`<< Back <../../openstack>`__ .. _2-architecture-requirements: 2. Architecture Requirements ============================ .. raw:: html

Dickering over the final points

Table of Contents ----------------- - `2.1 Introduction <#2.1>`__ - `2.2 Reference Model Requirements <#2.2>`__ - `2.2.1 Cloud Infrastructure Software Profile Requirements for Compute <#2.2.1>`__ - `2.2.2 Cloud Infrastructure Software Profile Requirements for Netwokring <#2.2.2>`__ - `2.2.3 Cloud Infrastructure Software Profile Requirements for Storage <#2.2.3>`__ - `2.2.4 Cloud Infrastructure Hardware Profile Requirements <#2.2.4>`__ - `2.2.5 Cloud Infrastructure Management Requirements <#2.2.5>`__ - `2.2.6 Cloud Infrastructure Security Requirements <#2.2.6>`__ - `2.3 Architecture and OpenStack Requirements <#2.3>`__ - `2.3.1 General Requirements <#2.3.1>`__ - `2.3.2 Infrastructure Requirements <#2.3.2>`__ - `2.3.3 VIM Requirements <#2.3.3>`__ - `2.3.4 Interfaces & APIs Requirements <#2.3.4>`__ - `2.3.5 Tenant Requirements <#2.3.5>`__ - `2.3.6 LCM Requirements <#2.3.6>`__ - `2.3.7 Assurance Requirements <#2.3.7>`__ - `2.4 Architecture and OpenStack Recommendations <#2.4>`__ - `2.4.1 General Recommendationss <#2.4.1>`__ - `2.4.2 Infrastructure Recommendations <#2.4.2>`__ - `2.4.3 VIM Recommendations <#2.4.3>`__ - `2.4.4 Interfaces & APIs Recommendations <#2.4.4>`__ - `2.4.5 Tenant Recommendations <#2.4.5>`__ - `2.4.6 LCM Recommendations <#2.4.6>`__ - `2.4.7 Assurance Recommendations <#2.4.7>`__ - `2.4.8 Security Recommendations <#2.4.8>`__ .. _21-introduction: 2.1 Introduction ---------------- **must**: Requirements that are marked as *must* are considered mandatory and must exist in the reference architecture and reflected in any implementation targeting this reference architecture. The same applies to *must not*. **should**: Requirements that are marked as *should* are expected to be fulfilled by the reference architecture but it is up to each service provider to accept an implementation targeting this reference architecture that is not reflecting on any of those requirements. The same applies to *should not*. RFC2119 **may**: Requirements that are marked as *may* are considered optional. The same applies to *may not*. This chapter includes both "Requirements" that must be satisifed in an RA-1 conformant implementation and "Recommendations" that are optional for implementation. .. _22-reference-model-requirements: 2.2 Reference Model Requirements -------------------------------- The tables below contain the requirements from the Reference Model to cover the Basic and High-Performance profiles. To ensure alignment with the infrastructure profile catalogue, the following requirements are referenced through: - Those relating to Cloud Infrastructure Software Profiles - Those relating to Cloud Infrastructure Hardware Profiles - Those relating to Storage Extensions (S extension) - Those relating to Network Acceleration Extensions (A extension) - Those relating to Cloud Infrastructure Management .. Note: "(if offered)" used in the Reference Model has been replaced with "Optional" in the tables below so as to align with RFC2119. .. _221-cloud-infrastructure-software-profile-requirements-for-compute-source-rm-52: 2.2.1 Cloud Infrastructure Software Profile Requirements for Compute (source `RM 5.2 <../../../ref_model/chapters/chapter05.md#5.2>`__) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +-------------+-------------+-------------+-------------+-------------+ | Reference | Description | Requirement | Requirement | Sp | | | | for Basic | for High | ecification | | | | Profile | Performance | Reference | | | | | Profile | | +=============+=============+=============+=============+=============+ | e.cap.001 | Max number | At least 16 | At least 16 | | | | of vCPU | | | | | | that can be | | | | | | assigned to | | | | | | a single VM | | | | | | by the | | | | | | Cloud | | | | | | Inf | | | | | | rastructure | | | | +-------------+-------------+-------------+-------------+-------------+ | e.cap.002 | Max memory | at least 32 | at least 32 | | | | that can be | GB | GB | | | | assigned to | | | | | | a single VM | | | | | | by the | | | | | | Cloud | | | | | | Inf | | | | | | rastructure | | | | +-------------+-------------+-------------+-------------+-------------+ | e.cap.003 | Max storage | at least | at least | | | | that can be | 320 GB | 320 GB | | | | assigned to | | | | | | a single VM | | | | | | by the | | | | | | Cloud | | | | | | Inf | | | | | | rastructure | | | | +-------------+-------------+-------------+-------------+-------------+ | e.cap.004 | Max number | 6 | 6 | | | | of | | | | | | connection | | | | | | points that | | | | | | can be | | | | | | assigned to | | | | | | a single VM | | | | | | by the | | | | | | Cloud | | | | | | Inf | | | | | | rastructure | | | | +-------------+-------------+-------------+-------------+-------------+ | e.cap.005 | Max storage | Up to 16TB1 | Up to 16TB1 | | | | that can be | | | | | | attached / | | | | | | mounted to | | | | | | VM by the | | | | | | Cloud | | | | | | Inf | | | | | | rastructure | | | | +-------------+-------------+-------------+-------------+-------------+ | e.cap.006/ | CPU pinning | Not | Must | | | infra. | support | required | support | | | com.cfg.003 | | | | | +-------------+-------------+-------------+-------------+-------------+ | e.cap.007/ | NUMA | Not | Must | | | infra. | support | required | support | | | com.cfg.002 | | | | | +-------------+-------------+-------------+-------------+-------------+ | e.cap.018/ | S | Not | Must | | | infra. | imultaneous | required | support | | | com.cfg.005 | Mul | | | | | | tithreading | | | | | | (SMT) | | | | | | enabled | | | | +-------------+-------------+-------------+-------------+-------------+ | i.cap.018/ | Huge Pages | Not | Must | | | infra. | configured | required | support | | | com.cfg.004 | | | | | +-------------+-------------+-------------+-------------+-------------+ .. raw:: html

Table 2-1a: Reference Model Requirements: Cloud Infrastructure Software Profile Capabilities

.. **1** Defined in the ``.bronze`` configuration in `RM section 4.2.6 Storage Extensions <../../../ref_model/chapters/chapter04.md#4.2.6>`__\ .. _2211-cloud-infrastructure-software-profile-extensions-requirements-for-compute: 2.2.1.1 Cloud Infrastructure Software Profile Extensions Requirements for Compute ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +-------------+-------------+-------------+-------------+-------------+ | Reference | Description | Profile | Profile | Sp | | | | Extensions | Extra-Specs | ecification | | | | | | Reference | +=============+=============+=============+=============+=============+ | e.cap.008/ | IPSec | Compute | | | | infra.com. | A | Intensive | | | | acc.cfg.001 | cceleration | GPU | | | | | using the | | | | | | v | | | | | | irtio-ipsec | | | | | | interface | | | | +-------------+-------------+-------------+-------------+-------------+ | e.cap.010/ | Transcoding | Compute | Video | | | infra.com. | A | Intensive | Transcoding | | | acc.cfg.002 | cceleration | GPU | | | +-------------+-------------+-------------+-------------+-------------+ | e.cap.011/ | P | Firmware-p | Accelerator | | | infra.com. | rogrammable | rogrammable | | | | acc.cfg.003 | A | adapter | | | | | cceleration | | | | +-------------+-------------+-------------+-------------+-------------+ | e.cap.012 | Enhanced | E | E | | | | Cache | | | | | | Management: | | | | | | L=Lean; | | | | | | E=Equal; | | | | | | X=eXpanded | | | | +-------------+-------------+-------------+-------------+-------------+ | e.cap.014/ | Hardware | Compute | | | | infra.com. | coprocessor | Intensive | | | | acc.cfg.004 | support | GPU | | | | | (GPU/NPU) | | | | +-------------+-------------+-------------+-------------+-------------+ | e.cap.016/ | FPGA/other | Firmware-p | | | | infra.com. | A | rogrammable | | | | acc.cfg.005 | cceleration | adapter | | | | | H/W | | | | +-------------+-------------+-------------+-------------+-------------+ .. raw:: html

Table 2-1b: Cloud Infrastructure Software Profile Extensions Requirements for Compute

.. _222-cloud-infrastructure-software-profile-requirements-for-netwokring-source-rm-523: 2.2.2 Cloud Infrastructure Software Profile Requirements for Netwokring (source `RM 5.2.3 <../../../ref_model/chapters/chapter05.md#5.2.3>`__) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ The features and configuration requirements related to virtual networking for the two (2) types of Cloud Infrastructure Profiles are specified below followed by networking bandwidth requirements. +-------------+-------------+-------------+-------------+-------------+ | Reference | Description | Requirement | Requirement | Sp | | | | for Basic | for | ecification | | | | Profile | High- | Reference | | | | | Performance | | | | | | Profile | | +=============+=============+=============+=============+=============+ | infra. | IO | Must | Must | | | net.cfg.001 | vir | support | support | | | | tualisation | | | | | | using | | | | | | virtio1.1 | | | | +-------------+-------------+-------------+-------------+-------------+ | infra. | The overlay | Must | *No | | | net.cfg.002 | network | support | requirement | | | | en | VXLAN, | specified* | | | | capsulation | MPLSoUDP, | | | | | protocol | GENEVE, | | | | | needs to | other | | | | | enable ECMP | | | | | | in the | | | | | | underlay to | | | | | | take | | | | | | advantage | | | | | | of the | | | | | | scale-out | | | | | | features of | | | | | | the network | | | | | | fabric | | | | +-------------+-------------+-------------+-------------+-------------+ | infra. | Network | Must | Must | | | net.cfg.003 | Address | support | support | | | | Translation | | | | +-------------+-------------+-------------+-------------+-------------+ | infra. | Security | Must | Must | | | net.cfg.004 | Groups | support | support | | +-------------+-------------+-------------+-------------+-------------+ | infra. | SFC support | Not | Must | | | net.cfg.005 | | required | support | | +-------------+-------------+-------------+-------------+-------------+ | infra. | Traffic | Must | Must | | | net.cfg.006 | patterns | support | support | | | | symmetry | | | | +-------------+-------------+-------------+-------------+-------------+ .. raw:: html

Table 2-2a: Reference Model Requirements - Virtual Networking

The required number of connection points to a VM is described in ``e.cap.004`` `above <#2.2.1>`__. The table below specifies the required bandwidth of those connection points. +-------------+-------------+-------------+-------------+-------------+ | Reference | Description | Requirement | Requirement | Sp | | | | for Basic | for High | ecification | | | | Profile | Performance | Reference | | | | | Profile | | +=============+=============+=============+=============+=============+ | n1, n2, n3, | 1, 2, 3, 4, | Must | Must | | | n4, n5, n6 | 5, 6 Gbps | support | support | | +-------------+-------------+-------------+-------------+-------------+ | n10, n20, | 10, 20, 30, | Must | Must | | | n30, n40, | 40, 50, 60 | support | support | | | n50, n60 | Gbps | | | | +-------------+-------------+-------------+-------------+-------------+ | n25, n50, | 25, 50, 75, | Optional | Must | | | n75, n100, | 100, 125, | | support | | | n125, n150 | 150 Gbps | | | | +-------------+-------------+-------------+-------------+-------------+ | n50, n100, | 50, 100, | Optional | Must | | | n150, n200, | 150, 200, | | support | | | n250, n300 | 250, 300 | | | | | | Gbps | | | | +-------------+-------------+-------------+-------------+-------------+ | n100, n200, | 100, 200, | Optional | Must | | | n300, n400, | 300, 400, | | support | | | n500, n600 | 500, 600 | | | | | | Gbps | | | | +-------------+-------------+-------------+-------------+-------------+ .. raw:: html

Table 2-2b: Reference Model Requirements - Network Interface Specifications

.. _2221-cloud-infrastructure-software-profile-extensions-requirements-for-networking: 2.2.2.1 Cloud Infrastructure Software Profile Extensions Requirements for Networking ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +-------------+-------------+-------------+-------------+-------------+ | Reference | Description | Requirement | Requirement | Sp | | | | for Basic | for | ecification | | | | Profile | High- | Reference | | | | | Performance | | | | | | Profile | | +=============+=============+=============+=============+=============+ | e.cap.013/ | SR-IOV over | N | Y | | | infra.hw. | PCI-PT | | | | | nac.cfg.004 | | | | | +-------------+-------------+-------------+-------------+-------------+ | e.cap.019/ | vSwitch | N | Y | | | infra.net. | o | | | | | acc.cfg.001 | ptimisation | | | | | | (DPDK) | | | | +-------------+-------------+-------------+-------------+-------------+ | e.cap.015/ | SmartNIC | N | Optional | | | infra.net. | (for HW | | | | | acc.cfg.002 | Offload) | | | | +-------------+-------------+-------------+-------------+-------------+ | e.cap.009/ | Crypto | N | Optional | | | infra.net. | a | | | | | acc.cfg.003 | cceleration | | | | +-------------+-------------+-------------+-------------+-------------+ | infra.net. | Crypto | N | Optional | | | acc.cfg.004 | A | | | | | | cceleration | | | | | | Interface | | | | +-------------+-------------+-------------+-------------+-------------+ .. raw:: html

