From b78d0099b92d86f773ec90c4267c3ff907798fd8 Mon Sep 17 00:00:00 2001
From: "Bozawglanian, Hagop (hb755d)" <hb755d@att.com>
Date: Mon, 17 Sep 2018 22:08:59 +0000
Subject: VNFRQTS - Rewording Security Req Batch 7

Including changes for VNFRQTS-304, 358

Issue-ID: VNFRQTS-358

Change-Id: Ib62616db310d36d6029c470554a3217d7ce54e58
Signed-off-by: Bozawglanian, Hagop (hb755d) <hb755d@att.com>
---
 docs/Chapter4/Security.rst | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

(limited to 'docs/Chapter4/Security.rst')

diff --git a/docs/Chapter4/Security.rst b/docs/Chapter4/Security.rst
index 43cf5d7..c3112af 100644
--- a/docs/Chapter4/Security.rst
+++ b/docs/Chapter4/Security.rst
@@ -99,10 +99,10 @@ the product’s lifecycle.
     :id: R-92207
     :target: VNF
     :keyword: SHOULD
+    :updated: casablanca
 
-    The VNF **SHOULD** implement a mechanism for automated and
-    frequent "system configuration (automated provisioning / closed loop)"
-    auditing.
+    The VNF **SHOULD** provide a mechanism for performing automated
+    system configuration auditing at configurable time intervals.
 
 .. req::
     :id: R-23882
@@ -325,9 +325,13 @@ Identity and Access Management Requirements
     :id: R-86835
     :target: VNF
     :keyword: MUST
+    :updated: casablanca
 
     The VNF **MUST** set the default settings for user access
-    to sensitive commands and data to deny authorization.
+    to deny authorization, except for a super user type of account.
+    When a VNF is added to the network, nothing should be able to use
+    it until the super user configures the VNF to allow other users
+    (human and application)  have access.
 
 .. req::
     :id: R-81147
-- 
cgit 1.2.3-korg