Overview

AAF Beijing established enhanced capabilities and components, built in ONAP methodologies and instantiating with ONAP defined deployment strategies.  In Casablanca, the goal is to enable AAF to provide these capabilities as infrastructure utilized by ONAP entities by establishing Authenticated and Authorization Development and Deployment of ONAP Test environments, as well as being a tool for groups to deploy.  The special emphasis for Casablanca is to unify the x509 Trust Structures, allowing both real-time and development-time communications to be 2-way x509 wherever possible, and to establish easy-to-deploy security credentials for ONAP Components and People.

The existing Beijing use cases are still going to be supported.

AAF Team will provide an ONAP focused CADI Client in Java to make App-to-App communications consistent.

AAF Team will provide a standard "Authz Enforcement Point" in Java both for realtime Authorization of Access, but also as a stepping point to longer term security goals and improvements.

AAF Team will start the process of researching and creating a CADI Client in Python

AAF Team will start the process of researching an "Authz Enforcement Point" in Python

AAF Team will continue to improve its standing as a security component within ONAP by adhering and improving on ONAP measures.

AAF is already a Viable Product as of Beijing.  Casablanca is focused on allowing ONAP Apps to utilize AAF for their Authentication and Authorization needs both in terms of Development, but also Realtime modes.

List the functionalities that this release is committing to deliver by providing a link to JIRA Epics and Stories. In the JIRA Priority field, specify the priority (either High, Medium, Low). The priority will be used in case de-scoping is required. Don't assign High priority to all functionalities.

 AAF is to organize software authorizations so that applications, tools and services can match the access needed to perform job functions.  This is a critical function for Cloud environments, as Services need to be able to be installed and running in a very short time, and should not be encumbered with local configurations of Users, Permissions and Passwords.To be effective during a computer transaction, Security must not only be secure, but very fast. Given that each transaction must be checked and validated for Authorization and Authentication, it is critical that all elements on this path perform optimally.

Indicate the outcome (Executable, Source Code, Library, API description, Tool, Documentation, Release Note...) of this release.

AAF already delivers

1. AAF Service

2. AAF Location

3. AAF OAuth2

4. AAF GUI

5. AAF Certificate Manger

6. AAF FS (File server for public component access)

7. AAF Hello - OAuth2 testable Service, for helping developers learn.

8. CADI Framework (Clients and tools)

9. CMAgent - Certificate Deployment Tool

These will be improved upon in the context of ONAP.

Open

Open

Refering to CII Badging Security Program and Platform Maturity Requirements, fill out the table below by indicating the actual level , the targeted level for the current release and the evidences on how you plan to achieve the targeted level.