Table 2-2c: Cloud Infrastructure Software Profile Extensions Requirements for Networking

.. _223-cloud-infrastructure-software-profile-requirements-for-storage-source-rm-52: 2.2.3 Cloud Infrastructure Software Profile Requirements for Storage (source `RM 5.2 <../../../ref_model/chapters/chapter05.md#5.2>`__) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +-------------+-------------+-------------+-------------+-------------+ | Reference | Description | Requirement | Requirement | Sp | | | | for Basic | for | ecification | | | | Profile | High- | Reference | | | | | Performance | | | | | | Profile | | +=============+=============+=============+=============+=============+ | infra. | Storage | Must | Must | | | stg.cfg.002 | Block | support | support | | +-------------+-------------+-------------+-------------+-------------+ | infra. | Storage | Not | Must | | | stg.cfg.003 | with | required | support | | | | replication | | | | +-------------+-------------+-------------+-------------+-------------+ | infra. | Storage | Must | Must | | | stg.cfg.004 | with | support | support | | | | encryption | | | | +-------------+-------------+-------------+-------------+-------------+ | infra.stg. | Storage | Not | Must | | | acc.cfg.001 | IOPS | required | support | | | | oriented | | | | +-------------+-------------+-------------+-------------+-------------+ | infra.stg. | Storage | Not | Not | | | acc.cfg.002 | capacity | required | required | | | | oriented | | | | +-------------+-------------+-------------+-------------+-------------+ .. raw:: html

Table 2-3a: Reference Model Requirements - Cloud Infrastructure Software Profile Requirements for Storage

.. _2231-cloud-infrastructure-software-profile-extensions-requirements-for-storage: 2.2.3.1 Cloud Infrastructure Software Profile Extensions Requirements for Storage ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +-------------+-------------+-------------+-------------+-------------+ | Reference | Description | Profile | Profile | Sp | | | | Extensions | Extra-Specs | ecification | | | | | | Reference | +=============+=============+=============+=============+=============+ | infra.stg. | Storage | Storage | | | | acc.cfg.001 | IOPS | Intensive | | | | | oriented | High- | | | | | | performance | | | | | | storage | | | +-------------+-------------+-------------+-------------+-------------+ | infra.stg. | Storage | High | | | | acc.cfg.002 | capacity | Capacity | | | | | oriented | | | | +-------------+-------------+-------------+-------------+-------------+ .. raw:: html

Table 2-3b: Reference Model Requirements - Cloud Infrastructure Software Profile Extensions Requirements for Storage

.. _224-cloud-infrastructure-hardware-profile-requirements-source-rm-54: 2.2.4 Cloud Infrastructure Hardware Profile Requirements (source `RM 5.4 <../../../ref_model/chapters/chapter05.md#5.4>`__) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +-------------+-------------+-------------+-------------+-------------+ | Reference | Description | Requirement | Requirement | Sp | | | | for Basic | for | ecification | | | | Profile | High- | Reference | | | | | Performance | | | | | | Profile | | +=============+=============+=============+=============+=============+ | i | CPU | | | | | nfra.hw.001 | A | | | | | | rchitecture | | | | | | (Values | | | | | | such as | | | | | | x64, ARM, | | | | | | etc.) | | | | +-------------+-------------+-------------+-------------+-------------+ | infra.hw. | Minimum | 2 | 2 | | | cpu.cfg.001 | number of | | | | | | CPU | | | | | | (Sockets) | | | | +-------------+-------------+-------------+-------------+-------------+ | infra.hw. | Minimum | 20 | 20 | | | cpu.cfg.002 | number of | | | | | | Cores per | | | | | | CPU | | | | +-------------+-------------+-------------+-------------+-------------+ | infra.hw. | NUMA | Not | Must | | | cpu.cfg.003 | | required | support | | +-------------+-------------+-------------+-------------+-------------+ | infra.hw. | S | Must | Must | | | cpu.cfg.004 | imultaneous | support | support | | | | Mu | | | | | | ltithreadin | | | | | | g/Symmetric | | | | | | Mult | | | | | | iprocessing | | | | | | (SMT/SMP) | | | | +-------------+-------------+-------------+-------------+-------------+ | in | Local | *No | *No | | | fra.hw.stg. | Storage HDD | requirement | requirement | | | hdd.cfg.001 | | specified* | specified* | | +-------------+-------------+-------------+-------------+-------------+ | in | Local | Should | Should | | | fra.hw.stg. | Storage SSD | support | support | | | ssd.cfg.002 | | | | | +-------------+-------------+-------------+-------------+-------------+ | infra.hw. | Total | 4 | 4 | | | nic.cfg.001 | Number of | | | | | | NIC Ports | | | | | | available | | | | | | in the host | | | | +-------------+-------------+-------------+-------------+-------------+ | infra.hw. | Port speed | 10 | 25 | | | nic.cfg.002 | specified | | | | | | in Gbps | | | | | | (minimum | | | | | | values) | | | | +-------------+-------------+-------------+-------------+-------------+ | infra.hw. | Number of | 8 | 8 | | | pci.cfg.001 | PCIe slots | | | | | | available | | | | | | in the host | | | | +-------------+-------------+-------------+-------------+-------------+ | infra.hw. | PCIe speed | Gen 3 | Gen 3 | | | pci.cfg.002 | | | | | +-------------+-------------+-------------+-------------+-------------+ | infra.hw. | PCIe Lanes | 8 | 8 | | | pci.cfg.003 | | | | | +-------------+-------------+-------------+-------------+-------------+ | infra.hw. | Compression | *No | *No | | | nac.cfg.003 | | requirement | requirement | | | | | specified* | specified* | | +-------------+-------------+-------------+-------------+-------------+ .. raw:: html

Table 2-4a: Reference Model Requirements - Cloud Infrastructure Hardware Profile Requirements

.. _2241-cloud-infrastructure-hardware-profile-extensions-requirements-source-rm-54: 2.2.4.1 Cloud Infrastructure Hardware Profile-Extensions Requirements (source `RM 5.4 <../../../ref_model/chapters/chapter05.md#5.4>`__) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ +-------------+-------------+-------------+-------------+-------------+ | Reference | Description | Requirement | Requirement | Sp | | | | for Basic | for | ecification | | | | Profile | High- | Reference | | | | | Performance | | | | | | Profile | | +=============+=============+=============+=============+=============+ | e.cap.014/ | GPU | N | Optional | | | infra.hw. | | | | | | cac.cfg.001 | | | | | +-------------+-------------+-------------+-------------+-------------+ | e.cap.016/ | FPGA/other | N | Optional | | | infra.hw. | A | | | | | cac.cfg.002 | cceleration | | | | | | H/W | | | | +-------------+-------------+-------------+-------------+-------------+ | e.cap.009/ | Crypto | N | Optional | | | infra.hw. | A | | | | | nac.cfg.001 | cceleration | | | | +-------------+-------------+-------------+-------------+-------------+ | e.cap.015/ | SmartNIC | N | Optional | | | infra.hw. | | | | | | nac.cfg.002 | | | | | +-------------+-------------+-------------+-------------+-------------+ | infra.hw. | Compression | Optional | Optional | | | nac.cfg.003 | | | | | +-------------+-------------+-------------+-------------+-------------+ | e.cap.013/ | SR-IOV over | N | Yes | | | infra.hw. | PCI-PT | | | | | nac.cfg.004 | | | | | +-------------+-------------+-------------+-------------+-------------+ .. raw:: html

Table 2-4b: Reference Model Requirements - Cloud Infrastructure Hardware Profile Extensions Requirements

.. _225-cloud-infrastructure-management-requirements-source-rm-415: 2.2.5 Cloud Infrastructure Management Requirements (source `RM 4.1.5 <../../../ref_model/chapters/chapter04.md#415-cloud-infrastructure-management-capabilities>`__) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +-----------+-----------------+-----------------+-----------------+ | Reference | Description | Requirement | Specification | | | | (common to all | Reference | | | | Profiles) | | +===========+=================+=================+=================+ | e.man.001 | Capability to | Must support | | | | allocate | | | | | virtual compute | | | | | resources to a | | | | | workload | | | +-----------+-----------------+-----------------+-----------------+ | e.man.002 | Capability to | Must support | | | | allocate | | | | | virtual storage | | | | | resources to a | | | | | workload | | | +-----------+-----------------+-----------------+-----------------+ | e.man.003 | Capability to | Must support | | | | allocate | | | | | virtual | | | | | networking | | | | | resources to a | | | | | workload | | | +-----------+-----------------+-----------------+-----------------+ | e.man.004 | Capability to | Must support | | | | isolate | | | | | resources | | | | | between tenants | | | +-----------+-----------------+-----------------+-----------------+ | e.man.005 | Capability to | Must support | | | | manage workload | | | | | software images | | | +-----------+-----------------+-----------------+-----------------+ | e.man.006 | Capability to | Must support | | | | provide | | | | | information | | | | | related to | | | | | allocated | | | | | virtualised | | | | | resources per | | | | | tenant | | | +-----------+-----------------+-----------------+-----------------+ | e.man.007 | Capability to | Must support | | | | notify state | | | | | changes of | | | | | allocated | | | | | resources | | | +-----------+-----------------+-----------------+-----------------+ | e.man.008 | Capability to | Must support | | | | collect and | | | | | expose | | | | | performance | | | | | information on | | | | | virtualised | | | | | resources | | | | | allocated | | | +-----------+-----------------+-----------------+-----------------+ | e.man.009 | Capability to | Must support | | | | collect and | | | | | notify fault | | | | | information on | | | | | virtualised | | | | | resources | | | +-----------+-----------------+-----------------+-----------------+ .. raw:: html

Table 2-5: Reference Model Requirements: Cloud Infrastructure Management Requirements

.. _226-cloud-infrastructure-security-requirements: 2.2.6 Cloud Infrastructure Security Requirements ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ .. _2261-system-hardening-source-rm-791: 2.2.6.1. System Hardening (source `RM 7.9.1 <../../../ref_model/chapters/chapter07.md#791-system-hardening>`__) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ +-------------+--------------+------------------+------------------+ | Ref # | sub-category | Description | Traceability | +=============+==============+==================+==================+ | sec.gen.001 | Hardening | The Platform | `RA-1 6.3.6 | | | | **must** | "Security | | | | maintain the | LCM" <./ch | | | | specified | apter06.md#636-s | | | | configuration. | ecurity-lcm>`__, | | | | | `RA-1 7.2 "Cloud | | | | | Infrastructure | | | | | and VIM | | | | | configuration | | | | | manageme | | | | | nt" <./chapter07 | | | | | .md#72-cloud-inf | | | | | rastructure-and- | | | | | vim-configuratio | | | | | n-management>`__ | +-------------+--------------+------------------+------------------+ | sec.gen.002 | Hardening | All systems part | `RA-1 6.3.1.3 | | | | of Cloud | "Password | | | | Infrastructure | policy" <./chapt | | | | **must** support | er06.md#6313-pas | | | | password | sword-policy>`__ | | | | hardening as | | | | | defined in `CIS | | | | | Password Policy | | | | | Guide `__. | | +-------------+--------------+------------------+------------------+ | sec.gen.003 | Hardening | All servers part | `RA-1 6.3.1.1 | | | | of Cloud | "Server boot | | | | Infrastructure | hardening | | | | **must** support | " <./chapter06.m | | | | a root of trust | d#6311-server-bo | | | | and secure boot. | ot-hardening>`__ | +-------------+--------------+------------------+------------------+ | sec.gen.004 | Hardening | The Operating | `RA-1 6.3.1.4 | | | | Systems of all | "Function and | | | | the servers part | Software | | | | of Cloud | " <./chapter06.m | | | | Infrastructure | d#6314-function- | | | | **must** be | and-software>`__ | | | | hardened by | | | | | removing or | | | | | disabling | | | | | unnecessary | | | | | services, | | | | | applications and | | | | | network | | | | | protocols, | | | | | configuring | | | | | operating system | | | | | user | | | | | authentication, | | | | | configuring | | | | | resource | | | | | controls, | | | | | installing and | | | | | configuring | | | | | additional | | | | | security | | | | | controls where | | | | | needed, and | | | | | testing the | | | | | security of the | | | | | Operating System | | | | | (NIST SP | | | | | 800-123). | | +-------------+--------------+------------------+------------------+ | sec.gen.005 | Hardening | The Platform | `RA-1 6.3.1.2 | | | | **must** support | "System | | | | Operating System | Access" <./cha | | | | level access | pter06.md#6312-s | | | | control. | ystem-access>`__ | +-------------+--------------+------------------+------------------+ | sec.gen.006 | Hardening | The Platform | `RA-1 6.3.1.2 | | | | **must** support | "System | | | | Secure logging. | Access" <./cha | | | | Logging with | pter06.md#6312-s | | | | root account | ystem-access>`__ | | | | must be | | | | | prohibited when | | | | | root privileges | | | | | are not | | | | | required. | | +-------------+--------------+------------------+------------------+ | sec.gen.007 | Hardening | All servers part | `RA-1 6.3.7.6 | | | | of Cloud | "Security Logs | | | | Infrastructure | Time | | | | **must** be Time | Synchronisat | | | | synchronised | ion" <./chapter0 | | | | with | 6.md#6376-securi | | | | authenticated | ty-logs-time-syn | | | | Time service. | chronisation>`__ | +-------------+--------------+------------------+------------------+ | sec.gen.008 | Hardening | All servers part | `RA-1 6.3.1.5 | | | | of Cloud | "Patches" < | | | | Infrastructure | ./chapter06.md#6 | | | | **must** be | 315-patches>`__, | | | | regularly | `RA-1 6.3.6 | | | | updated to | "Security | | | | address security | LCM" <./c | | | | vulnerabilities. | hapter06.md#636- | | | | | security-lcm>`__ | +-------------+--------------+------------------+------------------+ | sec.gen.009 | Hardening | The Platform | `RA-1 6.3.3.2 | | | | **must** support | "Integrity of | | | | software | OpenStack | | | | integrity | components | | | | protection and | configur | | | | verification. | ation" <./chapte | | | | | r06.md#6332-inte | | | | | grity-of-opensta | | | | | ck-components-co | | | | | nfiguration>`__, | | | | | `RA-1 6.3.5 | | | | | "Image | | | | | Security" <./cha | | | | | pter06.md#635-im | | | | | age-security>`__ | +-------------+--------------+------------------+------------------+ | sec.gen.010 | Hardening | The Cloud | `RA-1 6.3.3.3 | | | | Infrastructure | "Confidentiality | | | | **must** support | and Integrity of | | | | encrypted | tenant | | | | storage, for | dat | | | | example, block, | a" <./chapter06. | | | | object and file | md#6333-confiden | | | | storage, with | tiality-and-inte | | | | access to | grity-of-tenant- | | | | encryption keys | data-secmon012-a | | | | restricted based | nd-secmon013>`__ | | | | on a need to | | | | | know | | | | | (`Controlled | | | | | Access Based on | | | | | the Need to | | | | | Know `__). | | +-------------+--------------+------------------+------------------+ | sec.gen.012 | Hardening | The Operator | This | | | | **must** ensure | requirement’s | | | | that only | verification | | | | authorised | goes beyond | | | | actors have | Anuket testing | | | | physical access | scope | | | | to the | | | | | underlying | | | | | infrastructure. | | +-------------+--------------+------------------+------------------+ | sec.gen.013 | Hardening | The Platform | `RA-1 6.3.1.2 | | | | **must** ensure | "System | | | | that only | Access" <./cha | | | | authorised | pter06.md#6312-s | | | | actors have | ystem-access>`__ | | | | logical access | | | | | to the | | | | | underlying | | | | | infrastructure. | | +-------------+--------------+------------------+------------------+ | sec.gen.015 | Hardening | Any change to | `RA-1 6.3.6 | | | | the Platform | "Security | | | | **must** be | LCM" <./c | | | | logged as a | hapter06.md#636- | | | | security event, | security-lcm>`__ | | | | and the logged | | | | | event must | | | | | include the | | | | | identity of the | | | | | entity making | | | | | the change, the | | | | | change, the date | | | | | and the time of | | | | | the change. | | +-------------+--------------+------------------+------------------+ .. raw:: html

