summaryrefslogtreecommitdiffstats
path: root/docs/development/opnfvsecguide/audit/audit_reqs.rst
blob: ce76d016be8467a4162bedfa253dabc72878eb26 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
Requirements references related to OPNFV Audit

------------------
Source information
------------------

http://www.etsi.org/deliver/etsi_gs/NFV-INF/001_099/003/01.01.01_60/gs_NFV-INF003v010101p.pdf
http://www.etsi.org/deliver/etsi_gs/NFV-INF/001_099/004/01.01.01_60/gs_NFV-INF004v010101p.pdf

* ETSI GS NFV-SEC 003 V1.1.1 (2014-12)

  - Network Functions Virtualisation NFV);
  - NFV Security; Security and Trust Guidance
  - NFV-SEC-003_.


.. _NFV-SEC-003: http://www.etsi.org/deliver/etsi_gs/NFV-SEC/001_099/003/01.01.01_60/gs_NFV-SEC003v010101p.pdf
* ETSI GS NFV 004 V1.1.1 (2013-10)

  - Network Functions Virtualisation (NFV);
  - Virtualisation Requirements
  - NFV-SEC-004_.

.. _NFV-SEC-004: http://www.etsi.org/deliver/etsi_gs/NFV/001_099/004/01.01.01_60/gs_NFV004v010101p.pdf

Requirements on Auditing framework
----------------------------------

Audit records shall be maintained within protected binary logs so that the record of
malicious actions cannot be deleted from the logs.

Necessary auditable events
--------------------------

* access control management

  - Adding a user account
  - Modifying user account
  - Deleting a user account
  - login event
  - logout event
  - IP whitelisting update
  - IP blacklisting update

* VNFC Creation

  - The instantiation of a newly-defined VNFC
  - The instantiation of a VNFC with pre-configured state
  - The cloning of an existing VNFC

* VNFC Deletion

  - The deletion of VNFC and of all of its instances (e.g. snapshots, backups, archives, cloned images)

* Software management

  - patching e.g. opreating system, drivers, VM components
  - dynamic updates to the configuration e.g. DNS, DHCP
  - application software updates
  - software component updates

* Data management

  - Root level access to NFVI file system
  - User level access to NFVI file system
  - Secured wipe, disk and memory
  - Verified destruction
  - Certificate revocation

* VNFC Migration

  - VNFC original host identity
  - VNFC target host identity
  - high availability
  - recovery
  - data-in-motion changes

* Other VNFC Operational State Changes

  - Hibernation, sleep, resumption, abort, restore, suspension
  - Power-on and power-off (either physical or virtual)
  - Integrity verification failure, crash and OS compromise

* VNFC Topology Changes

  - Network IP address and VLAN updates
  - Service chaining
  - Failover and disaster recovery

* traffic inspection

  - enabling virtual port mirroring
  - enabling hypervisor introspection
  - enabling in-line traffic inspection
  - application insertion

* initial provisioning of a public/private key pair

  - Self-generation of key pairs for later validation by an external party:

     - Certificate Authority
     - VNFM

  - Provision by trusted party

     - network
     - storage

  - Injection by hypervisor