...
- Credentials for ONAP users to access ONAP. These are referred to as ONAP_USER credentials.
- Credentials for using the APIs exposed by ONAP. These are referred to as ONAP_ExtAPI credentials.
- Credentials for ONAP to communicate to other ONAP components. These are referred to as ONAP Component credentials.
- Note: This includes credentials for VNF SDK to package the artefacts onboarded into SDC.
- Credentials for ONAP to communicate with other systems. These are referred to as ONAP_Foreign credentials.
- As an example, if ONAP is to communicate to an external SDN controller or a cloud infrastructure, these credentials need to be managed.
- Credentials for the ONAP operational staff to access ONAP. These are referred to as ONAP_Admin credentials
2.2 Credential Lifecycle
It is useful to consider the lifecycle of the credentials. This section describes the considered lifecycle steps of the credentials (note the usage of the credentials are out-of-scope of the credential management):
...
1. provisioning the credentials<< Insert here >>
The provisioning of the user credentials
2. Authenticating a user.
<< Insert here >>
For ONAP_ExtAPI credentials:
For ONAP_ExtAPI credentials, 3 use cases are shown.described
1. Provisioning the credentials
...
3. Retrieving the credentials
<< Insert here >>
For ONAP_Component credentials:
For ONAP_Component credentials, two use cases are described
1. Provisioning the credentials
...
2. Retrieving the credentials to use for external internal communication
<< Insert here >>
For ONAP_Foreign credentials:
For ONAP_Foreign credentials, two use cases are described.
- Provisioning the credentials
<<insert here>>
For ONAP_Admin credentials:
NOTE to seccom: Probably should describe how this works for all lifecycle steps.
...