Table 2-6: Reference Model Requirements - System Hardening Requirements

.. _2262-platform-and-access-source-rm-792: 2.2.6.2. Platform and Access (source `RM 7.9.2 <../../../ref_model/chapters/chapter07.md#792-platform-and-access>`__) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ +-------------+--------------+------------------+------------------+ | Ref # | sub-category | Description | Traceability | +=============+==============+==================+==================+ | sec.sys.001 | Access | The Platform | `RA-1 6.3.2.4 | | | | **must** support | "RBA | | | | authenticated | C" <./chapter06. | | | | and secure | md#6324-rbac>`__ | | | | access to API, | | | | | GUI and command | | | | | line interfaces | | +-------------+--------------+------------------+------------------+ | sec.sys.002 | Access | The Platform | `RA-1 6.3.4 | | | | **must** support | "Workload | | | | Traffic | Sec | | | | Filtering for | urity" <./chapte | | | | workloads (for | r06.md#634-workl | | | | example, Fire | oad-security>`__ | | | | Wall). | | +-------------+--------------+------------------+------------------+ | sec.sys.003 | Access | The Platform | `RA-1 6.3.3.1 | | | | **must** support | "Confidentiality | | | | Secure and | and Integrity of | | | | encrypted | communic | | | | communications, | ations" <./chapt | | | | and | er06.md#6331-con | | | | confidentiality | fidentiality-and | | | | and integrity of | -integrity-of-co | | | | network traffic. | mmunications>`__ | +-------------+--------------+------------------+------------------+ | sec.sys.004 | Access | The Cloud | `RA-1 6.3.3.1 | | | | Infrastructure | "Confidentiality | | | | **must** support | and Integrity of | | | | authentication, | communic | | | | integrity and | ations" <./chapt | | | | confidentiality | er06.md#6331-con | | | | on all network | fidentiality-and | | | | channels. | -integrity-of-co | | | | | mmunications>`__ | +-------------+--------------+------------------+------------------+ | sec.sys.005 | Access | The Cloud | `RA-1 6.3.3.1 | | | | Infrastructure | "Confidentiality | | | | **must** | and Integrity of | | | | segregate the | communic | | | | underlay and | ations" <./chapt | | | | overlay | er06.md#6331-con | | | | networks. | fidentiality-and | | | | | -integrity-of-co | | | | | mmunications>`__ | +-------------+--------------+------------------+------------------+ | sec.sys.006 | Access | The Cloud | `RA-1 6.3.2.1 | | | | Infrastructure | "Identity | | | | **must** be able | Secu | | | | to utilise the | rity" <./chapter | | | | Cloud | 06.md#6321-ident | | | | Infrastructure | ity-security>`__ | | | | Manager identity | | | | | lifecycle | | | | | management | | | | | capabilities. | | +-------------+--------------+------------------+------------------+ | sec.sys.007 | Access | The Platform | `RA-1 6.3.2.4 | | | | **must** | "RBA | | | | implement | C" <./chapter06. | | | | controls | md#6324-rbac>`__ | | | | enforcing | | | | | separation of | | | | | duties and | | | | | privileges, | | | | | least privilege | | | | | use and least | | | | | common mechanism | | | | | (Role-Based | | | | | Access Control). | | +-------------+--------------+------------------+------------------+ | sec.sys.008 | Access | The Platform | `RA-1 6.3.4 | | | | **must** be able | "Workload | | | | to assign the | Sec | | | | Entities that | urity" <./chapte | | | | comprise the | r06.md#634-workl | | | | tenant networks | oad-security>`__ | | | | to different | | | | | trust domains. | | | | | (Communication | | | | | between | | | | | different trust | | | | | domains is not | | | | | allowed, by | | | | | default.) | | +-------------+--------------+------------------+------------------+ | sec.sys.009 | Access | The Platform | | | | | **must** support | | | | | creation of | | | | | Trust | | | | | Relationships | | | | | between trust | | | | | domains. These | | | | | maybe | | | | | uni-directional | | | | | relationships | | | | | where the | | | | | trusting domain | | | | | trusts another | | | | | domain (the | | | | | “trusted | | | | | domain”) to | | | | | authenticate | | | | | users for them | | | | | or to allow | | | | | access to its | | | | | resources from | | | | | the trusted | | | | | domain. In a | | | | | bidirectional | | | | | relationship | | | | | both domain are | | | | | “trusting” and | | | | | “trusted”. | | +-------------+--------------+------------------+------------------+ | sec.sys.010 | Access | For two or more | | | | | domains without | | | | | existing trust | | | | | relationships, | | | | | the Platform | | | | | **must not** | | | | | allow the effect | | | | | of an attack on | | | | | one domain to | | | | | impact the other | | | | | domains either | | | | | directly or | | | | | indirectly. | | +-------------+--------------+------------------+------------------+ | sec.sys.011 | Access | The Platform | `RA-1 6.3.1.2 | | | | **must not** | "System | | | | reuse the same | Access" <./cha | | | | authentication | pter06.md#6312-s | | | | credentials | ystem-access>`__ | | | | (e.g., key | | | | | pairs) on | | | | | different | | | | | Platform | | | | | components | | | | | (e.g., different | | | | | hosts, or | | | | | different | | | | | services). | | +-------------+--------------+------------------+------------------+ | sec.sys.012 | Access | The Platform | | | | | **must** protect | | | | | all secrets by | | | | | using strong | | | | | encryption | | | | | techniques and | | | | | storing the | | | | | protected | | | | | secrets | | | | | externally from | | | | | the component | | | | | (e.g., in | | | | | OpenStack | | | | | Barbican) | | +-------------+--------------+------------------+------------------+ | sec.sys.013 | Access | The Platform | | | | | **must** | | | | | generate secrets | | | | | dynamically as | | | | | and when needed. | | +-------------+--------------+------------------+------------------+ | sec.sys.015 | Access | The Platform | | | | | **must not** | | | | | contain back | | | | | door entries | | | | | (unpublished | | | | | access points, | | | | | APIs, etc.). | | +-------------+--------------+------------------+------------------+ | sec.sys.016 | Access | Login access to | `RA-1 6.3.6 | | | | the Platform's | "Security | | | | components | LCM" <./c | | | | **must** be | hapter06.md#636- | | | | through | security-lcm>`__ | | | | encrypted | | | | | protocols such | | | | | as SSH v2 or TLS | | | | | v1.2 or higher. | | | | | Note: Hardened | | | | | jump servers | | | | | isolated from | | | | | external | | | | | networks are | | | | | recommended | | +-------------+--------------+------------------+------------------+ | sec.sys.017 | Access | The Platform | `RA-1 6.3.3.1 | | | | **must** provide | "Confidentiality | | | | the capability | and Integrity of | | | | of using digital | communic | | | | certificates | ations" <./chapt | | | | that comply with | er06.md#6331-con | | | | X.509 standards | fidentiality-and | | | | issued by a | -integrity-of-co | | | | trusted | mmunications>`__ | | | | Certification | | | | | Authority. | | +-------------+--------------+------------------+------------------+ | sec.sys.018 | Access | The Platform | | | | | **must** provide | | | | | the capability | | | | | of allowing | | | | | certificate | | | | | renewal and | | | | | revocation. | | +-------------+--------------+------------------+------------------+ | sec.sys.019 | Access | The Platform | | | | | **must** provide | | | | | the capability | | | | | of testing the | | | | | validity of a | | | | | digital | | | | | certificate (CA | | | | | signature, | | | | | validity period, | | | | | non revocation, | | | | | identity). | | +-------------+--------------+------------------+------------------+ .. raw:: html

Table 2-7: Reference Model Requirements - Platform and Access Requirements

.. _2263-confidentiality-and-integrity-source-rm793: 2.2.6.3. Confidentiality and Integrity (source `RM7.9.3 <../../../ref_model/chapters/chapter07.md#793-confidentiality-and-integrity>`__) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ +------------+-----------------+-----------------+-----------------+ | Ref # | sub-category | Description | Traceability | +============+=================+=================+=================+ | sec.ci.001 | Confidenti | The Platform | `RA-1 6.3.3 | | | ality/Integrity | **must** | " | | | | support | Confidentiality | | | | Confidentiality | and | | | | and Integrity | Inte | | | | of data at rest | grity" <./chapt | | | | and in transit. | er06.md#633-con | | | | | fidentiality-an | | | | | d-integrity>`__ | +------------+-----------------+-----------------+-----------------+ | sec.ci.003 | Confidenti | The Platform | | | | ality/Integrity | **must** | | | | | support | | | | | Confidentiality | | | | | and Integrity | | | | | of data related | | | | | metadata. | | +------------+-----------------+-----------------+-----------------+ | sec.ci.004 | Confidentiality | The Platform | | | | | **must** | | | | | support | | | | | Confidentiality | | | | | of processes | | | | | and restrict | | | | | information | | | | | sharing with | | | | | only the | | | | | process owner | | | | | (e.g., tenant). | | +------------+-----------------+-----------------+-----------------+ | sec.ci.005 | Confidenti | The Platform | | | | ality/Integrity | **must** | | | | | support | | | | | Confidentiality | | | | | and Integrity | | | | | of | | | | | process-related | | | | | metadata and | | | | | restrict | | | | | information | | | | | sharing with | | | | | only the | | | | | process owner | | | | | (e.g., tenant). | | +------------+-----------------+-----------------+-----------------+ | sec.ci.006 | Confidenti | The Platform | | | | ality/Integrity | **must** | | | | | support | | | | | Confidentiality | | | | | and Integrity | | | | | of workload | | | | | resource | | | | | utilisation | | | | | (RAM, CPU, | | | | | Storage, | | | | | Network I/O, | | | | | cache, hardware | | | | | offload) and | | | | | restrict | | | | | information | | | | | sharing with | | | | | only the | | | | | workload owner | | | | | (e.g., tenant). | | +------------+-----------------+-----------------+-----------------+ | sec.ci.007 | Confidenti | The Platform | | | | ality/Integrity | **must not** | | | | | allow Memory | | | | | Inspection by | | | | | any actor other | | | | | than the | | | | | authorised | | | | | actors for the | | | | | Entity to which | | | | | Memory is | | | | | assigned (e.g., | | | | | tenants owning | | | | | the workload), | | | | | for Lawful | | | | | Inspection, and | | | | | for secure | | | | | monitoring | | | | | services. | | | | | Administrative | | | | | access must be | | | | | managed using | | | | | Platform | | | | | Identity | | | | | Lifecycle | | | | | Management. | | +------------+-----------------+-----------------+-----------------+ | sec.ci.008 | Confidentiality | The Cloud | `RA-1 6.3.4 | | | | Infrastructure | "Workload | | | | **must** | Securi | | | | support tenant | ty" <./chapter0 | | | | networks | 6.md#634-worklo | | | | segregation. | ad-security>`__ | +------------+-----------------+-----------------+-----------------+ .. raw:: html

