth_protocol`` parametresinin değeri ``https`` ise ya da "
|
||||
"``manila.conf`` dosyasında ``[keystone_authtoken]`` bölümündeki "
|
||||
"``identity_uri`` paramtresinin değeri ``https://`` ile başlayan bir Kimlik "
|
||||
"API'ye ayarlı ise ya da ``manila.conf`` dosyasında ``[keystone_authtoken]`` "
|
||||
"bölümündeki ``insecure`` parametresinin değeri ``False`` ise."
|
||||
|
||||
msgid ""
|
||||
"**Pass:** If value of parameter ``auth_strategy`` under ``[DEFAULT]`` "
|
||||
"section in ``/etc/cinder/cinder.conf`` is set to ``keystone``."
|
||||
@@ -1086,25 +1053,6 @@ msgstr ""
|
||||
"yalnızca donanım izleme ve CRUD olaylarını içerebilen günlük dosyalarının "
|
||||
"ötesine geçecektir."
|
||||
|
||||
msgid ""
|
||||
"A common reason to perform a security review on an OpenStack project is to "
|
||||
"enable that project to achieve the *vulnerability:managed* governance tag. "
|
||||
"The OpenStack Vulnerability Management Team (VMT) applies the `vulnerability:"
|
||||
"managed tag <https://governance.openstack.org/reference/tags/"
|
||||
"vulnerability_managed.html>`_ to projects where the report reception and "
|
||||
"disclosure of vulnerabilities is managed by the VMT. One of the requirements "
|
||||
"for gaining the tag is that some form of security review, audit or threat "
|
||||
"analysis has been performed on the project."
|
||||
msgstr ""
|
||||
"Bir OpenStack projesi üzerinde güvenlik incelemesi yapmak için ortak bir "
|
||||
"neden, o projenin *vulnerability: managed* yönetişim etiketi elde etmesini "
|
||||
"sağlamaktır. OpenStack Güvenlik Açığı Yönetimi Ekibi (VMT), `vulnerability: "
|
||||
"managed etiketi <https://governance.openstack.org/reference/tags/"
|
||||
"vulnerability_managed.html>`_ raporların alınması ve güvenlik açıklarının "
|
||||
"bildiriminin VMT tarafından yapıldığı projelere uygulanır. Etiket kazanma "
|
||||
"gereksinimlerinden biri, proje üzerinde bazı güvenlik incelemesi, denetim "
|
||||
"veya tehdit analizi uygulanmış olmasıdır."
|
||||
|
||||
msgid ""
|
||||
"A complete tutorial on secure boot deployment is beyond the scope of this "
|
||||
"book. Instead, here we provide a framework for how to integrate secure boot "
|
||||
@@ -2127,9 +2075,6 @@ msgstr ""
|
||||
"Örneğin, Xen Server'ın XSM veya Xen Güvenlik Modülleri, Sanal, Intel TXT "
|
||||
"veya AppArmor."
|
||||
|
||||
msgid "Ansible"
|
||||
msgstr "Ansible"
|
||||
|
||||
msgid ""
|
||||
"Any changes to ``/etc/manila/policy.json`` are effective immediately, which "
|
||||
"allows new policies to be implemented while the Shared File Systems service "
|
||||
@@ -3192,9 +3137,6 @@ msgstr ""
|
||||
msgid "Checklist"
|
||||
msgstr "Kontrol listesi"
|
||||
|
||||
msgid "Chef"
|
||||
msgstr "Chef"
|
||||
|
||||
msgid ""
|
||||
"Cinder supports an NFS driver which works differently than a traditional "
|
||||
"block storage driver. The NFS driver does not actually allow an instance to "
|
||||
@@ -3228,11 +3170,12 @@ msgstr ""
|
||||
"öğelere daha yakından bir göz atalım."
|
||||
|
||||
msgid ""
|
||||
"Cipher suites using the `RSA <https://en.wikipedia.org/wiki/RSA_"
|
||||
"%28cryptosystem%29>`_ exchange, authentication or either respectively."
|
||||
"Cipher suites using the `RSA <https://en.wikipedia.org/wiki/"
|
||||
"RSA_%28cryptosystem%29>`_ exchange, authentication or either respectively."
