diff options
author | Bozawglanian, Hagop (hb755d) <hb755d@att.com> | 2018-09-06 17:51:05 +0000 |
---|---|---|
committer | Bozawglanian, Hagop (hb755d) <hb755d@att.com> | 2018-09-06 17:51:05 +0000 |
commit | 05dab0b4aed15917c7e7429465642e90cc10cb74 (patch) | |
tree | 57018b979e66ab1642922dd8b0b9785650685dfe /docs/Chapter4/Security.rst | |
parent | 39d9810e128474aa64b19375652893d1795d7cbe (diff) |
VNFRQTS - Removing Security Req Batch 4
Including cnages for VNFRQTS - 342, 355, 356, 359, 363, 364, 399, 410, 411
Issue-ID: VNFRQTS-342
Change-Id: I61f5409ce12b6d84f787d9c8d59390cd0faba94a
Signed-off-by: Bozawglanian, Hagop (hb755d) <hb755d@att.com>
Diffstat (limited to 'docs/Chapter4/Security.rst')
-rw-r--r-- | docs/Chapter4/Security.rst | 84 |
1 files changed, 0 insertions, 84 deletions
diff --git a/docs/Chapter4/Security.rst b/docs/Chapter4/Security.rst index a56643d..6503d0c 100644 --- a/docs/Chapter4/Security.rst +++ b/docs/Chapter4/Security.rst @@ -397,17 +397,6 @@ Identity and Access Management Requirements The VNF **MUST NOT** allow vendor access to VNFs remotely. .. req:: - :id: R-49945 - :target: VNF - :keyword: MUST - - The VNF **MUST** authorize VNF provider access through a - client application API by the client application owner and the resource - owner of the VNF before provisioning authorization through Role Based - Access Control (RBAC), Attribute Based Access Control (ABAC), or other - policy based mechanism. - -.. req:: :id: R-34552 :target: VNF :keyword: MUST @@ -428,15 +417,6 @@ Identity and Access Management Requirements uniquely identifies the individual performing the function. .. req:: - :id: R-85028 - :target: VNF - :keyword: MUST - - The VNF **MUST** authenticate system to system access and - do not conceal a VNF provider user's individual accountability for - transactions. - -.. req:: :id: R-80335 :target: VNF :keyword: MUST @@ -448,17 +428,6 @@ Identity and Access Management Requirements web site, system or application which requires authentication. .. req:: - :id: R-73541 - :target: VNF - :keyword: MUST - - The VNF **MUST** use access controls for VNFs and their - supporting computing systems at all times to restrict access to - authorized personnel only, e.g., least privilege. These controls - could include the use of system configuration or access control - software. - -.. req:: :id: R-64503 :target: VNF :keyword: MUST @@ -475,15 +444,6 @@ Identity and Access Management Requirements to sensitive commands and data to deny authorization. .. req:: - :id: R-77157 - :target: VNF - :keyword: MUST - - The VNF **MUST** conform to approved request, workflow - authorization, and authorization provisioning requirements when - creating privileged users. - -.. req:: :id: R-81147 :target: VNF :keyword: MUST @@ -518,16 +478,6 @@ Identity and Access Management Requirements to restrict access to VNF functions and data to authorized entities. .. req:: - :id: R-89753 - :target: VNF - :keyword: MUST NOT - - The VNF **MUST NOT** install or use systems, tools or - utilities capable of capturing or logging data that was not created - by them or sent specifically to them in production, without - authorization of the VNF system owner. - -.. req:: :id: R-19082 :target: VNF :keyword: MUST NOT @@ -537,14 +487,6 @@ Identity and Access Management Requirements in production, without authorization of the VNF system owner. .. req:: - :id: R-19790 - :target: VNF - :keyword: MUST NOT - - The VNF **MUST NOT** include authentication credentials - in security audit logs, even if encrypted. - -.. req:: :id: R-85419 :target: VNF :keyword: SHOULD @@ -576,15 +518,6 @@ security requirements: API Requirements - -.. req:: - :id: R-37608 - :target: VNF - :keyword: MUST - - The VNF **MUST** provide a mechanism to restrict access based - on the attributes of the VNF and the attributes of the subject. - .. req:: :id: R-43884 :target: VNF @@ -595,15 +528,6 @@ API Requirements authorization services (e.g., IDAM). .. req:: - :id: R-25878 - :target: VNF - :keyword: MUST - - The VNF **MUST** use certificates issued from publicly - recognized Certificate Authorities (CA) for the authentication process - where PKI-based authentication is used. - -.. req:: :id: R-19804 :target: VNF :keyword: MUST @@ -1013,14 +937,6 @@ Security Analytics Requirements to Security Analytics Tools for analysis. .. req:: - :id: R-19219 - :target: VNF - :keyword: MUST - - The VNF **MUST** provide audit logs that include user ID, dates, - times for log-on and log-off, and terminal location at minimum. - -.. req:: :id: R-30932 :target: VNF :keyword: MUST |