Table 2-8: Reference Model Requirements: Confidentiality and Integrity Requirements

.. _2264-workload-security-source-rm794: 2.2.6.4. Workload Security (source `RM7.9.4 <../../../ref_model/chapters/chapter07.md#794-workload-security>`__) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ +------------+--------------+-------------------+-------------------+ | Ref # | sub-category | Description | Traceability | +============+==============+===================+===================+ | sec.wl.001 | Workload | The Platform | `RA-1 6.3.4 | | | | **must** support | "Workload | | | | Workload | Security" <./chap | | | | placement policy. | ter06.md#634-work | | | | | load-security>`__ | +------------+--------------+-------------------+-------------------+ | sec.wl.002 | Workload | The Cloud | | | | | Infrastructure | | | | | **must** provide | | | | | methods to ensure | | | | | the platform’s | | | | | trust status and | | | | | integrity (e.g., | | | | | remote | | | | | attestation, | | | | | Trusted Platform | | | | | Module). | | +------------+--------------+-------------------+-------------------+ | sec.wl.003 | Workload | The Platform | `RA-1 6.3.4 | | | | **must** support | "Workload | | | | secure | Security" <./chap | | | | provisioning of | ter06.md#634-work | | | | Workloads. | load-security>`__ | +------------+--------------+-------------------+-------------------+ | sec.wl.004 | Workload | The Platform | `RA-1 6.3.4 | | | | **must** support | "Workload | | | | Location | Security" <./chap | | | | assertion (for | ter06.md#634-work | | | | mandated | load-security>`__ | | | | in-country or | | | | | location | | | | | requirements). | | +------------+--------------+-------------------+-------------------+ | sec.wl.005 | Workload | The Platform | This | | | | **must** support | requirement’s | | | | the separation of | verification goes | | | | production and | beyond Anuket | | | | non-production | testing scope | | | | Workloads. | | +------------+--------------+-------------------+-------------------+ | sec.wl.006 | Workload | The Platform | `RA-1 6.3.4 | | | | **must** support | "Workload | | | | the separation of | Security" <./chap | | | | Workloads based | ter06.md#634-work | | | | on their | load-security>`__ | | | | categorisation | | | | | (for example, | | | | | payment card | | | | | information, | | | | | healthcare, etc.) | | +------------+--------------+-------------------+-------------------+ .. raw:: html

Table 2-9: Reference Model Requirements - Workload Security Requirements

.. _2265-image-security-source-rm795: 2.2.6.5. Image Security (source `RM7.9.5 <../../../ref_model/chapters/chapter07.md#795-image-security>`__) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ +-------------+--------------+------------------+------------------+ | Ref # | sub-category | Description | Traceability | +=============+==============+==================+==================+ | sec.img.001 | Image | Images from | `RA-1 6.3.5 | | | | untrusted | "Image | | | | sources **must | Security" <./cha | | | | not** be used. | pter06.md#635-im | | | | | age-security>`__ | +-------------+--------------+------------------+------------------+ | sec.img.002 | Image | Images **must** | `RA-1 6.3.5 | | | | be scanned to be | "Image | | | | maintained free | Security" <./cha | | | | from known | pter06.md#635-im | | | | vulnerabilities. | age-security>`__ | +-------------+--------------+------------------+------------------+ | sec.img.003 | Image | Images **must | | | | | not** be | | | | | configured to | | | | | run with | | | | | privileges | | | | | higher than the | | | | | privileges of | | | | | the actor | | | | | authorised to | | | | | run them. | | +-------------+--------------+------------------+------------------+ | sec.img.004 | Image | Images **must** | `RA-1 6.3.3.2 | | | | only be | "Confidentiality | | | | accessible to | and Integrity of | | | | authorised | communic | | | | actors. | ations" <./chapt | | | | | er06.md#6332-int | | | | | egrity-of-openst | | | | | ack-components-c | | | | | onfiguration>`__ | +-------------+--------------+------------------+------------------+ | sec.img.005 | Image | Image Registries | `RA-1 6.3.3.2 | | | | **must** only be | "Confidentiality | | | | accessible to | and Integrity of | | | | authorised | communic | | | | actors. | ations" <./chapt | | | | | er06.md#6332-int | | | | | egrity-of-openst | | | | | ack-components-c | | | | | onfiguration>`__ | +-------------+--------------+------------------+------------------+ | sec.img.006 | Image | Image Registries | `RA-1 6.3.3.2 | | | | **must** only be | "Confidentiality | | | | accessible over | and Integrity of | | | | networks that | communic | | | | enforce | ations" <./chapt | | | | authentication, | er06.md#6332-int | | | | integrity and | egrity-of-openst | | | | confidentiality. | ack-components-c | | | | | onfiguration>`__ | +-------------+--------------+------------------+------------------+ | sec.img.007 | Image | Image registries | `RA-1 6.3.3.2 | | | | **must** be | "Confidentiality | | | | clear of | and Integrity of | | | | vulnerable and | communica | | | | out of date | tions" <./chapte | | | | versions. | r06.md#6332-inte | | | | | grity-of-opensta | | | | | ck-components-co | | | | | nfiguration>`__, | | | | | `RA-1 6.3.5 | | | | | "Image | | | | | Security" <./cha | | | | | pter06.md#635-im | | | | | age-security>`__ | +-------------+--------------+------------------+------------------+ .. raw:: html

Table 2-10: Reference Model Requirements - Image Security Requirements

.. _2266-security-lcm-source-rm796: 2.2.6.6. Security LCM (source `RM7.9.6 <../../../ref_model/chapters/chapter07.md#796-security-lcm>`__) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ +-------------+--------------+------------------+------------------+ | Ref # | sub-category | Description | Traceability | +=============+==============+==================+==================+ | sec.lcm.001 | LCM | The Platform | `RA-1 6.3.7 | | | | **must** support | "Monitoring and | | | | Secure | Security | | | | Provisioning, | Audit" <./ch | | | | Availability, | apter06.md#637-m | | | | and | onitoring-and-se | | | | Deprovisioning | curity-audit>`__ | | | | (Secure | | | | | Clean-Up) of | | | | | workload | | | | | resources where | | | | | Secure Clean-Up | | | | | includes | | | | | tear-down, | | | | | defense against | | | | | virus or other | | | | | attacks. | | +-------------+--------------+------------------+------------------+ | sec.lcm.002 | LCM | The Cloud | `RA-1 6.3.6 | | | | Operator | "Security | | | | **must** use | LCM" <./c | | | | management | hapter06.md#636- | | | | protocols | security-lcm>`__ | | | | limiting | | | | | security risk | | | | | such as SNMPv3, | | | | | SSH v2, ICMP, | | | | | NTP, syslog and | | | | | TLS v1.2 or | | | | | higher. | | +-------------+--------------+------------------+------------------+ | sec.lcm.003 | LCM | The Cloud | `RA-1 6.3.7 | | | | Operator | "Monitoring and | | | | **must** | Security | | | | implement and | Audit" <./ch | | | | strictly follow | apter06.md#637-m | | | | change | onitoring-and-se | | | | management | curity-audit>`__ | | | | processes for | | | | | Cloud | | | | | Infrastructure, | | | | | Cloud | | | | | Infrastructure | | | | | Manager and | | | | | other components | | | | | of the cloud, | | | | | and Platform | | | | | change control | | | | | on hardware. | | +-------------+--------------+------------------+------------------+ | sec.lcm.005 | LCM | Platform | `RA-1 6.3.7 | | | | **must** provide | "Monitoring and | | | | logs and these | Security | | | | logs must be | Audit" <./ch | | | | monitored for | apter06.md#637-m | | | | anomalous | onitoring-and-se | | | | behaviour. | curity-audit>`__ | +-------------+--------------+------------------+------------------+ | sec.lcm.006 | LCM | The Platform | `RA-1 6.3.3.3 | | | | **must** verify | "Confidentiality | | | | the integrity of | and Integrity of | | | | all Resource | tenant | | | | management | dat | | | | requests. | a" <./chapter06. | | | | | md#6333-confiden | | | | | tiality-and-inte | | | | | grity-of-tenant- | | | | | data-secmon012-a | | | | | nd-secmon013>`__ | +-------------+--------------+------------------+------------------+ | sec.lcm.007 | LCM | The Platform | | | | | **must** be able | | | | | to update newly | | | | | instantiated, | | | | | suspended, | | | | | hibernated, | | | | | migrated and | | | | | restarted images | | | | | with current | | | | | time | | | | | information. | | +-------------+--------------+------------------+------------------+ | sec.lcm.008 | LCM | The Platform | | | | | **must** be able | | | | | to update newly | | | | | instantiated, | | | | | suspended, | | | | | hibernated, | | | | | migrated and | | | | | restarted images | | | | | with relevant | | | | | DNS information. | | +-------------+--------------+------------------+------------------+ | sec.lcm.009 | LCM | The Platform | | | | | **must** be able | | | | | to update the | | | | | tag of newly | | | | | instantiated, | | | | | suspended, | | | | | hibernated, | | | | | migrated and | | | | | restarted images | | | | | with relevant | | | | | geolocation | | | | | (geographical) | | | | | information. | | +-------------+--------------+------------------+------------------+ | sec.lcm.010 | LCM | The Platform | | | | | **must** log all | | | | | changes to | | | | | geolocation | | | | | along with the | | | | | mechanisms and | | | | | sources of | | | | | location | | | | | information | | | | | (i.e. GPS, IP | | | | | block, and | | | | | timing). | | +-------------+--------------+------------------+------------------+ | sec.lcm.011 | LCM | The Platform | `RA-1 6.3.1.5 | | | | **must** | "Patches" | | | | implement | <./chapter06.md# | | | | Security life | 6315-patches>`__ | | | | cycle management | | | | | processes | | | | | including the | | | | | proactive update | | | | | and patching of | | | | | all deployed | | | | | Cloud | | | | | Infrastructure | | | | | software. | | +-------------+--------------+------------------+------------------+ | sec.lcm.012 | LCM | The Platform | `RA-1 6.3.7.2 | | | | **must** log any | "What to | | | | access privilege | Log" <./ch | | | | escalation. | apter06.md#6372- | | | | | what-to-log--wha | | | | | t-not-to-log>`__ | +-------------+--------------+------------------+------------------+ .. raw:: html

