R7 Certificate Management Protocol (CMPv2)



Use Case Name

Topic

Description

Item

REQ Jira

REQ-321 CMPv2 Enhancements for R7

REQ-321 is for DCAE project, to integrate with AAF/CertService components created during the ONAP/Frankfurt release.

Actually, we don`t expect to do changes in AAF/CertService to support that requirement, worst case we might find a bug in the AAF/CertService implementation, which would have to be fixed.

There is a potential dependency -> if we find bugs in CertService. If we do so, we`d be able to fix them without touching the rest of AAF code, as CertService is completely independent from other components of AAF (it simply lives in AAF project, but it could live anywhere else too).

We can do relevant documentation/release note changes for AAF/CertService, if any bugs will be found and fixed.



https://lf-onap.atlassian.net/browse/REQ-321

M4 status:

  • Moving CMPv2 from DCAE AAF to OOM repo ongoing

  • DCAE platform (BP-generator + K8s plugin) work done

  • New CMPv2 tools (truststore merger) implementation done

  • New CMPv2 tools (keystore copier) implementation ongoing

  • DCAE components (VES + HV-VES) integration with CMPv2 ongoing – blocked by bug https://jira.onap.org/browse/AAF-1121

  •  

    • Bug resolution ongoing

  • DCAE components (DFC + RestConf) integration with CMPv2 moved to Honolulu release



Cert Service client part of OOM project

NRM = closer to K8S vuln. changes in VES collector. Performance Tests.



Architecture Sub-committee Jira tracker



ONAPARC-575: Guilin-R7 ArchCom Review for PnP, 5G Service Modeling, CMPv2, C&PS, and PNF OnboardingClosed

NON FUNCTIONAL REQUIREMENT CONTRIBUTION

COMPONENT

U/C STORY JIRA

NFR JIRA

COMPANY

DESCRIPTION

COMPONENT

U/C STORY JIRA

NFR JIRA

COMPANY

DESCRIPTION

DCAE

DCAEGEN2-2250: DCAE CMPv2 integrationClosed

REQ-351: ONAP must complete update of the java language (from v8 -> v11) Done

Nokia

  • Java 11 update: Inventory API

  • Java 11 update: runTime API











BUSINESS DRIVER

This section describes Business Drivers needs.

Executive Summary - (Give a short description of your Use Case, the "Executive 2 min elevator pitch", this describes the "WHAT")

Business Impact - (This is the Business Impact which describes why this use case is important from a business perspective, this describes the "WHY").

Business Markets - (This is the marketing analysis, which can include but not limited to applicable markets, domains, marketing projections, this can describe the "WHERE").

Funding/Financial Impacts - (The Funding requirements and Financial impacts can describe the financial savings, or CAPEX, OPEX impacts for a Use Case).

Organization Mgmt, Sales Strategies - (It is suggested that you use the following wording): There is no additional organizational management or sales strategies for this use case outside of a service providers "normal" ONAP deployment and its attendant organizational resources from a service provider. (This would typically describe the "WHO", but because use cases are all deployed with ONAP itself, these two areas come with the actual ONAP deployment and uses the organizational management and sales strategies of a particular service provider's ONAP deployment)

Development Status

PROJECT

PTL

User Story / Epic

Requirement

A&AI

@James Forsyth





AAF

No active PTL

CMPv2 CertService small enhancements (configurable artifacts output type) and introduction of new API to update certificates (best effort)

Actually, we don`t expect to do changes in AAF/CertService to support that requirement, worst case we might find a bug in the AAF/CertService implementation, which would have to be fixed.

There is a potential dependency -> if we find bugs in CertService. If we do so, we`d be able to fix them without touching the rest of AAF code, as CertService is completely independent from other components of AAF (it simply lives in AAF project, but it could live anywhere else too).

We can do relevant documentation/release note changes for AAF/CertService, if any bugs will be found and fixed.



APPC

@Takamune Cho





CLAMP

@Gervais-Martial Ngueko





CC-SDK (incl. CDS)

@Dan Timoney





DCAE

@Vijay Kumar

Integration of DCAE collectors with certificates from CMPv2 server to protect external communication - details DCAE CertService integration;

Certificate from CMPv2 server exposed to xNFs



DMaaP

@Mandar Sawant





External API

@Adrian OSullivan





MODELING

@Hui Deng





Multi-VIM /

Cloud

@Bin Yang





OOF

@Shankaranarayanan Puzhavakath Narayanan





POLICY

@Pamela Dragosh





PORTAL

@Manoop Talasila





SDN-C

@Dan Timoney





SDC

@Ofir Sonsino





SO

@Seshu Kumar Mudiganti





VID

@ittay





VNFRQTS

@Trevor Lovett





VNF-SDK

@victor gao





List of PTLs:Approved Projects

*Each Requirement should be tracked by its own User Story in JIRA 

Use Case Diagram

Use cases define how different users interact with a system under design.  Each use case represents an action that may be performed by a user (defined in UML as an Actor with a user persona).

Use Case Functional Definitions

Use Case Title

Certificate Management Protocol (CMPv2) in Guilin release

Actors (and System Components)

DCAE collectors, AAF CertService (CMPv2), CMPv2 server

Description

Protect traffic between Network Functions and DCAE collectors by using certificate from CMPv2 server

Points of Contact

@Pawel Baniewski

@Bogumil Zebek

@Kornel Janiak

@damian.nowak

Preconditions

CMPv2 integration switched on:

  • AAF CertService deployed by OOM installation

  • CMPv2 server present (can be a testing one – EJBCA)

Triggers / Begins when

DCAE collector startup



Steps / Flows (success)

  1. DCAE collector startup

  2. Call to AAF CertService to enroll certificate from CMPv2 server

  3. Certificate from CMPv2 server taken into use by DCAE collector

Post-conditions

DCAE collector presents certificate acquired from CMPv2 server when Network Functions are communicating with it

Alternate / Exception Paths

Description of any exceptions or special process that could occur during Use Case

Related Use Cases

List of the Use Cases referenced by this Use Case

Assumptions

Describes any assumptions that are made for this use case

Tools / References / Artifacts

List of any tools or reference material associated with this Use Case as well as any JIRA trace-ability.

List of any associated diagrams or modelling artifacts associated with the Use Case

Testing

Current Status

  1. Testing Blockers

  2. High visibility bugs

  3. Other issues for testing that should be seen at a summary level

  4. Where possible, always include JIRA links



End to End flow to be Tested

**This should be a summary level Sequence diagram done in Gliffy** 











Test Cases and Status