...
| Ref# | RA-1 Sub-Category | Description | RA-1 Traceability | RI Toolset | RI Notes | RC Category | RC Toolset | RC Notes | ||
|---|---|---|---|---|---|---|---|---|---|---|
| 1 | req.sec.gen.01 | General | The Architecture must provide tenant isolation. | Functional | Functest | |||||
| 2 | req.sec.gen.02 | General | The Architecture must support policy based RBAC. | 6.3.1.4 RBAC | Armada Chart | Functional | Functest | |||
| 3 | req.sec.gen.03 | General | The Architecture must support a centralised authentication and authorisation mechanism. | Keystone | Functional | Functest | ||||
| 4 | req.sec.zon.01 | Zoning | The Architecture must support identity management (specific roles and permissions assigned to a domain or tenant). | Functional | Functest | |||||
| 5 | req.sec.zon.02 | Zoning | The Architecture must support password encryption. | Barbican | SALT in NC2.0 | Functional | Functest | |||
| 6 | req.sec.zon.03 | Zoning | The Architecture must support data, at-rest and in-flight, encryption. | 6.3.3 Confidentiality and Integrity | TLS 1.2+(in-flight) | at-rest use ceph default encryption | Functional | missing | ||
| 7 | req.sec.zon.04 | Zoning | The Architecture must support integration with Corporate Identity Management systems. | Armada chart | integration | missing | ||||
| 8 | req.sec.cmp.02 | Compliance | The Architecture must comply with all applicable standards and regulations. | security standards | missing in Functest. Captured in Telco TCs Security | |||||
| 9 | req.sec.cmp.03 | Compliance | The Architecture must comply with all applicable regional standards and regulations. | security standards | missing | |||||
| 10 | req.sec.ntw.03 | Networking | The Architecture must have the underlay network incorporate encrypted and/or private communications channels to ensure its security. | 6.3.3.3 Confidentiality and Integrity of tenants Data | NA | Functional | missing | |||
| 11 | req.sec.ntw.04 | Networking | The Architecture must configure all of the underlay network components to ensure the complete separation from the overlay customer deployments. | NA | network isolation | missing | ||||
| 12 | req.sec.ntw.05 | Networking | The Architecture must have the underlay network include strong access controls that adhere to the V1.1 NIST Cybersecurity Framework. | 6.3.1 Platform Access | NA | network access control | missing |
...