This page is mostly a wishful thinking. It does not reflect the current state of ONAP security. It's rather where we would like to be.
ONAP introduction
ONAP from the milky way point of view
...
- If automated certificate retrieval is used on one of .... has to be supported by the CA
Requirements towards exposed interfaces
- North and south interfaces should be separated (ie different instance of ingress controller) to allow to configure operator network policy properly
- All Northbound interfaces has to be protected using TLS
- All Northbound interfaces has to support SSO
- All Northbound interfaces has to support RBAC
- All roles used in ONAP have to be documented
- All forms should validate and sanitize their input provided by the user
- Southbound interfaces has to fulfill VNF security requirements
- ...