Table 2-11: Reference Model Requirements - Security LCM Requirements

.. _2267-monitoring-and-security-audit-source-rm797: 2.2.6.7. Monitoring and Security Audit (source `RM7.9.7 <../../../ref_model/chapters/chapter07.md#797-monitoring-and-security-audit>`__) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ The Platform is assumed to provide configurable alerting and notification capability and the operator is assumed to have automated systems, policies and procedures to act on alerts and notifications in a timely fashion. In the following the monitoring and logging capabilities can trigger alerts and notifications for appropriate action. +-------------+-----------------+-----------------+-----------------+ | Ref # | sub-category | Description | Traceability | +=============+=================+=================+=================+ | sec.mon.001 | M | Platform | `RA-1 6.3.7.1 | | | onitoring/Audit | **must** | "Creating | | | | provide logs | logs" <./chapte | | | | and these logs | r06.md#6371-cre | | | | must be | ating-logs>`__, | | | | regularly | `RA-1 6.3.7.4 | | | | monitored for | "Required | | | | events of | Fie | | | | interest. The | lds" <./chapter | | | | logs **must** | 06.md#6374-requ | | | | contain the | ired-fields>`__ | | | | following | | | | | fields: event | | | | | type, | | | | | date/time, | | | | | protocol, | | | | | service or | | | | | program used | | | | | for access, | | | | | s | | | | | uccess/failure, | | | | | login ID or | | | | | process ID, IP | | | | | address and | | | | | ports (source | | | | | and | | | | | destination) | | | | | involved. | | +-------------+-----------------+-----------------+-----------------+ | sec.mon.002 | Monitoring | Security logs | `RA-1 6.3.7.6 | | | | **must** be | "Security Logs | | | | time | Time | | | | synchronised. | S | | | | | ynchronisation" | | | | | <./chapter06.m | | | | | d#6376-security | | | | | -logs-time-sync | | | | | hronisation>`__ | +-------------+-----------------+-----------------+-----------------+ | sec.mon.003 | Monitoring | The Platform | `RA-1 6.3.7.6 | | | | **must** log | "Security Logs | | | | all changes to | Time | | | | time server | S | | | | source, time, | ynchronisation" | | | | date and time | <./chapter06.m | | | | zones. | d#6376-security | | | | | -logs-time-sync | | | | | hronisation>`__ | +-------------+-----------------+-----------------+-----------------+ | sec.mon.004 | Audit | The Platform | `RA-1 6.3.6 | | | | **must** secure | "Security | | | | and protect | LCM" <./cha | | | | Audit logs | pter06.md#636-s | | | | (containing | ecurity-lcm>`__ | | | | sensitive | | | | | information) | | | | | both in-transit | | | | | and at rest. | | +-------------+-----------------+-----------------+-----------------+ | sec.mon.005 | M | The Platform | `RA-1 6.3.3.2 | | | onitoring/Audit | **must** | " | | | | Monitor and | Confidentiality | | | | Audit various | and Integrity | | | | behaviours of | of | | | | connection and | communications | | | | login attempts | " <./chapter06. | | | | to detect | md#6332-integri | | | | access attacks | ty-of-openstack | | | | and potential | -components-con | | | | access attempts | figuration>`__, | | | | and take | `RA-1 6.3.7.2 | | | | corrective | "What to log, | | | | actions | what not to | | | | accordingly | log" <./chapt | | | | | er06.md#6372-wh | | | | | at-to-log--what | | | | | -not-to-log>`__ | +-------------+-----------------+-----------------+-----------------+ | sec.mon.006 | M | The Platform | `RA-1 6.3.3.2 | | | onitoring/Audit | **must** | "Integrity of | | | | Monitor and | OpenStack | | | | Audit | components | | | | operations by | configuration | | | | authorised | " <./chapter06. | | | | account access | md#6332-integri | | | | after login to | ty-of-openstack | | | | detect | -components-con | | | | malicious | figuration>`__, | | | | operational | `RA-1 6.3.7 | | | | activity and | "Monitoring and | | | | take corrective | Security | | | | actions. | Audit" <./chapt | | | | | er06.md#637-mon | | | | | itoring-and-sec | | | | | urity-audit>`__ | +-------------+-----------------+-----------------+-----------------+ | sec.mon.007 | M | The Platform | `RA-1 6.3.3.2 | | | onitoring/Audit | **must** | "Integrity of | | | | Monitor and | OpenStack | | | | Audit security | components | | | | parameter | configuratio | | | | configurations | n" <./chapter06 | | | | for compliance | .md#6332-integr | | | | with defined | ity-of-openstac | | | | security | k-components-co | | | | policies. | nfiguration>`__ | +-------------+-----------------+-----------------+-----------------+ | sec.mon.008 | M | The Platform | `RA-1 6.3.3.1 | | | onitoring/Audit | **must** | " | | | | Monitor and | Confidentiality | | | | Audit | and Integrity | | | | externally | of | | | | exposed | communication | | | | interfaces for | s" <./chapter06 | | | | illegal access | .md#6331-confid | | | | (attacks) and | entiality-and-i | | | | take corrective | ntegrity-of-com | | | | security | munications>`__ | | | | hardening | | | | | measures. | | +-------------+-----------------+-----------------+-----------------+ | sec.mon.009 | M | The Platform | `RA-1 6.3.3.2 | | | onitoring/Audit | **must** | " | | | | Monitor and | Confidentiality | | | | Audit service | and Integrity | | | | for various | of | | | | attacks | communications | | | | (malformed | " <./chapter06. | | | | messages, | md#6332-integri | | | | signalling | ty-of-openstack | | | | flooding and | -components-con | | | | replaying, | figuration>`__, | | | | etc.) and take | `RA-1 6.3.7 | | | | corrective | "Monitoring and | | | | actions | Security | | | | accordingly. | Audit" <./chapt | | | | | er06.md#637-mon | | | | | itoring-and-sec | | | | | urity-audit>`__ | +-------------+-----------------+-----------------+-----------------+ | sec.mon.010 | M | The Platform | `RA-1 6.3.7 | | | onitoring/Audit | **must** | "Monitoring and | | | | Monitor and | Security | | | | Audit running | Audit" <./chapt | | | | processes to | er06.md#637-mon | | | | detect | itoring-and-sec | | | | unexpected or | urity-audit>`__ | | | | unauthorised | | | | | processes and | | | | | take corrective | | | | | actions | | | | | accordingly. | | +-------------+-----------------+-----------------+-----------------+ | sec.mon.011 | M | The Platform | `RA-1 6.3.7.1 | | | onitoring/Audit | **must** | "Creating | | | | Monitor and | logs" <./chapt | | | | Audit logs from | er06.md#6371-cr | | | | infrastructure | eating-logs>`__ | | | | elements and | | | | | workloads to | | | | | detected | | | | | anomalies in | | | | | the system | | | | | components and | | | | | take corrective | | | | | actions | | | | | accordingly. | | +-------------+-----------------+-----------------+-----------------+ | sec.mon.012 | M | The Platform | `RA-1 6.3.3.3 | | | onitoring/Audit | **must** | " | | | | Monitor and | Confidentiality | | | | Audit Traffic | and Integrity | | | | patterns and | of tenant | | | | volumes to | data" <./ | | | | prevent malware | chapter06.md#63 | | | | download | 33-confidential | | | | attempts. | ity-and-integri | | | | | ty-of-tenant-da | | | | | ta-secmon012-an | | | | | d-secmon013>`__ | +-------------+-----------------+-----------------+-----------------+ | sec.mon.013 | Monitoring | The monitoring | | | | | system **must | | | | | not** affect | | | | | the security | | | | | (integrity and | | | | | c | | | | | onfidentiality) | | | | | of the | | | | | infrastructure, | | | | | workloads, or | | | | | the user data | | | | | (through back | | | | | door entries). | | +-------------+-----------------+-----------------+-----------------+ | sec.mon.015 | Monitoring | The Platform | `RA-1 6.3.7 | | | | **must** ensure | "Monitoring and | | | | that the | Security | | | | Monitoring | Audit" <./chapt | | | | systems are | er06.md#637-mon | | | | never starved | itoring-and-sec | | | | of resources | urity-audit>`__ | | | | and **must** | | | | | activate alarms | | | | | when resource | | | | | utilisation | | | | | exceeds a | | | | | configurable | | | | | threshold. | | +-------------+-----------------+-----------------+-----------------+ | sec.mon.017 | Audit | The Platform | `RA-1 6.3.1.5 | | | | **must** audit | "Patches" <. | | | | systems for any | /chapter06.md#6 | | | | missing | 315-patches>`__ | | | | security | | | | | patches and | | | | | take | | | | | appropriate | | | | | actions. | | +-------------+-----------------+-----------------+-----------------+ | sec.mon.018 | Monitoring | The Platform, | `RA-1 6.3.7.3 | | | | starting from | "Where to | | | | initialisation, | Log" <./chap | | | | **must** | ter06.md#6373-w | | | | collect and | here-to-log>`__ | | | | analyse logs to | | | | | identify | | | | | security | | | | | events, and | | | | | store these | | | | | events in an | | | | | external | | | | | system. | | +-------------+-----------------+-----------------+-----------------+ | sec.mon.019 | Monitoring | The Platform’s | `RA-1 6.3.7.2 | | | | components | "What to | | | | **must not** | Log" <./chapt | | | | include an | er06.md#6372-wh | | | | authentication | at-to-log--what | | | | credential, | -not-to-log>`__ | | | | e.g., password, | | | | | in any logs, | | | | | even if | | | | | encrypted. | | +-------------+-----------------+-----------------+-----------------+ | sec.mon.020 | M | The Platform’s | `RA-1 6.3.7.5 | | | onitoring/Audit | logging system | "Data | | | | **must** | Rete | | | | support the | ntion <./chapte | | | | storage of | r06.md#6375-dat | | | | security audit | a-retention>`__ | | | | logs for a | | | | | configurable | | | | | period of time. | | +-------------+-----------------+-----------------+-----------------+ | sec.mon.021 | Monitoring | The Platform | `RA-1 6.3.7.3 | | | | **must** store | "Where to | | | | security events | Log" <./chap | | | | locally if the | ter06.md#6373-w | | | | external | here-to-log>`__ | | | | logging system | | | | | is unavailable | | | | | and shall | | | | | periodically | | | | | attempt to send | | | | | these to the | | | | | external | | | | | logging system | | | | | until | | | | | successful. | | +-------------+-----------------+-----------------+-----------------+ .. raw:: html

Table 2-12: Reference Model Requirements - Monitoring and Security Audit Requirements

.. _2268-open-source-software-source-rm798: 2.2.6.8. Open-Source Software (source `RM7.9.8 <../../../ref_model/chapters/chapter07.md#798-open-source-sotfware>`__) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ +-------------+--------------+-----------------------+--------------+ | Ref # | sub-category | Description | Traceability | +=============+==============+=======================+==============+ | sec.oss.001 | Software | Open-source code | | | | | **must** be inspected | | | | | by tools with various | | | | | capabilities for | | | | | static and dynamic | | | | | code analysis. | | +-------------+--------------+-----------------------+--------------+ | sec.oss.002 | Software | The CVE(Common | | | | | Vulnerabilities and | | | | | Exposures) **must** | | | | | be used to identify | | | | | vulnerabilities and | | | | | their severity rating | | | | | for open-source code | | | | | part of Cloud | | | | | Infrastructure and | | | | | workloads software, | | | | | `https:// | | | | | cve.mitre.org/ `__ | | +-------------+--------------+-----------------------+--------------+ | sec.oss.003 | Software | High severity rated | | | | | vulnerabilities | | | | | **must** be fixed. | | | | | Refer to the CVSS | | | | | (Common Vulnerability | | | | | Scoring System) to | | | | | know a vulnerability | | | | | score. | | +-------------+--------------+-----------------------+--------------+ | sec.oss.004 | Software | A dedicated internal | | | | | isolated repository | | | | | separated from the | | | | | production | | | | | environment **must** | | | | | be used to store | | | | | vetted open-source | | | | | content. | | +-------------+--------------+-----------------------+--------------+ .. raw:: html

Table 2-13: Reference Model Requirements - Open-Source Software Security Requirements

.. _2269-iaac-security-source-rm799: 2.2.6.9. IaaC security (source `RM7.9.9 <../../../ref_model/chapters/chapter07.md#799-iaac---secure-design-and-architecture-stage-requirements>`__) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ **Secure Code Stage Requirements** +--------------+--------------+----------------------+--------------+ | Ref # | sub-category | Description | Traceability | +==============+==============+======================+==============+ | sec.code.001 | IaaC | SAST -Static | | | | | Application Security | | | | | Testing **must** be | | | | | applied during | | | | | Secure Coding stage | | | | | triggered by Pull, | | | | | Clone or Comment | | | | | trigger. Security | | | | | testing that | | | | | analyses application | | | | | source code for | | | | | software | | | | | vulnerabilities and | | | | | gaps against best | | | | | practices. Example: | | | | | open source OWASP | | | | | range of tools. | | +--------------+--------------+----------------------+--------------+ .. raw:: html

Table 2-14: Reference Model Requirements: IaaC Security Requirements, Secure Code Stage

**Continuous Build, Integration and Testing Stage Requirements** +-------------+--------------+-----------------------+--------------+ | Ref # | sub-category | Description | Traceability | +=============+==============+=======================+==============+ | sec.bld.003 | IaaC | Container and Image | | | | | Scan **must** be | | | | | applied during the | | | | | Continuous Build, | | | | | Integration and | | | | | Testing stage | | | | | triggered by Package | | | | | trigger. Example: A | | | | | push of a container | | | | | image to a container | | | | | registry may trigger | | | | | a vulnerability scan | | | | | before the image | | | | | becomes available in | | | | | the registry. | | +-------------+--------------+-----------------------+--------------+ .. raw:: html

Table 2-15: Reference Model Requirements - IaaC Security Requirements, Continuous Build, Integration and Testing Stage

**Continuous Delivery and Deployment Stage Requirements** +-------------+--------------+-----------------------+--------------+ | Ref # | sub-category | Description | Traceability | +=============+==============+=======================+==============+ | sec.del.001 | IaaC | Image Scan **must** | | | | | be applied during the | | | | | Continuous Delivery | | | | | and Deployment stage | | | | | triggered by Publish | | | | | to Artifact and Image | | | | | Repository trigger. | | | | | Example: GitLab uses | | | | | the open source Clair | | | | | engine for container | | | | | image scanning. | | +-------------+--------------+-----------------------+--------------+ | sec.del.002 | IaaC | Code Signing **must** | | | | | be applied during the | | | | | Continuous Delivery | | | | | and Deployment stage | | | | | triggered by Publish | | | | | to Artifact and Image | | | | | Repository trigger. | | | | | Code Signing provides | | | | | authentication to | | | | | assure that | | | | | downloaded files are | | | | | form the publisher | | | | | named on the | | | | | certificate. | | +-------------+--------------+-----------------------+--------------+ | sec.del.004 | IaaC | Component | | | | | Vulnerability Scan | | | | | **must** be applied | | | | | during the Continuous | | | | | Delivery and | | | | | Deployment stage | | | | | triggered by | | | | | Instantiate | | | | | Infrastructure | | | | | trigger. The | | | | | vulnerability | | | | | scanning system is | | | | | deployed on the cloud | | | | | platform to detect | | | | | security | | | | | vulnerabilities of | | | | | specified components | | | | | through scanning and | | | | | to provide timely | | | | | security protection. | | | | | Example: OWASP Zed | | | | | Attack Proxy (ZAP). | | +-------------+--------------+-----------------------+--------------+ .. raw:: html

Table 2-16: Reference Model Requirements - IaaC Security Requirements, Continuous Delivery and Deployment Stage