|
||||
msgstr ""
|
||||
"Şifreleme takımları, `RSA <https://en.wikipedia.org/wiki/RSA_%28cryptosystem"
|
||||
"%29>` _ değiştirme, kimlik doğrulama veya sırasıyla kullanır."
|
||||
"Şifreleme takımları, `RSA <https://en.wikipedia.org/wiki/"
|
||||
"RSA_%28cryptosystem%29>` _ değiştirme, kimlik doğrulama veya sırasıyla "
|
||||
"kullanır."
|
||||
|
||||
msgid ""
|
||||
"Client authentication with TLS requires certificates be issued to services. "
|
||||
@@ -3304,9 +3247,9 @@ msgid ""
|
||||
"an update to \"The OpenStack Cookbook\" as well as books on VMware "
|
||||
"automation."
|
||||
msgstr ""
|
||||
"Cody Bunch, Rackspace ile Özel Bulut mimarı. Cody, \"The OpenStack Cookbook"
|
||||
"\" a ait bir güncellemenin yanı sıra VMware otomasyonu üzerine kitaplar da "
|
||||
"hazırladı."
|
||||
"Cody Bunch, Rackspace ile Özel Bulut mimarı. Cody, \"The OpenStack "
|
||||
"Cookbook\" a ait bir güncellemenin yanı sıra VMware otomasyonu üzerine "
|
||||
"kitaplar da hazırladı."
|
||||
|
||||
msgid ""
|
||||
"Collection of containers; not user accounts or authentication. Which users "
|
||||
@@ -6150,19 +6093,6 @@ msgstr ""
|
||||
msgid "In an OpenStack deployment you will need to address the following:"
|
||||
msgstr "Bir OpenStack dağıtımında aşağıdakileri ele almanız gerekecek:"
|
||||
|
||||
msgid ""
|
||||
"In cases where a security review has already been performed by a third "
|
||||
"party, or where a project prefers to use a third party to perform their "
|
||||
"review, information on how to take the output of that third party review and "
|
||||
"submit it to the OSSP for validation will be available in the upcoming third "
|
||||
"party security review process."
|
||||
msgstr ""
|
||||
"Bir güvenlik incelemesinin üçüncü bir taraf tarafından daha önce yapıldığı "
|
||||
"veya bir projenin incelemesini yapmak için üçüncü bir tarafı tercih etmesi "
|
||||
"durumunda, söz konusu üçüncü taraf incelemesinin çıktısını alma ve doğrulama "
|
||||
"için OSSP'ye sunma hakkında bilgi yaklaşmakta olan üçüncü parti güvenlik "
|
||||
"inceleme sürecinde kullanıma sunulacaktır."
|
||||
|
||||
msgid ""
|
||||
"In cases where software termination offers insufficient performance, "
|
||||
"hardware accelerators may be worth exploring as an alternative option. It is "
|
||||
@@ -6866,21 +6796,6 @@ msgstr ""
|
||||
"RPC iletişimini gerektiren tüm bileşenler için :ref:`queue-authentication-"
|
||||
"and-access-control` ile sağlanan yönergeleri izlemeniz önerilir."
|
||||
|
||||
msgid ""
|
||||
"It is recommended to avoid the manual image building process as it is "
|
||||
"complex and prone to error. Additionally, using an automated system like Oz "
|
||||
"for image building or a configuration management utility like Chef or Puppet "
|
||||
"for post-boot image hardening gives you the ability to produce a consistent "
|
||||
"image as well as track compliance of your base image to its respective "
|
||||
"hardening guidelines over time."
|
||||
msgstr ""
|
||||
"Elle imaj oluşturma işleminin karmaşık olması ve hataya eğilimli olması "
|
||||
"nedeniyle önlenmesi önerilir. Ek olarak, görüntü oluşturma için Oz gibi "
|
||||
"otomatik bir sistem veya açılış sonrası imaj sıkılaştırması için Chef veya "
|
||||
"Puppet gibi bir yapılandırma yönetimi programı kullanarak, tutarlı bir imaj "
|
||||
"üretmenin yanı sıra, taban görüntüsünün kendi sıkılaştırma kurallarına "
|
||||
"uyumunu izleyebilirsiniz."
