...
- Credential Creation
- The credentials are created. The means to create the credentials is considered out-of-scope from ONAP and an existing credential creation scheme is used.
Note: The credentials may be created by a CA.
- The credentials are created. The means to create the credentials is considered out-of-scope from ONAP and an existing credential creation scheme is used.
- Credential Provisioning
- Provisioning the credentials involves putting the credentials into the ONAP system, ensuring that they are securily stored.
- Credential Update
- The credentials that have been previously provisioned are updated.
- Credential Validation
- The validation of provisioned credentials to ensure that the credentials are still valid.
- Credential Distribution
- The distribution of the credentials so that they are accessable to the ONAP functions.
Note: this implies no statement on the means to distribute the credentials.
- The distribution of the credentials so that they are accessable to the ONAP functions.
- Credential Expiration
- The credential has been expired and is no longer considered valid.
- Credential Revoke
- The ability to revoke and remove a credential
...
Component 1: Secrets Vault - A service that can be integrated with ONAP that provides secure storage of the credentials used by ONAP to authenticate to VNFs.
...
Use Cases:
For ONAP_User Credentials
For ONAP_User Credentials, two uses cases are shown.
1. provisioning the credentials
<< Insert here >>
2. Authenticating a user.
<< Insert here >>
For ONAP_ExtAPI credentials:
For ONAP_ExtAPI credentials, 3 use cases are shown.
1. Provisioning the credentials
<< insert here >>
2. Distributing the credentials
<< Insert here >>
3. Retrieving the credentials
<< Insert here >>
For ONAP_Component credentials:
1. Provisioning the credentials
<< insert here >>
2. Retrieving the credentials to use for external communication
<< Insert here >>
For ONAP_Foreign credentials:
...
NOTE to seccom: Probably should describe how this works for all lifecycle steps.
...