VNFRQTS - Reword Security Req SECCOM 2

Contains changes for VNFRQTS-360, 383, 386, 401, 381 Issue-ID: VNFRQTS-360 Change-Id: I38c9857290c0488cd66ba54670c81c8cde100636 Signed-off-by: Bozawglanian, Hagop (hb755d) <hagop.bozawglanian@att.com>
author: Bozawglanian, Hagop (hb755d) <hagop.bozawglanian@att.com> 2018-10-29 20:20:14 +0000
committer: Bozawglanian, Hagop (hb755d) <hagop.bozawglanian@att.com> 2018-10-29 20:20:14 +0000
commit: 0effc05550d4cdaf94fe6c921a7c11ae9d3f41bc (patch)
tree: 83df7d76b2dcc5540e0d07ffd97de220c6b2277f /docs/Chapter4/Security.rst
parent: 454be43060ce9e5d00ec60f990887a76df067297 (diff)
1 files changed, 16 insertions, 11 deletions
diff --git a/docs/Chapter4/Security.rst b/docs/Chapter4/Security.rst
index 114772b..f075d65 100644
--- a/docs/Chapter4/Security.rst
+++ b/docs/Chapter4/Security.rst
@@ -314,11 +314,13 @@ Identity and Access Management Requirements
     :id: R-81147
     :target: VNF
     :keyword: MUST
+    :updated: casablanca
 
-    The VNF **MUST** have greater restrictions for access and
-    execution, such as up to 3 factors of authentication and restricted
-    authorization, for commands affecting network services, such as
-    commands relating to VNFs.
+    The VNF **MUST** support strong authentication, also known as
+    multifactor authentication, on all protected interfaces exposed by the
+    VNF for use by human users. Strong authentication uses at least two of the
+    three different types of authentication factors in order to prove the
+    claimed identity of a user.
 
 .. req::
     :id: R-39562
@@ -552,9 +554,11 @@ Security Analytics Requirements
     :id: R-22367
     :target: VNF
     :keyword: MUST
+    :updated: casablanca
 
-    The VNF **MUST** support detection of malformed packets due to
-    software misconfiguration or software vulnerability.
+    The VNF **MUST** support detection of malformed packets due to software
+    misconfiguration or software vulnerability, and generate an error to the
+    syslog console facility.
 
 .. req::
     :id: R-73223
@@ -570,11 +574,11 @@ Security Analytics Requirements
 .. req::
     :id: R-58370
     :target: VNF
-    :keyword: MUST
+    :keyword: SHOULD
     :updated: casablanca
 
-    The VNF **MUST** operate with anti-virus software which produces
-    alarms every time a virus is detected.
+    The VNF **SHOULD** operate with anti-virus software which produces alarms
+    every time a virus is detected.
 
 .. req::
     :id: R-56920
@@ -813,9 +817,10 @@ Security Analytics Requirements
     :id: R-54816
     :target: VNF
     :keyword: MUST
+    :updated: casablanca
 
-    The VNF **MUST** support the storage of security audit logs
-    for agreed period of time for forensic analysis.
+    The VNF **MUST** support the storage of security audit logs for a
+    configurable period of time.
 
 .. req::
     :id: R-84160
author	Bozawglanian, Hagop (hb755d) <hagop.bozawglanian@att.com>	2018-10-29 20:20:14 +0000
committer	Bozawglanian, Hagop (hb755d) <hagop.bozawglanian@att.com>	2018-10-29 20:20:14 +0000
commit	0effc05550d4cdaf94fe6c921a7c11ae9d3f41bc (patch)
tree	83df7d76b2dcc5540e0d07ffd97de220c6b2277f /docs/Chapter4/Security.rst
parent	454be43060ce9e5d00ec60f990887a76df067297 (diff)