|
||||
|
||||
msgid ""
|
||||
"It should be noted that with this type of implementation sensitive access "
|
||||
"tokens will be stored in the browser and will be transmitted with each "
|
||||
@@ -8062,8 +7977,8 @@ msgid ""
|
||||
"specification of what constitutes a \"secure password\"."
|
||||
msgstr ""
|
||||
"Sistem güvenlik kontrolleri tanımlandıktan sonra, bir OpenStack mimarı, özel "
|
||||
"kontrol seçimi için NIST 800-53'ü kullanacaktır. Örneğin, \"güvenli parola"
|
||||
"\"yı neyin oluşturduğunun belirtimi."
|
||||
"kontrol seçimi için NIST 800-53'ü kullanacaktır. Örneğin, \"güvenli "
|
||||
"parola\"yı neyin oluşturduğunun belirtimi."
|
||||
|
||||
msgid ""
|
||||
"Once the SSH host key is generated, the host key fingerprint should be "
|
||||
@@ -9726,16 +9641,6 @@ msgstr "MySQL için bağlama adresini sınırlama"
|
||||
msgid "Restricting listen address for PostgreSQL"
|
||||
msgstr "PostgreSQL için dinleme adresini kısıtlama"
|
||||
|
||||
msgid "Review by OpenStack Security Project"
|
||||
msgstr "OpenStack Güvenlik Projesi tarafından İncelenmek"
|
||||
|
||||
msgid ""
|
||||
"Review by a third party review body, with validation from the OpenStack "
|
||||
"Security Project"
|
||||
msgstr ""
|
||||
"OpenStack Güvenlik Projesi'nden doğrulama ile üçüncü parti inceleme organı "
|
||||
"tarafından incelenmesi"
|
||||
|
||||
msgid "Review common security principles."
|
||||
msgstr "Yaygın güvenlik prensiplerini gözden geçirmek."
|
||||
|
||||
@@ -9800,12 +9705,12 @@ msgstr "Çalışma zamanı doğrulama"
|
||||
|
||||
msgid ""
|
||||
"SANS Technology Institute, InfoSec Handlers Diary Blog. 2012. `Hacking "
|
||||
"servers that are turned off <https://isc.sans.edu/diary/IPMI%3A+Hacking"
|
||||
"+servers+that+are+turned+%22off%22/13399>`__"
|
||||
"servers that are turned off <https://isc.sans.edu/diary/"
|
||||
"IPMI%3A+Hacking+servers+that+are+turned+%22off%22/13399>`__"
|
||||
msgstr ""
|
||||
"SANS Teknoloji Enstitüsü, InfoSec İşleyicileri Günlüğü Bloğu. 2012. "
|
||||
"`Kapatılmış sunucuları ele geçirmek <https://isc.sans.edu/diary/IPMI%3A"
|
||||
"+Hacking+servers+that+are+turned+%22off%22/13399>`__"
|
||||
"`Kapatılmış sunucuları ele geçirmek <https://isc.sans.edu/diary/"
|
||||
"IPMI%3A+Hacking+servers+that+are+turned+%22off%22/13399>`__"
|
||||
|
||||
msgid ""
|
||||
"SDN services node: Management, guest and possibly public depending upon "
|
||||
@@ -9876,9 +9781,6 @@ msgstr "yük dengeleyici üzerinden SSL/TLS"
|
||||
msgid "SSL/TLS proxy in front"
|
||||
msgstr "Ön taraftaki SSL/TLS vekili"
|
||||
|
||||
msgid "Salt Stack"
|
||||
msgstr "Salt Stack"
|
||||
|
||||
msgid ""
|
||||
"Sanitize portable, removable storage devices prior to connecting such "
|
||||
"devices to the cloud infrastructure."
|
||||
@@ -10063,19 +9965,6 @@ msgstr "Veritabanı arka uçları için güvenlik referansları"
|
||||
msgid "Security review"
|
||||
msgstr "Güvenlik incelemesi"
|
||||
|
||||
msgid ""
|
||||
"Security review by the OSSP is expected to be the normal route for new "
|
||||
"projects and for cases where third parties have not performed security "
|
||||
"reviews or are unable to share their results. Information for projects that "
|
||||
"require a security review by the OSSP will be available in the upcoming "
|
||||
"security review process."
