summaryrefslogtreecommitdiffstats
path: root/docs/Chapter4
diff options
context:
space:
mode:
authorBozawglanian, Hagop (hb755d) <hb755d@att.com>2018-09-05 20:07:54 +0000
committerBozawglanian, Hagop (hb755d) <hb755d@att.com>2018-09-05 20:07:54 +0000
commit75fe466ce21fb3c5142bdaf70585d982af1c1b51 (patch)
treee9a2a63163ab7ab3807a6242f73ae0b3d24c982a /docs/Chapter4
parent0532218b13e428bc518768e51d747bdcf603e30d (diff)
VNFRQTS - Rewording Security Req Batch 4
Including changes for VNFRQTS - 365, 381, 387, 389, 390, 391, 392, 393, 394, 395 Issue-ID: VNFRQTS-365 Change-Id: Ifdabab1a0b832dce05ec4f53242a911233c4c78a Signed-off-by: Bozawglanian, Hagop (hb755d) <hb755d@att.com>
Diffstat (limited to 'docs/Chapter4')
-rw-r--r--docs/Chapter4/Security.rst51
1 files changed, 30 insertions, 21 deletions
diff --git a/docs/Chapter4/Security.rst b/docs/Chapter4/Security.rst
index 375e429..3899c8b 100644
--- a/docs/Chapter4/Security.rst
+++ b/docs/Chapter4/Security.rst
@@ -548,11 +548,10 @@ Identity and Access Management Requirements
:id: R-85419
:target: VNF
:keyword: SHOULD
+ :updated: casablanca
- The VNF **SHOULD** use REST APIs exposed to Client
- Applications for the implementation of OAuth 2.0 Authorization
- Code Grant and Client Credentials Grant, as the standard interface
- for a VNF.
+ The VNF **SHOULD** support OAuth 2.0 authorization using an external
+ Authorization Server.
.. req::
:id: R-48080
@@ -589,10 +588,11 @@ API Requirements
.. req::
:id: R-43884
:target: VNF
- :keyword: MUST
+ :keyword: SHOULD
+ :updated: casablanca
- The VNF **MUST** integrate with external authentication
- and authorization services (e.g., IDAM).
+ The VNF **SHOULD** integrate with the Operator's authentication and
+ authorization services (e.g., IDAM).
.. req::
:id: R-25878
@@ -855,8 +855,12 @@ Security Analytics Requirements
:id: R-54520
:target: VNF
:keyword: MUST
+ :updated: casablanca
- The VNF **MUST** log successful and unsuccessful login attempts.
+ The VNF **MUST** log successful and unsuccessful authentication
+ attempts, e.g., authentication associated with a transaction,
+ authentication to create a session, authentication to assume elevated
+ privilege.
.. req::
:id: R-55478
@@ -884,16 +888,18 @@ Security Analytics Requirements
:id: R-07617
:target: VNF
:keyword: MUST
+ :updated: casablanca
- The VNF **MUST** log creating, removing, or changing the
- inherent privilege level of users.
+ The VNF **MUST** log success and unsuccessful creation, removal, or
+ change to the inherent privilege level of users.
.. req::
:id: R-94525
:target: VNF
:keyword: MUST
+ :updated: casablanca
- The VNF **MUST** log connections to a network listener of the
+ The VNF **MUST** log connections to the network listeners of the
resource.
.. req::
@@ -954,11 +960,10 @@ Security Analytics Requirements
:id: R-63330
:target: VNF
:keyword: MUST
+ :updated: casablanca
- The VNF **MUST** detect when the security audit log storage
- medium is approaching capacity (configurable) and issue an alarm via
- SMS or equivalent as to allow time for proper actions to be taken to
- pre-empt loss of audit data.
+ The VNF **MUST** detect when its security audit log storage
+ medium is approaching capacity (configurable) and issue an alarm.
.. req::
:id: R-41252
@@ -972,27 +977,30 @@ Security Analytics Requirements
:id: R-41825
:target: VNF
:keyword: MUST
+ :updated: casablanca
The VNF **MUST** activate security alarms automatically when
- the following event is detected: configurable number of consecutive
- unsuccessful login attempts.
+ a configurable number of consecutive unsuccessful login attempts
+ is reached.
.. req::
:id: R-43332
:target: VNF
:keyword: MUST
+ :updated: casablanca
The VNF **MUST** activate security alarms automatically when
- the following event is detected: successful modification of critical
- system or application files.
+ it detects the successful modification of a critical system or
+ application file.
.. req::
:id: R-74958
:target: VNF
:keyword: MUST
+ :updated: casablanca
The VNF **MUST** activate security alarms automatically when
- the following event is detected: unsuccessful attempts to gain permissions
+ it detects an unsuccessful attempt to gain permissions
or assume the identity of another user.
.. req::
@@ -1039,9 +1047,10 @@ Security Analytics Requirements
:id: R-29705
:target: VNF
:keyword: MUST
+ :updated: casablanca
The VNF **MUST** restrict changing the criticality level of a
- system security alarm to administrator(s).
+ system security alarm to users with administrative privileges.
.. req::
:id: R-13627