**Runtime Defence and Monitoring Requirements** +-------------+--------------+-----------------------+--------------+ | Ref # | sub-category | Description | Traceability | +=============+==============+=======================+==============+ | sec.run.001 | IaaC | Component | | | | | Vulnerability | | | | | Monitoring **must** | | | | | be continuously | | | | | applied during the | | | | | Runtime Defence and | | | | | Monitoring stage. | | | | | Security technology | | | | | that monitors | | | | | components like | | | | | virtual servers and | | | | | assesses data, | | | | | applications, and | | | | | infrastructure for | | | | | security risks. | | +-------------+--------------+-----------------------+--------------+ .. raw:: html

Table 2-17: Reference Model Requirements - IaaC Security Requirements, Runtime Defence and Monitoring Stage

.. _22610-compliance-with-standards-source-rm7910: 2.2.6.10. Compliance with Standards (source `RM7.9.10 <../../../ref_model/chapters/chapter07.md#7910-compliance-with-standards>`__) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ +-------------+--------------+-----------------------+--------------+ | Ref # | sub-category | Description | Traceability | +=============+==============+=======================+==============+ | sec.std.012 | Standards | The Public Cloud | | | | | Operator **must**, | | | | | and the Private Cloud | | | | | Operator **may** be | | | | | certified to be | | | | | compliant with the | | | | | International | | | | | Standard on Awareness | | | | | Engagements (ISAE) | | | | | 3402 (in the US: SSAE | | | | | 16); International | | | | | Standard on Awareness | | | | | Engagements (ISAE) | | | | | 3402. US Equivalent: | | | | | SSAE16. | | +-------------+--------------+-----------------------+--------------+ .. raw:: html

Table 2-18: Reference Model Requirements: Cloud Infrastructure Security Requirements

.. _23-architecture-and-openstack-requirements: 2.3 Architecture and OpenStack Requirements ------------------------------------------- "Architecture" in this chapter refers to Cloud infrastructure (referred to as NFVI by ETSI) + VIM (as specified in Reference Model Chapter 3). .. _231-general-requirements: 2.3.1 General Requirements ~~~~~~~~~~~~~~~~~~~~~~~~~~ +------------+--------------+-------------------+-------------------+ | Ref # | sub-category | Description | Traceability | +============+==============+===================+===================+ | gen.ost.01 | Open source | The Architecture | `RA-1 | | | | **must** use | 5.3 <./cha | | | | OpenStack APIs. | pter05.md#5.3>`__ | +------------+--------------+-------------------+-------------------+ | gen.ost.02 | Open source | The Architecture | `RA-1 | | | | **must** support | 5.3 <./chapter05. | | | | dynamic request | md#53-consolidate | | | | and configuration | d-set-of-apis>`__ | | | | of virtual | | | | | resources | | | | | (compute, | | | | | network, storage) | | | | | through OpenStack | | | | | APIs. | | +------------+--------------+-------------------+-------------------+ | gen.rsl.01 | Resiliency | The Architecture | | | | | **must** support | | | | | resilient | | | | | OpenStack | | | | | components that | | | | | are required for | | | | | the continued | | | | | availability of | | | | | running | | | | | workloads. | | +------------+--------------+-------------------+-------------------+ | gen.avl.01 | Availability | The Architecture | `RA-1 4.2 | | | | **must** provide | "Underlying | | | | High Availability | Res | | | | for OpenStack | ources" <./chapte | | | | components. | r04.md#42-underly | | | | | ing-resources>`__ | +------------+--------------+-------------------+-------------------+ .. raw:: html

Table 2-19: General Requirements

.. _232-infrastructure-requirements: 2.3.2 Infrastructure Requirements ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +------------+--------------+-------------------+-------------------+ | Ref # | sub-category | Description | Traceability | +============+==============+===================+===================+ | inf.com.01 | Compute | The Architecture | `RA-1 3.3.1.4 | | | | **must** provide | "Cloud Workload | | | | compute resources | Service | | | | for VM instances. | s" <./chapter03.m | | | | | d#3314-cloud-work | | | | | load-services>`__ | +------------+--------------+-------------------+-------------------+ | inf.com.04 | Compute | The Architecture | `RA-1 4.4.1. | | | | **must** be able | "Support for | | | | to support | Cloud | | | | multiple CPU type | Infrastructure | | | | options to | Profiles and | | | | support various | flavors" <./chapt | | | | infrastructure | er04.md#4.4.1>`__ | | | | profiles (Basic | | | | | and High | | | | | Performance). | | +------------+--------------+-------------------+-------------------+ | inf.com.05 | Compute | The Architecture | `RA-1 4.4.1. | | | | **must** support | "Support for | | | | Hardware | Cloud | | | | Platforms with | Infrastructure | | | | NUMA | Profiles and | | | | capabilities. | flavors" <./chapt | | | | | er04.md#4.4.1>`__ | +------------+--------------+-------------------+-------------------+ | inf.com.06 | Compute | The Architecture | `RA-1 4.4.1. | | | | **must** support | "Support for | | | | CPU Pinning of | Cloud | | | | the vCPUs of VM | Infrastructure | | | | instance. | Profiles and | | | | | flavors" <./chapt | | | | | er04.md#4.4.1>`__ | +------------+--------------+-------------------+-------------------+ | inf.com.07 | Compute | The Architecture | `RA-1 3.3.3. | | | | **must** support | "Host aggregates | | | | different | providing | | | | hardware | resource | | | | configurations to | pooling | | | | support various | " <./chapter03.md | | | | infrastructure | #333-host-aggrega | | | | profiles (Basic | tes-providing-res | | | | and High | ource-pooling>`__ | | | | Performance). | | +------------+--------------+-------------------+-------------------+ | inf.com.08 | Compute | The Architecture | `Dedicating host | | | | **must** support | cores to certain | | | | allocating | workloads (e.g., | | | | certain number of | OpenStack | | | | host cores for | serv | | | | all non-tenant | ices) `__. | | | | individual | Please see | | | | OpenStack | example, | | | | services or their | `"Configuring | | | | components. | libvirt compute | | | | | nodes for CPU | | | | | pinning" < | | | | | https://docs.open | | | | | stack.org/nova/la | | | | | test/admin/cpu-to | | | | | pologies.html>`__ | +------------+--------------+-------------------+-------------------+ | inf.com.09 | Compute | The Architecture | Achieved through | | | | **must** ensure | configuring the | | | | that the host | "c | | | | cores assigned to | pu_dedicated_set" | | | | non-tenant and | and | | | | tenant workloads | "cpu_shared_set" | | | | are SMT aware: | parameters in | | | | that is, a host | nova.conf | | | | core and its | correctly. | | | | associated SMT | | | | | threads are | | | | | either all | | | | | assigned to | | | | | non-tenant | | | | | workloads or all | | | | | assigned to | | | | | tenant workloads. | | +------------+--------------+-------------------+-------------------+ | inf.stg.01 | Storage | The Architecture | `RA-1 3.4.2.3. | | | | **must** provide | "Storage | | | | remote (not | " <./chapter03.md | | | | directly attached | #3423-storage>`__ | | | | to the host) | | | | | Block storage for | | | | | VM Instances. | | +------------+--------------+-------------------+-------------------+ | inf.stg.02 | Storage | The Architecture | OpenStack Swift | | | | **must** provide | Service (`RA-1 | | | | Object storage | 4.3.1.4 | | | | for VM Instances. | "Swif | | | | Operators **may** | t" <./chapter04.m | | | | choose not to | d#4314-swift>`__) | | | | implement Object | | | | | Storage but must | | | | | be cognizant of | | | | | the risk of | | | | | "Compliant VNFs" | | | | | failing in their | | | | | environment. | | +------------+--------------+-------------------+-------------------+ | inf.ntw.01 | Network | The Architecture | `RA-1 5.2.5. | | | | **must** provide | "Neutro | | | | virtual network | n" <./chapter05.m | | | | interfaces to VM | d#525-neutron>`__ | | | | instances. | | +------------+--------------+-------------------+-------------------+ | inf.ntw.02 | Network | The Architecture | `RA-1 3.2.5. | | | | **must** include | "Virtual | | | | capabilities for | Networking – 3rd | | | | integrating SDN | party SDN | | | | controllers to | solution | | | | support | " <./chapter03.md | | | | provisioning of | #325-virtual-netw | | | | network services, | orking--3rd-party | | | | from the | -sdn-solution>`__ | | | | OpenStack Neutron | | | | | service, such as | | | | | networking of | | | | | VTEPs to the | | | | | Border Edge based | | | | | VRFs. | | +------------+--------------+-------------------+-------------------+ | inf.ntw.03 | Network | The Architecture | `RA-1 4.2.3. | | | | **must** support | "Network | | | | low latency and | Fabric" <./c | | | | high throughput | hapter04.md#423-n | | | | traffic needs. | etwork-fabric>`__ | +------------+--------------+-------------------+-------------------+ | inf.ntw.05 | Network | The Architecture | `RA-1 4.2.3. | | | | **must** allow | "Network | | | | for East/West | Fabric" <./c | | | | tenant traffic | hapter04.md#423-n | | | | within the cloud | etwork-fabric>`__ | | | | (via tunnelled | | | | | encapsulation | | | | | overlay such as | | | | | VXLAN or Geneve). | | +------------+--------------+-------------------+-------------------+ | inf.ntw.07 | Network | The Architecture | `RA-1 3.4.2.2. | | | | **must** support | "Network | | | | network | " <./chapter03.md | | | | `resili | #3422-network>`__ | | | | ency <../../../co | | | | | mmon/glossary.md# | | | | | cloud-platform-ab | | | | | straction-related | | | | | -terminology>`__. | | +------------+--------------+-------------------+-------------------+ | inf.ntw.10 | Network | The Cloud | `RA-1 3.4.2.2. | | | | Infrastructure | "Network | | | | Network Fabric | " <./chapter03.md | | | | **must** be | #3422-network>`__ | | | | capable of | | | | | enabling highly | | | | | available (Five | | | | | 9’s or better) | | | | | Cloud | | | | | Infrastructure. | | +------------+--------------+-------------------+-------------------+ | inf.ntw.15 | Network | The Architecture | `RA-1 4.2.3.4. | | | | **must** support | "Neutron | | | | multiple | ML2-plugin | | | | networking | Integratio | | | | options for Cloud | n" <./chapter04.m | | | | Infrastructure to | d#4234-neutron-ml | | | | support various | 2-integration>`__ | | | | infrastructure | and `"OpenStack | | | | profiles (Basic | Neutron | | | | and High | Plugi | | | | Performance). | ns" `__ | +------------+--------------+-------------------+-------------------+ | inf.ntw.16 | Network | The Architecture | | | | | **must** support | | | | | dual stack IPv4 | | | | | and IPv6 for | | | | | tenant networks | | | | | and workloads. | | +------------+--------------+-------------------+-------------------+ .. raw:: html

Table 2-20: Infrastructure Requirements

.. _233-vim-requirements: 2.3.3 VIM Requirements ~~~~~~~~~~~~~~~~~~~~~~ +--------+--------------+---------------------+---------------------+ | Ref # | sub-category | Description | Traceability | +========+==============+=====================+=====================+ | vim.01 | General | The Architecture | `RA-1 3.2. | | | | **must** allow | "Consumable | | | | infrastructure | Infrastructure | | | | resource sharing. | Resources and | | | | | Servi | | | | | ces" <./chapter03.m | | | | | d#32-consumable-inf | | | | | rastructure-resourc | | | | | es-and-services>`__ | +--------+--------------+---------------------+---------------------+ | vim.03 | General | The Architecture | `RA-1 5.2.7. | | | | **must** allow VIM | "Placem | | | | to discover and | ent" <./chapter05.m | | | | manage Cloud | d#527-placement>`__ | | | | Infrastructure | | | | | resources. | | +--------+--------------+---------------------+---------------------+ | vim.05 | General | The Architecture | `RA-1 4.3.1.2. | | | | **must** include | "G | | | | image repository | lance" <./chapter04 | | | | management. | .md#4312-glance>`__ | +--------+--------------+---------------------+---------------------+ | vim.07 | General | The Architecture | `RA-1 3.2.1. | | | | **must** support | "Multi-Tenancy" <. | | | | multi-tenancy. | /chapter03.md#321-m | | | | | ulti-tenancy-execut | | | | | ion-environment>`__ | +--------+--------------+---------------------+---------------------+ | vim.08 | General | The Architecture | `"OpenStack | | | | **must** support | Resource | | | | resource tagging. | Tags" `__ | +--------+--------------+---------------------+---------------------+ .. raw:: html

