Security/B2G/Team responsibilities
From MozillaWiki
Firefox OS Security Team Responsibilities
Security Assurance
Ensure security throughout OS development lifecycle
- Embedding/team support/security guidance
- Catching security oversights
- Identifying and promoting good security practices (consistency, patterns and practices)
- Closing the bug loop, pushing security bugs to resolution
Security Improvement
Drive security improvements to support evolving device and app requirements, and to bring us to parity with other mobile platforms
- Update Firefox OS Application security model to address emerging APIs, use cases and threats
- Coordinate between platform & B2G teams on security feature development
- Contribute patches for minor security improvements
- Coordinating/encouraging community security contributions
- Drive development of new security features (e.g. sandboxing, crypto support)
Ecosystem Security
Empower community to help secure Firefox OS
- Improve effectiveness and scalability of Marketplace security review process
- Provide security guidance to developers & reviewers (e.g MDN documentation)
- Development of tools for app developers & reviewers
- App security incident response (vulnerable or malicious apps)
Partner Security Program
Help and monitor partners to ensure our users are protected
- Work with partners to ensure security of vendor modifications & co-ordinate security updates
- Enforce security through partner certification program
- Security incident response, management, and partner fix coordination