|
||||
msgstr ""
|
||||
"OSSP tarafından yapılan güvenlik incelemesinin, yeni projelerin ve üçüncü "
|
||||
"şahısların güvenlik incelemeleri yapmadığı veya sonuçlarını paylaşamadığı "
|
||||
"durumlarda normal yol olması beklenmektedir. OSSP tarafından bir güvenlik "
|
||||
"incelemesi gerektiren projeler için bilgi gelecek güvenlik inceleme "
|
||||
"sürecinde kullanıma açılacaktır."
|
||||
|
||||
msgid "Security reviews"
|
||||
msgstr "Güvenlik gözden geçirmeleri"
|
||||
|
||||
@@ -11222,16 +11111,16 @@ msgid ""
|
||||
"The Health Insurance Portability and Accountability Act (HIPAA) is a United "
|
||||
"States congressional act that governs the collection, storage, use and "
|
||||
"destruction of patient health records. The act states that Protected Health "
|
||||
"Information (PHI) must be rendered \"unusable, unreadable, or indecipherable"
|
||||
"\" to unauthorized persons and that encryption for data 'at-rest' and "
|
||||
"'inflight' should be addressed."
|
||||
"Information (PHI) must be rendered \"unusable, unreadable, or "
|
||||
"indecipherable\" to unauthorized persons and that encryption for data 'at-"
|
||||
"rest' and 'inflight' should be addressed."
|
||||
msgstr ""
|
||||
"Sağlık Sigortası Taşınabilirliği ve Hesap Verebilirlik Yasası (HIPAA), hasta "
|
||||
"sağlık kayıtlarının toplanmasını, depolanmasını, kullanılmasını ve tahrip "
|
||||
"edilmesini yöneten Birleşik Devletler Kongresi yasasıdır. Yasaya göre "
|
||||
"Korunan Sağlık Bilgisi (PHI), yetkisiz kişilere \"kullanılamaz, okunamıyor "
|
||||
"veya okunaksız hale getirilmelidir\" ve verilerin \"dinlenme\" ve \"uçuş için"
|
||||
"\" şifrelenmesi için ele alınmalıdır."
|
||||
"veya okunaksız hale getirilmelidir\" ve verilerin \"dinlenme\" ve \"uçuş "
|
||||
"için\" şifrelenmesi için ele alınmalıdır."
|
||||
|
||||
msgid "The IOMMU feature is marketed as VT-d by Intel and AMD-Vi by AMD."
|
||||
msgstr ""
|
||||
@@ -11627,29 +11516,6 @@ msgstr ""
|
||||
"denetimlerinin mümkün olmadığı karar verme için çatılar sağlamak üzere "
|
||||
"tasarlanmıştır."
|
||||
|
||||
msgid ""
|
||||
"The OpenStack Security Project (OSSP) has worked with the VMT to agree that "
|
||||
"an architectural review of the best practice deployment for a project is an "
|
||||
"appropriate form of security review, balancing the need for review with the "
|
||||
"resource requirements for a project of the scale of OpenStack. Security "
|
||||
"architecture review is also often referred to as *threat analysis*, "
|
||||
"*security analysis* or *threat modeling*. In the context of OpenStack "
|
||||
"security review, these terms are synonymous for an architectural security "
|
||||
"review which may identify defects in the design of a project or reference "
|
||||
"architecture, and may lead to further investigative work to verify parts of "
|
||||
"the implementation."
|
||||
msgstr ""
|
||||
"OpenStack Güvenlik Projesi (OSSP), OpenStack ölçeğinde bir proje için en iyi "
|
||||
"uygulama dağıtımının mimari bir incelemesinin, güvenlik incelemesinin uygun "
|
||||
"bir biçimi olduğuna ve bir ölçekli projenin kaynak gereksinimleriyle gözden "
|
||||
"geçirme gereksinimini dengelemesi konusunda VMT ile birlikte çalışmıştır. "
|
||||
"Güvenlik mimarisi incelemesine genellikle *tehdit analizi*, *güvenlik "
|
||||
"analizi* veya *tehdit modelleme* denir. OpenStack güvenlik incelemesi "
|
||||
"bağlamında, bu terimler, bir proje veya referans mimarisi tasarımındaki "
|
||||
"kusurları belirleyebilecek ve uygulamanın parçalarını doğrulamak için daha "
|
||||
"fazla araştırma çalışmalarına yol açabilecek mimari bir güvenlik incelemesi "
|
||||
"için eşanlamlıdır."
