summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--docs/Chapter4/Security.rst62
-rw-r--r--docs/data/needs.json200
2 files changed, 2 insertions, 260 deletions
diff --git a/docs/Chapter4/Security.rst b/docs/Chapter4/Security.rst
index aafc1da..8fee063 100644
--- a/docs/Chapter4/Security.rst
+++ b/docs/Chapter4/Security.rst
@@ -169,25 +169,6 @@ the product’s lifecycle.
routing and forwarding rules.
.. req::
- :id: R-26586
- :target: VNF
- :keyword: SHOULD
-
- The VNF **SHOULD** support the ability to work with aliases
- (e.g., gateways, proxies) to protect and encapsulate resources.
-
-.. req::
- :id: R-49956
- :target: VNF
- :keyword: MUST
-
- The VNF **MUST** pass all access to applications (Bearer,
- signaling and OA&M) through various security tools and platforms from
- ACLs, stateful firewalls and application layer gateways depending on
- manner of deployment. The application is expected to function (and in
- some cases, interwork) with these security tools.
-
-.. req::
:id: R-69649
:target: VNF
:keyword: MUST
@@ -215,17 +196,6 @@ the product’s lifecycle.
functions.
.. req::
- :id: R-68589
- :target: VNF
- :keyword: MUST
-
- The VNF **MUST**, if not using the NCSP's IDAM API, support
- User-IDs and passwords to uniquely identify the user/application. VNF
- needs to have appropriate connectors to the Identity, Authentication
- and Authorization systems that enables access at OS, Database and
- Application levels as appropriate.
-
-.. req::
:id: R-62498
:target: VNF
:keyword: MUST
@@ -343,28 +313,6 @@ management need to be met by the solution in a virtual environment:
Identity and Access Management Requirements
-
-.. req::
- :id: R-95105
- :target: VNF
- :keyword: MUST
-
- The VNF **MUST** host connectors for access to the application layer.
-
-.. req::
- :id: R-45496
- :target: VNF
- :keyword: MUST
-
- The VNF **MUST** host connectors for access to the OS (Operating System) layer.
-
-.. req::
- :id: R-05470
- :target: VNF
- :keyword: MUST
-
- The VNF **MUST** host connectors for access to the database layer.
-
.. req::
:id: R-99174
:target: VNF
@@ -513,16 +461,6 @@ API Requirements
authorization services (e.g., IDAM).
.. req::
- :id: R-19804
- :target: VNF
- :keyword: MUST
-
- The VNF **MUST** validate the CA signature on the certificate,
- ensure that the date is within the validity period of the certificate,
- check the Certificate Revocation List (CRL), and recognize the identity
- represented by the certificate where PKI-based authentication is used.
-
-.. req::
:id: R-33488
:target: VNF
:keyword: MUST
diff --git a/docs/data/needs.json b/docs/data/needs.json
index 5dec207..54b7d00 100644
--- a/docs/data/needs.json
+++ b/docs/data/needs.json
@@ -1,5 +1,5 @@
{
- "created": "2018-09-11T09:20:30.974204",
+ "created": "2018-09-12T16:27:21.368274",
"current_version": "casablanca",
"project": "",
"versions": {
@@ -21858,7 +21858,7 @@
"needs_amount": 750
},
"casablanca": {
- "created": "2018-09-11T09:20:30.974191",
+ "created": "2018-09-12T16:27:21.368212",
"needs": {
"R-00011": {
"description": "A VNF's Heat Orchestration Template's parameter defined\nin a nested YAML file\n**MUST NOT** have a parameter constraint defined.",
@@ -23055,34 +23055,6 @@
"validated_by": "",
"validation_mode": ""
},
- "R-05470": {
- "description": "The VNF **MUST** host connectors for access to the database layer.",
- "full_title": "",
- "hide_links": "",
- "id": "R-05470",
- "impacts": "",
- "introduced": "",
- "keyword": "MUST",
- "links": [],
- "notes": "",
