summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--docs/Chapter4/Security.rst28
-rw-r--r--docs/data/needs.json24
2 files changed, 26 insertions, 26 deletions
diff --git a/docs/Chapter4/Security.rst b/docs/Chapter4/Security.rst
index 5c4b6fe..7197e7c 100644
--- a/docs/Chapter4/Security.rst
+++ b/docs/Chapter4/Security.rst
@@ -80,12 +80,10 @@ the product’s lifecycle.
:id: R-23740
:target: VNF
:keyword: MUST
+ :updated: casablanca
- The VNF **MUST** accommodate the security principle of
- "least privilege" during development, implementation and operation.
- The importance of "least privilege" cannot be overstated and must be
- observed in all aspects of VNF development and not limited to security.
- This is applicable to all sections of this document.
+ The VNF **MUST** implement and enforce the principle of least privilege
+ on all protected interfaces.
.. req::
:id: R-61354
@@ -161,10 +159,10 @@ the product’s lifecycle.
:id: R-19768
:target: VNF
:keyword: SHOULD
+ :updated: casablanca
- The VNF **SHOULD** support L3 VPNs that enable segregation of
- traffic by application (dropping packets not belonging to the VPN) (i.e.,
- AVPN, IPSec VPN for Internet routes).
+ The VNF **SHOULD** support Layer 3 VPNs that enable segregation of
+ traffic by application (i.e., AVPN, IPSec VPN for Internet routes).
.. req::
:id: R-33981
@@ -179,9 +177,10 @@ the product’s lifecycle.
:id: R-40813
:target: VNF
:keyword: SHOULD
+ :updated: casablanca
The VNF **SHOULD** support the use of virtual trusted platform
- module, hypervisor security testing and standards scanning tools.
+ module.
.. req::
:id: R-56904
@@ -280,9 +279,10 @@ the product’s lifecycle.
:id: R-62498
:target: VNF
:keyword: MUST
+ :updated: casablanca
- The VNF **MUST**, if not using the NCSPs IDAM API, encrypt
- OA&M access (e.g., SSH, SFTP).
+ The VNF **MUST** support encrypted access protocols, e.g., TLS,
+ SSH, SFTP.
.. req::
:id: R-79107
@@ -406,10 +406,10 @@ Identity and Access Management Requirements
:id: R-99174
:target: VNF
:keyword: MUST
+ :updated: casablanca
- The VNF **MUST** comply with Individual Accountability
- (each person must be assigned a unique ID) when persons or non-person
- entities access VNFs.
+ The VNF **MUST** allow the creation of multiple IDs so that
+ individual accountability can be supported.
.. req::
:id: R-42874
diff --git a/docs/data/needs.json b/docs/data/needs.json
index ef1c234..f564e73 100644
--- a/docs/data/needs.json
+++ b/docs/data/needs.json
@@ -1,10 +1,10 @@
{
- "created": "2018-08-30T17:31:35.004923",
+ "created": "2018-08-30T21:56:21.449389",
"current_version": "casablanca",
"project": "",
"versions": {
"casablanca": {
- "created": "2018-08-30T17:31:35.004799",
+ "created": "2018-08-30T21:56:21.449234",
"needs": {
"R-00011": {
"description": "A VNF's Heat Orchestration Template's Nested YAML files\nparameter's **MUST NOT** have a parameter constraint defined.",
@@ -3944,7 +3944,7 @@
"validation_mode": ""
},
"R-19768": {
- "description": "The VNF **SHOULD** support L3 VPNs that enable segregation of\ntraffic by application (dropping packets not belonging to the VPN) (i.e.,\nAVPN, IPSec VPN for Internet routes).",
+ "description": "The VNF **SHOULD** support Layer 3 VPNs that enable segregation of\ntraffic by application (i.e., AVPN, IPSec VPN for Internet routes).",
"full_title": "",
"hide_links": "",
"id": "R-19768",
@@ -3967,7 +3967,7 @@
"title": "",
"title_from_content": "",
"type_name": "Requirement",
- "updated": "",
+ "updated": "casablanca",
"validated_by": "",
"validation_mode": ""
},
@@ -5248,7 +5248,7 @@
"validation_mode": ""
},
"R-23740": {
- "description": "The VNF **MUST** accommodate the security principle of\n\"least privilege\" during development, implementation and operation.\nThe importance of \"least privilege\" cannot be overstated and must be\nobserved in all aspects of VNF development and not limited to security.\nThis is applicable to all sections of this document.",
+ "description": "The VNF **MUST** implement and enforce the principle of least privilege\non all protected interfaces.",
"full_title": "",
"hide_links": "",
"id": "R-23740",
@@ -5271,7 +5271,7 @@
"title": "",
"title_from_content": "",
"type_name": "Requirement",
- "updated": "",
+ "updated": "casablanca",
"validated_by": "",
"validation_mode": ""
},
@@ -9087,7 +9087,7 @@
"validation_mode": ""
},
"R-40813": {
- "description": "The VNF **SHOULD** support the use of virtual trusted platform\nmodule, hypervisor security testing and standards scanning tools.",
+ "description": "The VNF **SHOULD** support the use of virtual trusted platform\nmodule.",
"full_title": "",
"hide_links": "",
"id": "R-40813",
@@ -9110,7 +9110,7 @@
"title": "",
"title_from_content": "",
"type_name": "Requirement",
- "updated": "",
+ "updated": "casablanca",
"validated_by": "",
"validation_mode": ""
},
@@ -13914,7 +13914,7 @@
"validation_mode": ""
},
"R-62498": {
- "description": "The VNF **MUST**, if not using the NCSPs IDAM API, encrypt\nOA&M access (e.g., SSH, SFTP).",
+ "description": "The VNF **MUST** support encrypted access protocols, e.g., TLS,\nSSH, SFTP.",
"full_title": "",
"hide_links": "",
"id": "R-62498",
@@ -13937,7 +13937,7 @@
"title": "",
"title_from_content": "",
"type_name": "Requirement",
- "updated": "",
+ "updated": "casablanca",
"validated_by": "",
"validation_mode": ""
},
@@ -21743,7 +21743,7 @@
"validation_mode": ""
},
"R-99174": {
- "description": "The VNF **MUST** comply with Individual Accountability\n(each person must be assigned a unique ID) when persons or non-person\nentities access VNFs.",
+ "description": "The VNF **MUST** allow the creation of multiple IDs so that\nindividual accountability can be supported.",
"full_title": "",
"hide_links": "",
"id": "R-99174",
@@ -21766,7 +21766,7 @@
"title": "",
"title_from_content": "",
"type_name": "Requirement",
- "updated": "",
+ "updated": "casablanca",
"validated_by": "",
"validation_mode": ""
},