|
||||
|
||||
msgid ""
|
||||
"The OpenStack components are only a small fraction of the software in a "
|
||||
"cloud. It is important to keep up to date with all of these other "
|
||||
@@ -12610,24 +12476,6 @@ msgstr ""
|
||||
"bileşenlerdeki etkinliklere ek olarak yöneticilerin, kiracılardaki ve "
|
||||
"konukların günlük işlemlerine görünürlük sağlar."
|
||||
|
||||
msgid ""
|
||||
"The goal of security review in the OpenStack community is to identify "
|
||||
"weaknesses in design or implementation of OpenStack projects. While rare, "
|
||||
"these weaknesses could potentially have catastrophic effects on the security "
|
||||
"of an OpenStack deployment, and therefore work should be undertaken to "
|
||||
"minimize the likelihood of these defects in released projects. The OpenStack "
|
||||
"Security Project asserts that once a security review of a project has been "
|
||||
"completed, the following are known and documented:"
|
||||
msgstr ""
|
||||
"OpenStack topluluğunda güvenlik incelemesinin amacı, OpenStack projelerinin "
|
||||
"tasarımında veya uygulamasındaki zayıflıkları tespit etmektir. Nadiren de "
|
||||
"olsa, bu zayıflıklar bir OpenStack dağıtımının güvenliğinde felaket "
|
||||
"yaratacak etkilere sahip olabilir ve bu nedenle yayınlanan projelerdeki bu "
|
||||
"kusurların olasılığını en aza indirgemek için çalışmalar yapılmalıdır. "
|
||||
"OpenStack Güvenlik Projesi, bir projenin güvenlik incelemesinin "
|
||||
"tamamlanmasının ardından aşağıdakilerin bilinir ve belgelendirildiğini iddia "
|
||||
"eder:"
|
||||
|
||||
msgid ""
|
||||
"The importance of encrypting data on behalf of tenants is largely related to "
|
||||
"the risk assumed by a provider that an attacker could access tenant data. "
|
||||
@@ -13275,17 +13123,6 @@ msgstr ""
|
||||
"rehberliğin yanı sıra endüstri liderleri ve tedarikçilerinin tavsiyelerini "
|
||||
"almak isteyebilecekleri bir alandır."
|
||||
|
||||
msgid ""
|
||||
"There are many configuration management solutions; at the time of this "
|
||||
"writing there are two in the marketplace that are robust in their support of "
|
||||
"OpenStack environments: :term:`Chef` and :term:`Puppet`. A non-exhaustive "
|
||||
"listing of tools in this space is provided below:"
|
||||
msgstr ""
|
||||
"Birçok yapılandırma yönetimi çözümü vardır; Bu yazının yazıldığı tarihte, "
|
||||
"piyasada OpenStack ortamlarını destekleyen iki güçlü araç var: :term:"
|
||||
"`Puppet` ve :term:`Puppet`. Bu alandaki kapsamlı olmayan bir liste aşağıda "
|
||||
"sunulmuştur:"
|
||||
|
||||
msgid ""
|
||||
"There are no general provisions for granular control of database operations "
|
||||
"in OpenStack. Access and privileges are granted simply based on whether a "
|
||||
@@ -13339,13 +13176,6 @@ msgstr ""
|
||||
"Mimari sayfada bazı önemli bölümler bulunmaktadır. Bunlar aşağıda daha "
|
||||
"ayrıntılı olarak açıklanmıştır:"
|
||||
|
||||
msgid ""
|
||||
"There are two routes that an OpenStack project may take to complete a "
|
||||
"security review:"
|
||||
msgstr ""
|
||||
"Bir OpenStack projesinin bir güvenlik incelemesi tamamlayabileceği iki yol "
|
||||
"vardır:"
|
||||
|
||||
msgid "There are two types of SOC 1 reports:"
|
||||
msgstr "2 tür SOC 1 raporu vardır:"
|
||||
|
||||
@@ -14822,27 +14652,6 @@ msgstr ""
|
||||
"değerlendirmenizi ve burada tartışılan mimarilerden birini izlemenizi "
|
||||
"öneririz."