- "section_name": "VNF Identity and Access Management Requirements",
- "sections": [
- "VNF Identity and Access Management Requirements",
- "VNF Security"
- ],
- "status": null,
- "tags": [],
- "target": "VNF",
- "test": "",
- "test_case": "",
- "test_file": "",
- "title": "",
- "title_from_content": "",
- "type_name": "Requirement",
- "updated": "",
- "validated_by": "",
- "validation_mode": ""
- },
"R-06327": {
"description": "The VNF **MUST** respond to a \"drain VNFC\" [#4.5.2]_ command against\na specific VNFC, preventing new session from reaching the targeted VNFC,\nwith no disruption to active sessions on the impacted VNFC, if a VNF\nprovides a load balancing function across multiple instances of its VNFCs.\nThis is used to support scenarios such as proactive maintenance with no\nuser impact.",
"full_title": "",
@@ -25570,34 +25542,6 @@
"validated_by": "",
"validation_mode": ""
},
- "R-19804": {
- "description": "The VNF **MUST** validate the CA signature on the certificate,\nensure that the date is within the validity period of the certificate,\ncheck the Certificate Revocation List (CRL), and recognize the identity\nrepresented by the certificate where PKI-based authentication is used.",
- "full_title": "",
- "hide_links": "",
- "id": "R-19804",
- "impacts": "",
- "introduced": "",
- "keyword": "MUST",
- "links": [],
- "notes": "",
- "section_name": "VNF API Security Requirements",
- "sections": [
- "VNF API Security Requirements",
- "VNF Security"
- ],
- "status": null,
- "tags": [],
- "target": "VNF",
- "test": "",
- "test_case": "",
- "test_file": "",
- "title": "",
- "title_from_content": "",
- "type_name": "Requirement",
- "updated": "",
- "validated_by": "",
- "validation_mode": ""
- },
"R-19922": {
"description": "The xNF **MUST** support ONAP Controller's **UpgradePrecheck** command.",
"full_title": "",
@@ -27305,34 +27249,6 @@
"validated_by": "",
"validation_mode": ""
},
- "R-26586": {
- "description": "The VNF **SHOULD** support the ability to work with aliases\n(e.g., gateways, proxies) to protect and encapsulate resources.",
- "full_title": "",
- "hide_links": "",
- "id": "R-26586",
- "impacts": "",
- "introduced": "",
- "keyword": "SHOULD",
- "links": [],
- "notes": "",
- "section_name": "VNF General Security Requirements",
- "sections": [
- "VNF General Security Requirements",
- "VNF Security"
- ],
- "status": null,
- "tags": [],
- "target": "VNF",
- "test": "",
- "test_case": "",
- "test_file": "",
- "title": "",
- "title_from_content": "",
- "type_name": "Requirement",
- "updated": "",
- "validated_by": "",
- "validation_mode": ""
- },
"R-26881": {
"description": "The xNF provider **MUST** provide the binaries and images\nneeded to instantiate the xNF (xNF and VNFC images).",
"full_title": "",
@@ -31459,34 +31375,6 @@
"validated_by": "",
"validation_mode": ""
},
- "R-45496": {
- "description": "The VNF **MUST** host connectors for access to the OS (Operating System) layer.",
- "full_title": "",
- "hide_links": "",
- "id": "R-45496",
- "impacts": "",
- "introduced": "",
- "keyword": "MUST",
- "links": [],
- "notes": "",
- "section_name": "VNF Identity and Access Management Requirements",
- "sections": [
- "VNF Identity and Access Management Requirements",
- "VNF Security"
- ],
- "status": null,
- "tags": [],
- "target": "VNF",
- "test": "",
- "test_case": "",
- "test_file": "",
- "title": "",
- "title_from_content": "",
- "type_name": "Requirement",
- "updated": "",
- "validated_by": "",
- "validation_mode": ""
- },
"R-45602": {
