VNFRQTS - Removing Security Req Batch 4

Including cnages for VNFRQTS - 342, 355, 356, 359, 363, 364, 399, 410, 411 Issue-ID: VNFRQTS-342 Change-Id: I61f5409ce12b6d84f787d9c8d59390cd0faba94a Signed-off-by: Bozawglanian, Hagop (hb755d) <hb755d@att.com>
author: Bozawglanian, Hagop (hb755d) <hb755d@att.com> 2018-09-06 17:51:05 +0000
committer: Bozawglanian, Hagop (hb755d) <hb755d@att.com> 2018-09-06 17:51:05 +0000
commit: 05dab0b4aed15917c7e7429465642e90cc10cb74 (patch)
tree: 57018b979e66ab1642922dd8b0b9785650685dfe /docs/Chapter4/Security.rst
parent: 39d9810e128474aa64b19375652893d1795d7cbe (diff)
1 files changed, 0 insertions, 84 deletions
diff --git a/docs/Chapter4/Security.rst b/docs/Chapter4/Security.rst
index a56643d..6503d0c 100644
--- a/docs/Chapter4/Security.rst
+++ b/docs/Chapter4/Security.rst
@@ -397,17 +397,6 @@ Identity and Access Management Requirements
     The VNF **MUST NOT** allow vendor access to VNFs remotely.
 
 .. req::
-    :id: R-49945
-    :target: VNF
-    :keyword: MUST
-
-    The VNF **MUST** authorize VNF provider access through a
-    client application API by the client application owner and the resource
-    owner of the VNF before provisioning authorization through Role Based
-    Access Control (RBAC), Attribute Based Access Control (ABAC), or other
-    policy based mechanism.
-
-.. req::
     :id: R-34552
     :target: VNF
     :keyword: MUST
@@ -428,15 +417,6 @@ Identity and Access Management Requirements
     uniquely identifies the individual performing the function.
 
 .. req::
-    :id: R-85028
-    :target: VNF
-    :keyword: MUST
-
-    The VNF **MUST** authenticate system to system access and
-    do not conceal a VNF provider user's individual accountability for
-    transactions.
-
-.. req::
     :id: R-80335
     :target: VNF
     :keyword: MUST
@@ -448,17 +428,6 @@ Identity and Access Management Requirements
     web site, system or application which requires authentication.
 
 .. req::
-    :id: R-73541
-    :target: VNF
-    :keyword: MUST
-
-    The VNF **MUST** use access controls for VNFs and their
-    supporting computing systems at all times to restrict access to
-    authorized personnel only, e.g., least privilege. These controls
-    could include the use of system configuration or access control
-    software.
-
-.. req::
     :id: R-64503
     :target: VNF
     :keyword: MUST
@@ -475,15 +444,6 @@ Identity and Access Management Requirements
     to sensitive commands and data to deny authorization.
 
 .. req::
-    :id: R-77157
-    :target: VNF
-    :keyword: MUST
-
-    The VNF **MUST** conform to approved request, workflow
-    authorization, and authorization provisioning requirements when
-    creating privileged users.
-
-.. req::
     :id: R-81147
     :target: VNF
     :keyword: MUST
@@ -518,16 +478,6 @@ Identity and Access Management Requirements
     to restrict access to VNF functions and data to authorized entities.
 
 .. req::
-    :id: R-89753
-    :target: VNF
-    :keyword: MUST NOT
-
-    The VNF **MUST NOT** install or use systems, tools or
-    utilities capable of capturing or logging data that was not created
-    by them or sent specifically to them in production, without
-    authorization of the VNF system owner.
-
-.. req::
     :id: R-19082
     :target: VNF
     :keyword: MUST NOT
@@ -537,14 +487,6 @@ Identity and Access Management Requirements
     in production, without authorization of the VNF system owner.
 
 .. req::
-    :id: R-19790
-    :target: VNF
-    :keyword: MUST NOT
-
-    The VNF **MUST NOT** include authentication credentials
-    in security audit logs, even if encrypted.
-
-.. req::
     :id: R-85419
     :target: VNF
     :keyword: SHOULD
@@ -576,15 +518,6 @@ security requirements:
 
 API Requirements
 
-
-.. req::
-    :id: R-37608
-    :target: VNF
-    :keyword: MUST
-
-    The VNF **MUST** provide a mechanism to restrict access based
-    on the attributes of the VNF and the attributes of the subject.
-
 .. req::
     :id: R-43884
     :target: VNF
@@ -595,15 +528,6 @@ API Requirements
     authorization services (e.g., IDAM).
 
 .. req::
-    :id: R-25878
-    :target: VNF
-    :keyword: MUST
-
-    The VNF **MUST** use certificates issued from publicly
-    recognized Certificate Authorities (CA) for the authentication process
-    where PKI-based authentication is used.
-
-.. req::
     :id: R-19804
     :target: VNF
     :keyword: MUST
@@ -1013,14 +937,6 @@ Security Analytics Requirements
     to Security Analytics Tools for analysis.
 
 .. req::
-    :id: R-19219
-    :target: VNF
-    :keyword: MUST
-
-    The VNF **MUST** provide audit logs that include user ID, dates,
-    times for log-on and log-off, and terminal location at minimum.
-
-.. req::
     :id: R-30932
     :target: VNF
     :keyword: MUST
author	Bozawglanian, Hagop (hb755d) <hb755d@att.com>	2018-09-06 17:51:05 +0000
committer	Bozawglanian, Hagop (hb755d) <hb755d@att.com>	2018-09-06 17:51:05 +0000
commit	05dab0b4aed15917c7e7429465642e90cc10cb74 (patch)
tree	57018b979e66ab1642922dd8b0b9785650685dfe /docs/Chapter4/Security.rst
parent	39d9810e128474aa64b19375652893d1795d7cbe (diff)