update security framework documentation (#774)

docs/Security/Framework/Decentralized Application/Smart Contracts Security.md

@@ -10,25 +10,25 @@ are the core element of Ethereum Blockchain, unlike other software concepts it i
 ### Ownership
 Unlike traditional software management process Smart Contracts support the following technologically enforced ownership model:
 
-Single Ownership:
+**Single Ownership**:
 The contract has one owner who is responsible for the contract administration process. 
 
-Shared Custody Ownership:
+**Shared Custody Ownership**:
 Suitable for agreement between two or more parties in a network of N parties, where any party can unilaterally perform administrative action over the contract.
 
-Consortium Based Ownership:
+**Consortium Based Ownership**:
 Is a form of expanded Shared Custody Ownership that requires consensus over the administrative actions. 
 
 
 ### Security Patterns:
 
-**Checks-Effects-Interaction Pattern** Interacting with other contracts should always be the last step in contract function. It’s crucial that the current contract has finished its functionality before handling control to other contract and does not depend on the execution of the other contract. 
+**Checks-Effects-Interaction Pattern**: Interacting with other contracts should always be the last step in contract function. It’s crucial that the current contract has finished its functionality before handling control to other contract and does not depend on the execution of the other contract. 
 
-**Circuit Breaker** is logical emergency stop execution logic. Implementing emergency stops in logic of smart contract is a good security practice. A Circuit breaker can be triggered manually by trusted parties included in the contract like the contract owner or by using programmatic consensus rules that automatically trigger the circuit breaker when the defined conditions are met.
+**Circuit Breaker**: is logical emergency stop execution logic. Implementing emergency stops in logic of smart contract is a good security practice. A Circuit breaker can be triggered manually by trusted parties included in the contract like the contract owner or by using programmatic consensus rules that automatically trigger the circuit breaker when the defined conditions are met.
 
-**Rate Limit** smart contract function within a period of time allows better control of resources that can be abused.
+**Rate Limit**: smart contract function within a period of time allows better control of resources that can be abused.
 
-**Speed Bumps** introduces a delay in the action execution allowing a time to act if action is considered malicious. 
+**Speed Bumps**: introduces a delay in the action execution allowing a time to act if action is considered malicious. 
 
 
 ### Common Contract Vulnerabilities 

docs/Security/Framework/Quorum Network Security/Consortium.md

@@ -22,7 +22,7 @@ build a controls to minimize a risk, the activities that are expected to be perf
 
 ### Security Checklist
 
-!!! success "Use Byznatine fault tolerant consensus protocol in case nodes are managed by un-trusted participants"
+!!! success "Use Byzantine fault tolerant consensus protocol in case nodes are managed by un-trusted participants"
 
 !!! success "Consortium member should provide a reasonable network Service-Level Agreement (SLA)."
 

docs/Security/Framework/Quorum Network Security/Node.md

@@ -1,4 +1,4 @@
-**Quorum client** is a thick-client whose Private Transaction feature operation depends on a Transaction Manager Client that encrypts and decrypts 
+**Quorum Node**, aka Quorum Client, is a thick-client whose Private Transaction feature operation depends on a Transaction Manager Client that encrypts and decrypts 
 private transactions payload. Both Quorum client and its dependencies i.e, Transaction Manager, Peers, and Enclave use traditional TCP/UDP transport layer to communicate.  
 
 As any asset in a network its security depends on multiple elements  (E.g the security of the Host, Data, and Accounts). In Quorum it will be the security of 
@@ -10,7 +10,7 @@ Operating systems, software and services will have vulnerabilities. Quorum netwo
 
 ### Client Security 
 Quorum client instance exposes a JSON-Remote Procedure Call (RPC) interface through HTTP, Web Socket, or Inter-Process communication techniques. The JSON-RPC interfaces
-allows the remote interaction with the ledger features, and Smart Contracts. The JRPC interface must be secured in order to preserve the integrity of the ledger runtime.
+allows the remote interaction with the ledger features, and Smart Contracts. The JSON-RPC interface must be secured in order to preserve the integrity of the ledger runtime.
 
