1
...
Introduction
This section captures recommendations for handling certain security questions that are studied by the security sub-committee. These recommendations, when implemented, can lead to new best practices. The recommendation states are:
...
- ONAP Credential Management
- ....
2
...
ONAP Credential Management.
Status: Draft
2.1 ONAP Credential Management Overview
In order to support secure communication between the ONAP modules and also external to ONAP, then a form of credentials is required. The options for these credentials are:
- List here
The recommended approach is....
2.2 Credential Lifecycle
The lifecycle of the credentials are:
- Provisioning Credentials
- Updateing Credentials
- Validating Credentials
- Distributing Credentials
- Removing Credentials
(Note: A description of the above is required)
2.3 Recommended approach
Describe recommended approach here
2.4 Implications to the ONAP
Describe what this means to ONAP
3 ONAP Static Code Scans
Status: Draft
3.1 ONAP Static Code Scanning
The purpose of the ONAP static code scanning is perform static code scans of the code as it is introduced into the ONAP repositories looking for vulnerabilities.
3.2 Approaches
Describe the approaches here
3.3 Recommendation
Capture the recommendation here