Table 2-21: VIM Requirements

.. _234-interfaces--apis-requirements: 2.3.4 Interfaces & APIs Requirements ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +------------+--------------+-------------------+-------------------+ | Ref # | sub-category | Description | Traceability | +============+==============+===================+===================+ | int.api.01 | API | The Architecture | `RA-1 5.2.1 | | | | **must** provide | "Keystone | | | | APIs to access | " <./chapter05.md | | | | the | #521-keystone>`__ | | | | authentication | | | | | service and the | | | | | associated | | | | | mandatory | | | | | features detailed | | | | | in chapter 5. | | +------------+--------------+-------------------+-------------------+ | int.api.02 | API | The Architecture | `RA-1 5.2.2 | | | | **must** provide | "Glan | | | | APIs to access | ce" <./chapter05. | | | | the image | md#522-glance>`__ | | | | management | | | | | service and the | | | | | associated | | | | | mandatory | | | | | features detailed | | | | | in chapter 5. | | +------------+--------------+-------------------+-------------------+ | int.api.03 | API | The Architecture | `RA-1 5.2.3 | | | | **must** provide | "Cind | | | | APIs to access | er" <./chapter05. | | | | the block storage | md#523-cinder>`__ | | | | management | | | | | service and the | | | | | associated | | | | | mandatory | | | | | features detailed | | | | | in chapter 5. | | +------------+--------------+-------------------+-------------------+ | int.api.04 | API | The Architecture | `RA-1 5.2.4 | | | | **must** provide | "Sw | | | | APIs to access | ift" <./chapter05 | | | | the object | .md#524-swift>`__ | | | | storage | | | | | management | | | | | service and the | | | | | associated | | | | | mandatory | | | | | features detailed | | | | | in chapter 5. | | +------------+--------------+-------------------+-------------------+ | int.api.05 | API | The Architecture | `RA-1 5.2.5 | | | | **must** provide | "Neutro | | | | APIs to access | n" <./chapter05.m | | | | the network | d#525-neutron>`__ | | | | management | | | | | service and the | | | | | associated | | | | | mandatory | | | | | features detailed | | | | | in chapter 5. | | +------------+--------------+-------------------+-------------------+ | int.api.06 | API | The Architecture | `RA-1 5.2.6 | | | | **must** provide | " | | | | APIs to access | Nova" <./chapter0 | | | | the compute | 5.md#526-nova>`__ | | | | resources | | | | | management | | | | | service and the | | | | | associated | | | | | mandatory | | | | | features detailed | | | | | in chapter 5. | | +------------+--------------+-------------------+-------------------+ | int.api.07 | API | The Architecture | `RA-1 4.3.1.9 | | | | **must** provide | "Horizon | | | | GUI access to | " <./chapter04.md | | | | tenant facing | #4319-horizon>`__ | | | | cloud platform | | | | | core services | | | | | except at | | | | | Edge/Far Edge | | | | | clouds. | | +------------+--------------+-------------------+-------------------+ | int.api.08 | API | The Architecture | `RA-1 5.2.7. | | | | **must** provide | "Placement" | | | | APIs needed to | <./chapter05.md# | | | | discover and | 527-placement>`__ | | | | manage Cloud | | | | | Infrastructure | | | | | resources. | | +------------+--------------+-------------------+-------------------+ | int.api.09 | API | The Architecture | `RA-1 5.2.8 | | | | **must** provide | " | | | | APIs to access | Heat" <./chapter0 | | | | the orchestration | 5.md#528-heat>`__ | | | | service. | | +------------+--------------+-------------------+-------------------+ | int.api.10 | API | The Architecture | `RA-1 5.2 Core | | | | must expose the | OpenStack | | | | latest version | Services | | | | and microversion | APIs | | | | of the APIs for | <./chapter05.md#5 | | | | the given Anuket | 2-core-openstack- | | | | OpenStack release | services-apis>`__ | | | | for each of the | | | | | OpenStack core | | | | | services. | | +------------+--------------+-------------------+-------------------+ .. raw:: html

Table 2-22: Interfaces and APIs Requirements

.. _235-tenant-requirements: 2.3.5 Tenant Requirements ~~~~~~~~~~~~~~~~~~~~~~~~~ +------------+--------------+-------------------+-------------------+ | Ref # | sub-category | Description | Traceability | +============+==============+===================+===================+ | tnt.gen.01 | General | The Architecture | `RA-1 4.3.1.9 | | | | **must** support | "Horizon | | | | self-service | " <./chapter04.md | | | | dashboard (GUI) | #4319-horizon>`__ | | | | and APIs for | and `3.3.1.4 | | | | users to deploy, | Cloud Workload | | | | configure and | Servic | | | | manage their | es <./chapter03.m | | | | workloads. | d#3314-cloud-work | | | | | load-services>`__ | +------------+--------------+-------------------+-------------------+ .. raw:: html

Table 2-23: Tenant Requirements

.. _236-operations-and-lcm: 2.3.6 Operations and LCM ~~~~~~~~~~~~~~~~~~~~~~~~ +------------+-------------------+-------------------+--------------+ | Ref # | sub-category | Description | Traceability | +============+===================+===================+==============+ | lcm.gen.01 | General | The Architecture | | | | | must support zero | | | | | downtime of | | | | | running workloads | | | | | when the number | | | | | of compute hosts | | | | | and/or the | | | | | storage capacity | | | | | is being expanded | | | | | or unused | | | | | capacity is being | | | | | removed. | | +------------+-------------------+-------------------+--------------+ | lcm.adp.02 | Automated | The Architecture | | | | deployment | must support | | | | | upgrades of | | | | | software, | | | | | provided by the | | | | | cloud provider, | | | | | so that the | | | | | running workloads | | | | | are not impacted | | | | | (viz., hitless | | | | | upgrades). Please | | | | | note that this | | | | | means that the | | | | | existing data | | | | | plane services | | | | | should not fail | | | | | (go down). | | +------------+-------------------+-------------------+--------------+ .. raw:: html

Table 2-24: LCM Requirements

.. _237-assurance-requirements: 2.3.7 Assurance Requirements ~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +------------+--------------+------------------------+--------------+ | Ref # | sub-category | Description | Traceability | +============+==============+========================+==============+ | asr.mon.01 | Integration | The Architecture | | | | | **must** include | | | | | integration with | | | | | various infrastructure | | | | | components to support | | | | | collection of | | | | | telemetry for | | | | | assurance monitoring | | | | | and network | | | | | intelligence. | | +------------+--------------+------------------------+--------------+ | asr.mon.03 | Monitoring | The Architecture | | | | | **must** allow for the | | | | | collection and | | | | | dissemination of | | | | | performance and fault | | | | | information. | | +------------+--------------+------------------------+--------------+ | asr.mon.04 | Network | The Cloud | | | | | Infrastructure Network | | | | | Fabric and Network | | | | | Operating System | | | | | **must** provide | | | | | network operational | | | | | visibility through | | | | | alarming and streaming | | | | | telemetry services for | | | | | operational | | | | | management, | | | | | engineering planning, | | | | | troubleshooting, and | | | | | network performance | | | | | optimisation. | | +------------+--------------+------------------------+--------------+ .. raw:: html

Table 2-25: Assurance Requirements

.. _24-architecture-and-openstack-recommendations: 2.4 Architecture and OpenStack Recommendations ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ The requirements listed in this section are optional, and are not required in order to be deemed a conformant implementation. .. _241-general-recommendations: 2.4.1 General Recommendations ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +------------+-----------------+-----------------+-----------------+ | Ref # | sub-category | Description | Notes | +============+=================+=================+=================+ | gen.cnt.01 | Cloud | The | OpenStack | | | nativeness | Architecture | consists of | | | | **should** | both stateless | | | | consist of | and stateful | | | | stateless | services where | | | | service | the stateful | | | | components. | services | | | | However, where | utilise a | | | | state is | database. For | | | | required it | latter see | | | | must be kept | "`Configuring | | | | external to the | the stateful | | | | component. | ser | | | | | vices `__" | +------------+-----------------+-----------------+-----------------+ | gen.cnt.02 | Cloud | The | | | | nativeness | Architecture | | | | | **should** | | | | | consist of | | | | | service | | | | | components | | | | | implemented as | | | | | microservices | | | | | that are | | | | | individually | | | | | dynamically | | | | | scalable. | | +------------+-----------------+-----------------+-----------------+ | gen.scl.01 | Scalability | The | This | | | | Architecture | requirement is | | | | **should** | currently not | | | | support policy | addressed but | | | | driven | will likely be | | | | auto-scaling. | supported | | | | | through | | | | | `Senlin < | | | | | https://docs.op | | | | | enstack.org/sen | | | | | lin/train/>`__, | | | | | cluster | | | | | management | | | | | service. | +------------+-----------------+-----------------+-----------------+ | gen.rsl.02 | Resiliency | The | | | | | Architecture | | | | | **should** | | | | | support | | | | | resilient | | | | | OpenStack | | | | | service | | | | | components that | | | | | are not subject | | | | | to gen.rsl.01. | | +------------+-----------------+-----------------+-----------------+ .. raw:: html

Table 2-26: General Recommendations

.. _242-infrastructure-recommendations: 2.4.2 Infrastructure Recommendations ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +------------+--------------+-------------------+-------------------+ | Ref # | sub-category | Description | Notes | +============+==============+===================+===================+ | inf.com.02 | Compute | The Architecture | | | | | **should** | | | | | include industry | | | | | standard hardware | | | | | management | | | | | systems at both | | | | | HW device level | | | | | (embedded) and HW | | | | | platform level | | | | | (external to | | | | | device). | | +------------+--------------+-------------------+-------------------+ | inf.com.03 | Compute | The Architecture | | | | | **should** | | | | | support Symmetric | | | | | Multiprocessing | | | | | with shared | | | | | memory access as | | | | | well as | | | | | Simultaneous | | | | | Multithreading. | | +------------+--------------+-------------------+-------------------+ | inf.stg.08 | Storage | The Architecture | | | | | **should** allow | | | | | use of externally | | | | | provided large | | | | | archival storage | | | | | for its Backup / | | | | | Restore / | | | | | Archival needs. | | +------------+--------------+-------------------+-------------------+ | inf.stg.09 | Storage | The Architecture | | | | | **should** make | | | | | available all | | | | | non-host OS / | | | | | Hypervisor / Host | | | | | systems storage | | | | | as network-based | | | | | Block, File or | | | | | Object Storage | | | | | for | | | | | tenant/management | | | | | consumption. | | +------------+--------------+-------------------+-------------------+ | inf.stg.10 | Storage | The Architecture | `RA-1 "Virtual | | | | **should** | Storage" <./ch | | | | provide local | apter03.md#323-vi | | | | Block storage for | rtual-storage>`__ | | | | VM Instances. | | +------------+--------------+-------------------+-------------------+ | inf.ntw.04 | Network | The Architecture | | | | | **should** | | | | | support service | | | | | function | | | | | chaining. | | +------------+--------------+-------------------+-------------------+ | inf.ntw.06 | Network | The Architecture | | | | | **should** | | | | | support | | | | | Distributed | | | | | Virtual Routing | | | | | (DVR) to allow | | | | | compute nodes to | | | | | route traffic | | | | | efficiently. | | +------------+--------------+-------------------+-------------------+ | inf.ntw.08 | Network | The Cloud | | | | | Infrastructure | | | | | Network Fabric | | | | | **should** | | | | | embrace the | | | | | concepts of open | | | | | networking and | | | | | disaggregation | | | | | using commodity | | | | | networking | | | | | hardware and | | | | | disaggregated | | | | | Network Operating | | | | | Systems. | | +------------+--------------+-------------------+-------------------+ | inf.ntw.09 | Network | The Cloud | | | | | Infrastructure | | | | | Network Fabric | | | | | **should** | | | | | embrace | | | | | open-based | | | | | standards and | | | | | technologies. | | +------------+--------------+-------------------+-------------------+ | inf.ntw.11 | Network | The Cloud | | | | | Infrastructure | | | | | Network Fabric | | | | | **should** be | | | | | architected to | | | | | provide a | | | | | standardised, | | | | | scalable, and | | | | | repeatable | | | | | deployment model | | | | | across all | | | | | applicable Cloud | | | | | Infrastructure | | | | | sites. | | +------------+--------------+-------------------+-------------------+ | inf.ntw.17 | Network | The Architecture | | | | | **should** use | | | | | dual stack IPv4 | | | | | and IPv6 for | | | | | Cloud | | | | | Infrastructure | | | | | internal | | | | | networks. | | +------------+--------------+-------------------+-------------------+ | inf.acc.01 | Acceleration | The Architecture | `RA-1 3.2.6. | | | | **should** | "Acceleration" <. | | | | support | /chapter03.md#326 | | | | Application | -acceleration>`__ | | | | Specific | | | | | Acceleration | | | | | (exposed to | | | | | VNFs). | | +------------+--------------+-------------------+-------------------+ | inf.acc.02 | Acceleration | The Architecture | `"OpenStack | | | | **should** | Future - Specs | | | | support Cloud | defined" `__ | +------------+--------------+-------------------+-------------------+ | inf.acc.03 | Acceleration | The Architecture | | | | | **may** rely on | | | | | SR-IOV PCI-Pass | | | | | through to | | | | | provide | | | | | acceleration to | | | | | VNFs. | | +------------+--------------+-------------------+-------------------+ | inf.img.01 | Image | The Architecture | `RA-1 4.3.1.2. | | | | **should** make | "Glanc | | | | the immutable | e" <./chapter04.m | | | | images available | d#4312-glance>`__ | | | | via location | | | | | independent | | | | | means. | | +------------+--------------+-------------------+-------------------+ .. raw:: html

