Versions Compared

Old Version 22

changes.mady.by.user Paweł Pawlak

Saved on

compared with

New Version 23

changes.mady.by.user Paweł Pawlak

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

"The project MUST have performed a security review within the last 5 years. This review MUST consider the security requirements and security boundary." – Best Practices Badging Criterion

...

Your Answer-Please DescribeSECCOM Feedback / Recommendations

Yes, CPS architecture documentation can be found @ https://docs.onap.org/projects/onap-cps/en/latest/architecture.html

*Page is being updated for the next release to reflect that the architecture diagram reflects the latest release. (https://gerrit.onap.org/r/c/cps/+/133557)

Please refer to the latest ONAP architecture diagram.

London-R12 Architecture Diagram

Documentation Security

Does your project have a description of what a user of your project can and cannot expect in terms of security from the software produced by the project, (In other words, what are its 'security requirements'?)

...

Your Answer-Please DescribeSECCOM Feedback / Recommendations

None available

CPS don’t have security requirements apart from the authentication on our rest API wherein username and passwords are configurable

Configuration Persistence Service Project#CPSSECURITYREQUIREMENTS

 Please add a statement about this to the end of your architecture document (or in another wiki page), with a heading such as "CPS Security Requirements."

Please refer to the latest ONAP architecture diagram.

London-R12 Architecture Diagram

Assurance Case

Does your project actually meet its documented security requirements?

...

Your Answers-Please ExplainSECCOM Feedback / Recommendations

CPS is compliant and compatible with the ongoing service mesh implementation (see https://gerrit.onap.org/r/c/oom/+/124287) for ONAP. 

CPS service port names has been changed to include http in name.


Crypto Credential Agility

...

Your Answers-Please ExplainSECCOM Feedback / Recommendations

CPS is compliant and compatible with the ongoing service mesh implementation (see https://gerrit.onap.org/r/c/oom/+/124287) for ONAP. 

CPS service port names has been changed to include http in name.


Crypto Used Network

Does your software have network communications inbound or outbound? If so, do you support secure protocols for all such network communications?

...