summaryrefslogtreecommitdiffstats
path: root/docs
diff options
context:
space:
mode:
Diffstat (limited to 'docs')
-rw-r--r--docs/Chapter4/Security.rst58
-rw-r--r--docs/data/needs.json174
2 files changed, 3 insertions, 229 deletions
diff --git a/docs/Chapter4/Security.rst b/docs/Chapter4/Security.rst
index 7197e7c..fb318dd 100644
--- a/docs/Chapter4/Security.rst
+++ b/docs/Chapter4/Security.rst
@@ -94,20 +94,6 @@ the product’s lifecycle.
services (e.g., restricting access to certain ports or applications).
.. req::
- :id: R-85633
- :target: VNF
- :keyword: MUST
-
- The VNF **MUST** implement Data Storage Encryption
- (database/disk encryption) for Sensitive Personal Information (SPI)
- and other subscriber identifiable data.
-
- Note: Subscribers SPI/data must be encrypted at rest, and other
- subscriber identifiable data should be encrypted at rest. Other
- data protection requirements exist and should be well understood
- by the developer.
-
-.. req::
:id: R-92207
:target: VNF
:keyword: SHOULD
@@ -135,15 +121,6 @@ the product’s lifecycle.
tools (e.g., Fortify) and provide reports.
.. req::
- :id: R-55830
- :target: VNF
- :keyword: MUST
-
- The VNF **MUST** distribute all production code from NCSP
- internal sources only. No production code, libraries, OS images, etc.
- shall be distributed from publically accessible depots.
-
-.. req::
:id: R-99771
:target: VNF
:keyword: MUST
@@ -249,16 +226,6 @@ the product’s lifecycle.
Application levels as appropriate.
.. req::
- :id: R-52085
- :target: VNF
- :keyword: MUST
-
- The VNF **MUST**, if not using the NCSP's IDAM API, provide
- the ability to support Multi-Factor Authentication (e.g., 1st factor =
- Software token on device (RSA SecureID); 2nd factor = User Name+Password,
- etc.) for the users.
-
-.. req::
:id: R-98391
:target: VNF
:keyword: MUST
@@ -268,14 +235,6 @@ the product’s lifecycle.
performing specific activities.
.. req::
- :id: R-63217
- :target: VNF
- :keyword: MUST
-
- The VNF **MUST**, if not using the NCSP's IDAM API, support
- logging via ONAP for a historical view of "who did what and when."
-
-.. req::
:id: R-62498
:target: VNF
:keyword: MUST
@@ -1268,14 +1227,6 @@ Data Protection Requirements
and write access to data handled by the VNF.
.. req::
- :id: R-99112
- :target: VNF
- :keyword: MUST
-
- The VNF **MUST** provide the capability to restrict access
- to data to specific users.
-
-.. req::
:id: R-83227
:target: VNF
:keyword: MUST
@@ -1324,15 +1275,6 @@ Data Protection Requirements
cryptography.
.. req::
- :id: R-22645
- :target: VNF
- :keyword: SHOULD
-
- The VNF **SHOULD** use commercial algorithms only when there
- are no applicable governmental standards for specific cryptographic
- functions, e.g., public key cryptography, message digests.
-
-.. req::
:id: R-12467
:target: VNF
:keyword: MUST NOT
diff --git a/docs/data/needs.json b/docs/data/needs.json
index f564e73..7ac2d2c 100644
--- a/docs/data/needs.json
+++ b/docs/data/needs.json
@@ -1,10 +1,10 @@
{
- "created": "2018-08-30T21:56:21.449389",
+ "created": "2018-08-31T17:36:18.850778",
"current_version": "casablanca",
"project": "",
"versions": {
"casablanca": {
- "created": "2018-08-30T21:56:21.449234",
+ "created": "2018-08-31T17:36:18.850676",
"needs": {
"R-00011": {
"description": "A VNF's Heat Orchestration Template's Nested YAML files\nparameter's **MUST NOT** have a parameter constraint defined.",
@@ -4844,34 +4844,6 @@
"validated_by": "",
"validation_mode": ""
},
- "R-22645": {
- "description": "The VNF **SHOULD** use commercial algorithms only when there\nare no applicable governmental standards for specific cryptographic\nfunctions, e.g., public key cryptography, message digests.",
- "full_title": "",
- "hide_links": "",
- "id": "R-22645",
- "impacts": "",
- "introduced": "",
- "keyword": "SHOULD",
- "links": [],
- "notes": "",
- "section_name": "VNF Data Protection Requirements",
- "sections": [
- "VNF Data Protection Requirements",
- "VNF Security"
- ],
- "status": null,
- "tags": [],
- "target": "VNF",
- "test": "",
- "test_case": "",
- "test_file": "",
- "title": "",
- "title_from_content": "",
- "type_name": "Requirement",
- "updated": "",
- "validated_by": "",
- "validation_mode": ""
- },
"R-22656": {
"description": "The VNF Heat Orchestration Template **MUST** have a\ncorresponding environment file for a Cinder Volume Module.",
"full_title": "",
@@ -11823,34 +11795,6 @@
"validated_by": "",
"validation_mode": ""
},
- "R-52085": {
- "description": "The VNF **MUST**, if not using the NCSP's IDAM API, provide\nthe ability to support Multi-Factor Authentication (e.g., 1st factor =\nSoftware token on device (RSA SecureID); 2nd factor = User Name+Password,\netc.) for the users.",
- "full_title": "",
- "hide_links": "",
- "id": "R-52085",
- "impacts": "",