|
||||
|
||||
msgid ""
|
||||
"We recommend using a separate, isolated network within the management "
|
||||
"security domain for provisioning. This network will handle all PXE traffic, "
|
||||
"along with the subsequent boot stage downloads depicted above. Note that the "
|
||||
"node boot process begins with two insecure operations: DHCP and TFTP. Then "
|
||||
"the boot process uses TLS to download the remaining information required to "
|
||||
"deploy the node. This may be an operating system installer, a basic install "
|
||||
"managed by `Chef <https://www.chef.io/chef/>`__ or `Puppet <https://"
|
||||
"puppetlabs.com/>`__, or even a complete file system image that is written "
|
||||
"directly to disk."
|
||||
msgstr ""
|
||||
"Sağlama için yönetim güvenliği alanında ayrı bir izole edilmiş ağ "
|
||||
"kullanmanızı öneririz. Bu ağ, yukarıda tasvir edilen daha sonraki önyükleme "
|
||||
"aşaması yüklemeleri ile birlikte tüm PXE trafiğini işleyecektir. Düğüm "
|
||||
"önyükleme işleminin iki güvensiz işlemle başladığını unutmayın: DHCP ve "
|
||||
"TFTP. Daha sonra önyükleme işlemi, düğümü dağıtmak için gereken kalan "
|
||||
"bilgileri indirmek için TLS kullanır. Bu bir işletim sistemi yükleyicisi, "
|
||||
"`Chef <https://www.chef.io/chef/>`__ veya `Puppet <https://puppetlabs.com/"
|
||||
">`__ tarafından yönetilen temel bir kurulum veya doğrudan diske yazılan "
|
||||
"eksiksiz bir dosya sistemi imajı olabilir."
|
||||
|
||||
msgid ""
|
||||
"We recommend you disable filters that parse things that are provided by "
|
||||
"users or are able to be manipulated such as metadata."
|
||||
@@ -15938,11 +15747,6 @@ msgstr "`Oozie <https://oozie.apache.org>`_"
|
||||
msgid "`OpenSCAP <https://www.open-scap.org/>`_"
|
||||
msgstr "`OpenSCAP <https://www.open-scap.org/>`_"
|
||||
|
||||
msgid ""
|
||||
"`OpenSSL and FIPS 140-2 <http://www.openssl.org/docs/fips/fipsnotes.html>`_"
|
||||
msgstr ""
|
||||
"`OpenSSL ve FIPS 140-2 <http://www.openssl.org/docs/fips/fipsnotes.html>`_"
|
||||
|
||||
msgid "`Pig <https://pig.apache.org>`_"
|
||||
msgstr "`Pig <https://pig.apache.org>`_"
|
||||
|
||||
@@ -16016,12 +15820,12 @@ msgstr "`Tripwire <http://sourceforge.net/projects/tripwire/>`__"
|
||||
|
||||
msgid ""
|
||||
"`Trusted Security Principles <http://www.aicpa.org/interestareas/"
|
||||
"informationtechnology/resources/soc/trustservices/pages/trust%20services"
|
||||
"%20principles—an%20overview.aspx>`_"
|
||||
"informationtechnology/resources/soc/trustservices/pages/"
|
||||
"trust%20services%20principles—an%20overview.aspx>`_"
|
||||
msgstr ""
|
||||
"`Güvenilen Güvenlik Prensipleri <http://www.aicpa.org/interestareas/"
|
||||
"informationtechnology/resources/soc/trustservices/pages/trust%20services"
|
||||
"%20principles—an%20overview.aspx>`_"
|
||||
"informationtechnology/resources/soc/trustservices/pages/"
|
||||
"trust%20services%20principles—an%20overview.aspx>`_"
|
||||
|
||||
msgid ""
|
||||
"`U.S. NIST FIPS PUB 180-3 <http://csrc.nist.gov/publications/fips/fips180-3/"
|
||||
|
||||
Reference in New Issue
Block a user