 Each client in the network must be uniquely identified. In Quorum this is done by using nodes identity. Node identity is represented through a public key/private key, where
 the public key identifies the node in the network. Quorum Smart Contract Permissioning models depends on nodes identity to authorize TCP level communication between nodes, as such securing 
@@ -31,7 +31,7 @@ preserve the Private key from compromise. In Ethereum Accounts Private keys are
 
 !!! success "Use Host Based Intrusion Detection System (HIDS) to monitoring Quorum node host."
 
-!!! success "Enable Host Based Firewall Rules that enforces network access to JRPC interface to only a preidentified, trusted and required systems."
+!!! success "Enable Host Based Firewall Rules that enforces network access to JSON-RPC interface to only a preidentified, trusted and required systems."
 
 !!! success "Implement a robust Patch Management Program, and always keep the host updated to latest stable version."
 
@@ -41,15 +41,15 @@ preserve the Private key from compromise. In Ethereum Accounts Private keys are
 
 #### Client
 
-!!! success "Enable Secure Transport Security (TLS) to encrypt all communications from/to JRPC interface to prevent data leakage and man in the middle attacks (MITM)."
+!!! success "Enable Secure Transport Security (TLS) to encrypt all communications from/to JSON-RPC interface to prevent data leakage and man in the middle attacks (MITM)."
 
-!!! success "Enable Quorum Enterprise JRPC authorization model to enforce atomic access controls to ledger modules functionalities (e.g personal.OpenWallet)."
+!!! success "Enable Quorum Enterprise JSON-RPC authorization model to enforce atomic access controls to ledger modules functionalities (e.g personal.OpenWallet)."
 
 !!! success "Implement a robust Patch Management Prgoram, and always keep the client updated to latest stable version."
 
 !!! success "Ensure Quorum client run configuration is not started with unlocked accounts options."
 
-!!! success "Ensure cross domain access of the JRPC interface is configured appropriately.  "
+!!! success "Ensure cross domain access of the JSON-RPC interface is configured appropriately.  "
 
 !!! success "Ensure peer discovery is appropriately set based on the consortium requirements."
 

docs/Security/Framework/Quorum Network Security/Transaction Manager.md

@@ -1,12 +1,11 @@
 ### Tessera 
-[Tessera](https://github.com/jpmorganchase/tessera/wiki) is Quorum's Transaction Manager.  Quorum privacy features depends on Tessera to Encrypt/Decrypt, and broadcast the orchestrations of a private transaction payload. 
+[Tessera](../../../../Privacy/Tessera/Tessera/) is Quorum's Transaction Manager.  Quorum privacy features depends on Tessera to Encrypt/Decrypt, and broadcast the orchestrations of a private transaction payload. 
 Tessera uses an enclave to perform the encryption/decryption of private transactions payload. The encryption keys should be stored in high secure environments such a hardware security module (HSM).
 Tessera communication with its dependencies (Enclave, Quorum node, Payload Storage Database, Secret Storage Service) must be secured. To ensure the privacy and authentication of the communication between Tessera the network must be configured to Certificate Based Mutual Authentication (MTLS).
 
 ### Encryption Keys
 Encryption keys is the most critical element of the privacy model, if the encryption key is compromised the network loses its privacy. Tessera support integration with Trusted Platform Modules (TPM) and Hardware Security Modules (HSM) to reduce surface attack and provide highly secure environment.
 
-
 ### Security Checklist 
     
 !!! success "Tessera should run in independent network segment in production"

mkdocs.yml

@@ -24,12 +24,12 @@ nav:
         - Raft: Consensus/raft.md
         - Istanbul: Consensus/istanbul-rpc-api.md
     - Transaction Processing: Transaction Processing/Transaction Processing.md
-    - Quorum Security Framework:
+    - Security Framework:
           - Overview: Security/Framework/Overview.md
           - Quorum Network:
             - Consortium: Security/Framework/Quorum Network Security/Consortium.md
             - Quorum Node: 
-                - Overview: Security/Framework/Quorum Network Security/Nodes.md
+                - Overview: Security/Framework/Quorum Network Security/Node.md
                 - Permissioning:
                     - Network Permissioning: Security/Framework/Quorum Network Security/Nodes/Permissioning/Network Permissioning.md
             - Transaction Manager: Security/Framework/Quorum Network Security/Transaction Manager.md