- "introduced": "",
- "keyword": "MUST",
- "links": [],
- "notes": "",
- "section_name": "VNF General Security Requirements",
- "sections": [
- "VNF General Security Requirements",
- "VNF Security"
- ],
- "status": null,
- "tags": [],
- "target": "VNF",
- "test": "",
- "test_case": "",
- "test_file": "",
- "title": "",
- "title_from_content": "",
- "type_name": "Requirement",
- "updated": "",
- "validated_by": "",
- "validation_mode": ""
- },
"R-52425": {
"description": "A VNF's port connected to an internal network **MUST** connect\nthe port to VMs in the same VNF.",
"full_title": "",
@@ -12609,34 +12553,6 @@
"validated_by": "",
"validation_mode": ""
},
- "R-55830": {
- "description": "The VNF **MUST** distribute all production code from NCSP\ninternal sources only. No production code, libraries, OS images, etc.\nshall be distributed from publically accessible depots.",
- "full_title": "",
- "hide_links": "",
- "id": "R-55830",
- "impacts": "",
- "introduced": "",
- "keyword": "MUST",
- "links": [],
- "notes": "",
- "section_name": "VNF General Security Requirements",
- "sections": [
- "VNF General Security Requirements",
- "VNF Security"
- ],
- "status": null,
- "tags": [],
- "target": "VNF",
- "test": "",
- "test_case": "",
- "test_file": "",
- "title": "",
- "title_from_content": "",
- "type_name": "Requirement",
- "updated": "",
- "validated_by": "",
- "validation_mode": ""
- },
"R-56183": {
"description": "A VNF's Heat Orchestration Template's OS::Nova::Server\nResource metadata map value parameter 'environment_context' **MUST NOT**\nhave parameter contraints defined.",
"full_title": "",
@@ -14092,34 +14008,6 @@
"validated_by": "",
"validation_mode": ""
},
- "R-63217": {
- "description": "The VNF **MUST**, if not using the NCSP's IDAM API, support\nlogging via ONAP for a historical view of \"who did what and when.\"",
- "full_title": "",
- "hide_links": "",
- "id": "R-63217",
- "impacts": "",
- "introduced": "",
- "keyword": "MUST",
- "links": [],
- "notes": "",
- "section_name": "VNF General Security Requirements",
- "sections": [
- "VNF General Security Requirements",
- "VNF Security"
- ],
- "status": null,
- "tags": [],
- "target": "VNF",
- "test": "",
- "test_case": "",
- "test_file": "",
- "title": "",
- "title_from_content": "",
- "type_name": "Requirement",
- "updated": "",
- "validated_by": "",
- "validation_mode": ""
- },
"R-63229": {
"description": "The xNF **MAY** use another option which is expected to include REST\nfor synchronous data, using RESTCONF (e.g., for xNF state polling).",
"full_title": "",
@@ -18521,34 +18409,6 @@
"validated_by": "",
"validation_mode": ""
},
- "R-85633": {
- "description": "The VNF **MUST** implement Data Storage Encryption\n(database/disk encryption) for Sensitive Personal Information (SPI)\nand other subscriber identifiable data.\n\nNote: Subscribers SPI/data must be encrypted at rest, and other\nsubscriber identifiable data should be encrypted at rest. Other\ndata protection requirements exist and should be well understood\nby the developer.",
- "full_title": "",
- "hide_links": "",
- "id": "R-85633",
- "impacts": "",
- "introduced": "",
- "keyword": "MUST",
- "links": [],
- "notes": "",
- "section_name": "VNF General Security Requirements",
- "sections": [
- "VNF General Security Requirements",
- "VNF Security"
- ],
- "status": null,
- "tags": [],
- "target": "VNF",
- "test": "",
- "test_case": "",
- "test_file": "",
- "title": "",
- "title_from_content": "",
- "type_name": "Requirement",
- "updated": "",
- "validated_by": "",
- "validation_mode": ""
- },
"R-85653": {
"description": "The xNF **MUST** provide metrics (e.g., number of sessions,\nnumber of subscribers, number of seats, etc.) to ONAP for tracking\nevery license.",
"full_title": "",
@@ -21714,34 +21574,6 @@
"validated_by": "",
"validation_mode": ""
},
- "R-99112": {
- "description": "The VNF **MUST** provide the capability to restrict access\nto data to specific users.",
- "full_title": "",
- "hide_links": "",
- "id": "R-99112",
- "impacts": "",
- "introduced": "",
- "keyword": "MUST",
- "links": [],
- "notes": "",
- "section_name": "VNF Data Protection Requirements",
- "sections": [
- "VNF Data Protection Requirements",
- "VNF Security"
- ],
- "status": null,
- "tags": [],
- "target": "VNF",
- "test": "",
- "test_case": "",
- "test_file": "",
- "title": "",
- "title_from_content": "",
- "type_name": "Requirement",
- "updated": "",
- "validated_by": "",
- "validation_mode": ""
- },
"R-99174": {
"description": "The VNF **MUST** allow the creation of multiple IDs so that\nindividual accountability can be supported.",
"full_title": "",
@@ -22001,7 +21833,7 @@
},
"needs_amount": 755
},
- "master branch": {
+ "beijing": {
"created": "2018-08-22T16:47:37.993404",
"needs": {
"R-00011": {