From a2f85e55c0ce8baa3d535e29586176f1cf5c4a39 Mon Sep 17 00:00:00 2001 From: Amy Zwarico Date: Tue, 10 Mar 2020 19:59:48 +0000 Subject: VNF Requirement Security Changes Round 1 VNFRQTS-828, VNFRQTS-839 Issue-ID: VNFRQTS-828 Signed-off-by: Amy Zwarico Change-Id: I9971adf14915f24e8798363fa3dfd5a319f580c5 Signed-off-by: Amy Zwarico --- docs/Chapter4/Security.rst | 21 +++++++++++---------- 1 file changed, 11 insertions(+), 10 deletions(-) diff --git a/docs/Chapter4/Security.rst b/docs/Chapter4/Security.rst index 68e7bd7..bcec56b 100644 --- a/docs/Chapter4/Security.rst +++ b/docs/Chapter4/Security.rst @@ -405,15 +405,6 @@ Identity and Access Management Requirements The VNF **MUST** provide access controls that allow the Operator to restrict access to VNF functions and data to authorized entities. -.. req:: - :id: R-85419 - :target: VNF - :keyword: SHOULD - :updated: casablanca - - The VNF **SHOULD** support OAuth 2.0 authorization using an external - Authorization Server. - .. req:: :id: R-75041 :target: VNF @@ -529,14 +520,24 @@ Identity and Access Management Requirements The VNF **MUST** provide a means for the user to explicitly logout, thus ending that session for that authenticated user. +.. req:: + :id: R-251639 + :target: VNF + :keyword: MUST + :introduced: frankfurt + + The VNF **MUST** provide explicit confirmation of a session termination + such as a message, new page, or rerouting to a login page. + .. req:: :id: R-45719 :target: VNF :keyword: MUST :introduced: casablanca + :updated: frankfurt The VNF **MUST**, if not integrated with the Operator's Identity and Access - Management system, or enforce a configurable "terminate idle sessions" + Management system, enforce a configurable "terminate idle sessions" policy by terminating the session after a configurable period of inactivity. -- cgit 1.2.3-korg