"description": "If a VNF's Port is attached to a network (internal or external)\nand the port's IP addresses are Cloud Assigned by OpenStack's DHCP\nService, the 'OS::Neutron::Port' Resource's\n\n * property 'fixed_ips' map property 'ip_address' **MUST NOT** be used\n * property 'fixed_ips' map property 'subnet'/'subnet_id' **MAY** be used",
"full_title": "",
@@ -32571,34 +32459,6 @@
"validated_by": "",
"validation_mode": ""
},
- "R-49956": {
- "description": "The VNF **MUST** pass all access to applications (Bearer,\nsignaling and OA&M) through various security tools and platforms from\nACLs, stateful firewalls and application layer gateways depending on\nmanner of deployment. The application is expected to function (and in\nsome cases, interwork) with these security tools.",
- "full_title": "",
- "hide_links": "",
- "id": "R-49956",
- "impacts": "",
- "introduced": "",
- "keyword": "MUST",
- "links": [],
- "notes": "",
- "section_name": "VNF General Security Requirements",
- "sections": [
- "VNF General Security Requirements",
- "VNF Security"
- ],
- "status": null,
- "tags": [],
- "target": "VNF",
- "test": "",
- "test_case": "",
- "test_file": "",
- "title": "",
- "title_from_content": "",
- "type_name": "Requirement",
- "updated": "",
- "validated_by": "",
- "validation_mode": ""
- },
"R-50011": {
"description": "A VNF's Heat Orchestration Template's 'OS::Heat::ResourceGroup'\nproperty 'count' **MUST** be enumerated in the VNF's\nHeat Orchestration Template's Environment File and **MUST** be\nassigned a value.",
"full_title": "",
@@ -35900,34 +35760,6 @@
"validated_by": "",
"validation_mode": ""
},
- "R-68589": {
- "description": "The VNF **MUST**, if not using the NCSP's IDAM API, support\nUser-IDs and passwords to uniquely identify the user/application. VNF\nneeds to have appropriate connectors to the Identity, Authentication\nand Authorization systems that enables access at OS, Database and\nApplication levels as appropriate.",
- "full_title": "",
- "hide_links": "",
- "id": "R-68589",
- "impacts": "",
- "introduced": "",
- "keyword": "MUST",
- "links": [],
- "notes": "",
- "section_name": "VNF General Security Requirements",
- "sections": [
- "VNF General Security Requirements",
- "VNF Security"
- ],
- "status": null,
- "tags": [],
- "target": "VNF",
- "test": "",
- "test_case": "",
- "test_file": "",
- "title": "",
- "title_from_content": "",
- "type_name": "Requirement",
- "updated": "",
- "validated_by": "",
- "validation_mode": ""
- },
"R-68936": {
"description": "When a VNF creates an internal network, a network role, referred to\nas the '{network-role}' **MUST** be assigned to the internal network for\nuse in the VNF's Heat Orchestration Template.",
"full_title": "",
@@ -41241,34 +41073,6 @@
"validated_by": "",
"validation_mode": ""
},
- "R-95105": {
- "description": "The VNF **MUST** host connectors for access to the application layer.",
- "full_title": "",
- "hide_links": "",
- "id": "R-95105",
- "impacts": "",
- "introduced": "",
- "keyword": "MUST",
- "links": [],
- "notes": "",
- "section_name": "VNF Identity and Access Management Requirements",
- "sections": [
- "VNF Identity and Access Management Requirements",
- "VNF Security"
- ],
- "status": null,
- "tags": [],
- "target": "VNF",
- "test": "",
- "test_case": "",
- "test_file": "",
- "title": "",
- "title_from_content": "",
- "type_name": "Requirement",
- "updated": "",
- "validated_by": "",
- "validation_mode": ""
- },
"R-95303": {
"description": "A VNF's Heat Orchestration Template **MUST** be defined using valid YAML.",
"full_title": "",