The VNF **MUST NOT** allow vendor access to VNFs remotely.
+.. req::
+ :id: R-638682
+ :target: VNF
+ :keyword: MUST
+ :introduced: casablanca
+ :validation_mode: in_service
+
+ The VNF **MUST** log any security event required by the VNF Requirements to
+ Syslog using LOG_AUTHPRIV for any event that would contain sensitive
+ information and LOG_AUTH for all other relevant events.
+
VNF Identity and Access Management Requirements
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
.. req::
:id: R-59391
:target: VNF
- :keyword: MUST
+ :keyword: MUST NOT
:updated: casablanca
- The VNF MUST NOT not allow the assumption of the permissions of
+ The VNF **MUST NOT** not allow the assumption of the permissions of
another account to mask individual accountability.
.. req::
{
- "created": "2018-09-21T09:04:14.699000",
+ "created": "2018-09-21T09:36:46.582000",
"current_version": "casablanca",
"project": "",
"versions": {
"needs_amount": 750
},
"casablanca": {
- "created": "2018-09-21T09:04:14.699000",
+ "created": "2018-09-21T09:36:46.582000",
"needs": {
"R-00011": {
"description": "A VNF's Heat Orchestration Template's parameter defined\nin a nested YAML file\n**MUST NOT** have a parameter constraint defined.",
"validated_by": "",
"validation_mode": ""
},
+ "R-332680": {
+ "description": "The xNF **SHOULD** deliver all syslog messages to the VES Collector per the\nspecifications in Monitoring and Management chapter.",
+ "full_title": "",
+ "hide_links": "",
+ "id": "R-332680",
+ "impacts": "dcae",
+ "introduced": "",
+ "keyword": "SHOULD",
+ "links": [],
+ "notes": "",
+ "section_name": "Asynchronous and Synchronous Data Delivery",
+ "sections": [
+ "Asynchronous and Synchronous Data Delivery",
+ "Monitoring & Management Requirements",
+ "Monitoring & Management"
+ ],
+ "status": null,
+ "tags": [],
+ "target": "XNF",
+ "test": "",
+ "test_case": "",
+ "test_file": "",
+ "title": "",
+ "title_from_content": "",
+ "type_name": "Requirement",
+ "updated": "",
+ "validated_by": "",
+ "validation_mode": "in_service"
+ },
"R-33280": {
"description": "The xNF **MUST NOT** use any instance specific parameters\nin a playbook.",
"full_title": "",
"validation_mode": ""
},
"R-59391": {
- "description": "The VNF MUST NOT not allow the assumption of the permissions of\nanother account to mask individual accountability.",
+ "description": "The VNF **MUST NOT** not allow the assumption of the permissions of\nanother account to mask individual accountability.",
"full_title": "",
"hide_links": "",
"id": "R-59391",
"impacts": "",
"introduced": "",
- "keyword": "MUST",
+ "keyword": "MUST NOT",
"links": [],
"notes": "",
"section_name": "VNF Identity and Access Management Requirements",
"validated_by": "",
"validation_mode": ""
},
+ "R-638682": {
+ "description": "The VNF **MUST** log any security event required by the VNF Requirements to\nSyslog using LOG_AUTHPRIV for any event that would contain sensitive\ninformation and LOG_AUTH for all other relevant events.",
+ "full_title": "",
+ "hide_links": "",
+ "id": "R-638682",
+ "impacts": "",
+ "introduced": "casablanca",
+ "keyword": "MUST",
+ "links": [],
+ "notes": "",
+ "section_name": "VNF General Security Requirements",
+ "sections": [
+ "VNF General Security Requirements",
+ "VNF Security"
+ ],
+ "status": null,
+ "tags": [],
+ "target": "VNF",
+ "test": "",
+ "test_case": "",
+ "test_file": "",
+ "title": "",
+ "title_from_content": "",
+ "type_name": "Requirement",
+ "updated": "",
+ "validated_by": "",
+ "validation_mode": "in_service"
+ },
"R-63935": {
"description": "The xNF **MUST** release locks to prevent permanent lock-outs\nwhen a user configured timer has expired forcing the NETCONF SSH Session\ntermination (i.e., product must expose a configuration knob for a user\nsetting of a lock expiration timer).",
"full_title": "",
"validation_mode": "static"
}
},
- "needs_amount": 723
+ "needs_amount": 725
}
}
}
\ No newline at end of file