Table 2-27: Infrastructure Recommendations

.. _243-vim-recommendations: 2.4.3 VIM Recommendations ~~~~~~~~~~~~~~~~~~~~~~~~~ +--------+--------------+---------------------+---------------------+ | Ref # | sub-category | Description | Notes | +========+==============+=====================+=====================+ | vim.02 | General | The Architecture | `RA-1 4.3.2. | | | | **should** support | "Containerised | | | | deployment of | OpenStack | | | | OpenStack | Services" | | | | components in | <./chapter04.md#43 | | | | containers. | 2-containerised-ope | | | | | nstack-services>`__ | +--------+--------------+---------------------+---------------------+ | vim.04 | General | The Architecture | | | | | **should** support | | | | | Enhanced Platform | | | | | Awareness (EPA) | | | | | only for discovery | | | | | of infrastructure | | | | | resource | | | | | capabilities. | | +--------+--------------+---------------------+---------------------+ | vim.06 | General | The Architecture | | | | | **should** allow | | | | | orchestration | | | | | solutions to be | | | | | integrated with | | | | | VIM. | | +--------+--------------+---------------------+---------------------+ | vim.09 | General | The Architecture | | | | | **should** support | | | | | horizontal scaling | | | | | of OpenStack core | | | | | services. | | +--------+--------------+---------------------+---------------------+ .. raw:: html

Table 2-28: VIM Recommendations

.. _244-interfaces-and-apis-recommendations: 2.4.4 Interfaces and APIs Recommendations ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +------------+--------------+-------------------+-------------------+ | Ref # | sub-category | Description | Notes | +============+==============+===================+===================+ | int.acc.01 | Acceleration | The Architecture | | | | | **should** | | | | | provide an open | | | | | and standard | | | | | acceleration | | | | | interface to | | | | | VNFs. | | +------------+--------------+-------------------+-------------------+ | int.acc.02 | Acceleration | The Architecture | duplicate of | | | | **should not** | inf.acc.03 under | | | | rely on SR-IOV | "Infrastructure | | | | PCI-Pass through | Recommendations" | | | | for acceleration | | | | | interface exposed | | | | | to VNFs. | | +------------+--------------+-------------------+-------------------+ .. raw:: html

Table 2-29: Interfaces and APIs Recommendations

.. _245-tenant-recommendations: 2.4.5 Tenant Recommendations ~~~~~~~~~~~~~~~~~~~~~~~~~~~~ This section is left blank for future use. ===== ============ =========== ===== Ref # sub-category Description Notes ===== ============ =========== ===== ===== ============ =========== ===== .. raw:: html

Table 2-30: Tenant Recommendations

.. _246-operations-and-lcm-recommendations: 2.4.6 Operations and LCM Recommendations ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +------------+----------------------+----------------------+-------+ | Ref # | sub-category | Description | Notes | +============+======================+======================+=======+ | lcm.adp.01 | Automated deployment | The Architecture | | | | | **should** allow for | | | | | “cookie cutter” | | | | | automated | | | | | deployment, | | | | | configuration, | | | | | provisioning and | | | | | management of | | | | | multiple Cloud | | | | | Infrastructure | | | | | sites. | | +------------+----------------------+----------------------+-------+ | lcm.adp.03 | Automated deployment | The Architecture | | | | | **should** support | | | | | hitless upgrade of | | | | | all software | | | | | provided by the | | | | | cloud provider that | | | | | are not covered by | | | | | lcm.adp.02. Whenever | | | | | hitless upgrades are | | | | | not feasible, | | | | | attempt should be | | | | | made to minimise the | | | | | duration and nature | | | | | of impact. | | +------------+----------------------+----------------------+-------+ | lcm.adp.04 | Automated deployment | The Architecture | | | | | **should** support | | | | | declarative | | | | | specifications of | | | | | hardware and | | | | | software assets for | | | | | automated | | | | | deployment, | | | | | configuration, | | | | | maintenance and | | | | | management. | | +------------+----------------------+----------------------+-------+ | lcm.adp.05 | Automated deployment | The Architecture | | | | | **should** support | | | | | automated process | | | | | for Deployment and | | | | | life-cycle | | | | | management of VIM | | | | | Instances. | | +------------+----------------------+----------------------+-------+ | lcm.cid.02 | CI/CD | The Architecture | | | | | **should** support | | | | | integrating with | | | | | CI/CD Toolchain for | | | | | Cloud Infrastructure | | | | | and VIM components | | | | | Automation. | | +------------+----------------------+----------------------+-------+ .. raw:: html

Table 2-31: LCM Recommendations

.. _247-assurance-recommendations: 2.4.7 Assurance Recommendations ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +------------+--------------+-------------------------------+-------+ | Ref # | sub-category | Description | Notes | +============+==============+===============================+=======+ | asr.mon.02 | Monitoring | The Architecture **should** | | | | | support Network Intelligence | | | | | capabilities that allow | | | | | richer diagnostic | | | | | capabilities which take as | | | | | input broader set of data | | | | | across the network and from | | | | | VNF workloads. | | +------------+--------------+-------------------------------+-------+ .. raw:: html

Table 2-32: Assurance Recommendations

.. _248-security-recommendations: 2.4.8 Security Recommendations ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ .. _2481-system-hardening-source-rm-791: 2.4.8.1. System Hardening (source `RM 7.9.1 <../../../ref_model/chapters/chapter07.md#791-system-hardening>`__) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ +-------------+--------------+------------------------------+-------+ | Ref # | sub-category | Description | Notes | +=============+==============+==============================+=======+ | sec.gen.011 | Hardening | The Cloud Infrastructure | | | | | **should** support Read and | | | | | Write only storage | | | | | partitions (write only | | | | | permission to one or more | | | | | authorised actors). | | +-------------+--------------+------------------------------+-------+ | sec.gen.014 | Hardening | All servers part of Cloud | | | | | Infrastructure **should** | | | | | support measured boot and an | | | | | attestation server that | | | | | monitors the measurements of | | | | | the servers. | | +-------------+--------------+------------------------------+-------+ .. raw:: html

Table 2-33: System Hardening Recommendations

.. _2482-platform-and-access-source-rm-792: 2.4.8.2. Platform and Access (source `RM 7.9.2 <../../../ref_model/chapters/chapter07.md#792-platform-and-access>`__) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ +-------------+--------------+------------------+------------------+ | Ref # | sub-category | Description | Notes | +=============+==============+==================+==================+ | sec.sys.014 | Access | The Platform | | | | | **should** use | | | | | Linux Security | | | | | Modules such as | | | | | SELinux to | | | | | control access | | | | | to resources. | | +-------------+--------------+------------------+------------------+ | sec.sys.020 | Access | The Cloud | Zero Trust | | | | Infrastructure | Architecture | | | | architecture | (ZTA) described | | | | **should** rely | in NIST SP | | | | on Zero Trust | 800-207 | | | | principles to | | | | | build a secure | | | | | by design | | | | | environment. | | +-------------+--------------+------------------+------------------+ .. raw:: html

Table 2-34: Platform and Access Recommendations

.. _2483-confidentiality-and-integrity-source-rm793: 2.4.8.3. Confidentiality and Integrity (source `RM7.9.3 <../../../ref_model/chapters/chapter07.md#793-confidentiality-and-integrity>`__) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ +------------+----------------------+----------------------+-------+ | Ref # | sub-category | Description | Notes | +============+======================+======================+=======+ | sec.ci.002 | Confi | The Platform | | | | dentiality/Integrity | **should** support | | | | | self-encrypting | | | | | storage devices | | +------------+----------------------+----------------------+-------+ | sec.ci.009 | Confi | For sensitive data | | | | dentiality/Integrity | encryption, the key | | | | | management service | | | | | **should** leverage | | | | | a Hardware Security | | | | | Module to manage and | | | | | protect | | | | | cryptographic keys. | | +------------+----------------------+----------------------+-------+ .. raw:: html

Table 2-35: Confidentiality and Integrity Recommendations

.. _2484-workload-security-source-rm794: 2.4.8.4. Workload Security (source `RM7.9.4 <../../../ref_model/chapters/chapter07.md#794-workload-security>`__) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ +------------+--------------+-------------------------------+-------+ | Ref # | sub-category | Description | Notes | +============+==============+===============================+=======+ | sec.wl.007 | Workload | The Operator **should** | | | | | implement processes and tools | | | | | to verify VNF authenticity | | | | | and integrity. | | +------------+--------------+-------------------------------+-------+ .. raw:: html

Table 2-36: Workload Security Recommendations

.. _2485-image-security-source-rm795: 2.4.8.5. Image Security (source `RM7.9.5 <../../../ref_model/chapters/chapter07.md#795-image-security>`__) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ This section is left blank for future use. ===== ============ =========== ===== Ref # sub-category Description Notes ===== ============ =========== ===== ===== ============ =========== ===== .. raw:: html

Table 2-37: Image Security Recommendations

.. _2486-security-lcm-source-rm796: 2.4.8.6. Security LCM (source `RM7.9.6 <../../../ref_model/chapters/chapter07.md#796-security-lcm>`__) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ +-------------+--------------+------------------------------+-------+ | Ref # | sub-category | Description | Notes | +=============+==============+==============================+=======+ | sec.lcm.004 | LCM | The Cloud Operator | | | | | **should** support automated | | | | | templated approved changes; | | | | | Templated approved changes | | | | | for automation where | | | | | available | | +-------------+--------------+------------------------------+-------+ .. raw:: html

Table 2-38: LCM Security Recommendations

.. _2487-monitoring-and-security-audit-source-rm797: 2.4.8.7. Monitoring and Security Audit (source `RM7.9.7 <../../../ref_model/chapters/chapter07.md#797-monitoring-and-security-audit>`__) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ The Platform is assumed to provide configurable alerting and notification capability and the operator is assumed to have automated systems, policies and procedures to act on alerts and notifications in a timely fashion. In the following the monitoring and logging capabilities can trigger alerts and notifications for appropriate action. +-------------+--------------+------------------------------+-------+ | Ref # | sub-category | Description | Notes | +=============+==============+==============================+=======+ | sec.mon.014 | Monitoring | The Monitoring systems | | | | | **should** not impact IaaS, | | | | | PaaS, and SaaS SLAs | | | | | including availability SLAs | | +-------------+--------------+------------------------------+-------+ | sec.mon.016 | Monitoring | The Platform Monitoring | | | | | components **should** follow | | | | | security best practices for | | | | | auditing, including secure | | | | | logging and tracing | | +-------------+--------------+------------------------------+-------+ .. raw:: html

Table 2-39: Monitoring and Security Audit Recommendations

.. _2488-open-source-software-security-source-rm798: 2.4.8.8. Open-Source Software Security (source `RM7.9.8 <../../../ref_model/chapters/chapter07.md#798-open-source-sotfware>`__) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ +-------------+--------------+------------------+------------------+ | Ref # | sub-category | Description | Notes | +=============+==============+==================+==================+ | sec.oss.004 | Software | A Software Bill | `https://w | | | | of Materials | ww.ntia.gov/SBOM | | | | (SBOM) | `__. | | | | provided or | | | | | build, and | | | | | maintained to | | | | | identify the | | | | | software | | | | | components and | | | | | their origins. | | | | | Inventory of | | | | | software | | | | | components | | +-------------+--------------+------------------+------------------+ .. raw:: html

Table 2-40: Open-Source Software Security Recommendations

.. _2489-iaac-security-source-rm799: 2.4.8.9. IaaC security (source `RM7.9.9 <../../../ref_model/chapters/chapter07.md#799-iaac---secure-design-and-architecture-stage-requirements>`__) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ **Secure Design and Architecture Stage** +--------------+--------------+------------------+------------------+ | Ref # | sub-category | Description | Notes | +==============+==============+==================+==================+ | sec.arch.001 | IaaC | Threat Modelling | It may be done | | | | methodologies | manually or | | | | and tools | using tools like | | | | **should** be | open source | | | | used during the | OWASP Threat | | | | Secure Design | Dragon | | | | and Architecture | | | | | stage triggered | | | | | by Software | | | | | Feature Design | | | | | trigger. | | | | | Methodology to | | | | | identify and | | | | | understand | | | | | threats | | | | | impacting a | | | | | resource or set | | | | | of resources. | | +--------------+--------------+------------------+------------------+ | sec.arch.002 | IaaC | Security Control | Typically done | | | | Baseline | manually by | | | | Assessment | internal or | | | | **should** be | independent | | | | performed during | assessors. | | | | the Secure | | | | | Design and | | | | | Architecture | | | | | stage triggered | | | | | by Software | | | | | Feature Design | | | | | trigger. | | +--------------+--------------+------------------+------------------+ .. raw:: html

Table 2-41: Reference Model Requirements: IaaC Security, Design and Architecture Stage

**Secure Code Stage Requirements** +--------------+--------------+------------------+------------------+ | Ref # | sub-category | Description | Notes | +==============+==============+==================+==================+ | sec.code.002 | IaaC | SCA – Software | Example: open | | | | Composition | source OWASP | | | | Analysis | range of tools. | | | | **should** be | | | | | applied during | | | | | Secure Coding | | | | | stage triggered | | | | | by Pull, Clone | | | | | or Comment | | | | | trigger. | | | | | Security testing | | | | | that analyses | | | | | application | | | | | source code or | | | | | compiled code | | | | | for software | | | | | components with | | | | | known | | | | | vulnerabilities. | | +--------------+--------------+------------------+------------------+ | sec.code.003 | IaaC | Source Code | Typically done | | | | Review | manually. | | | | **should** be | | | | | performed | | | | | continuously | | | | | during Secure | | | | | Coding stage. | | +--------------+--------------+------------------+------------------+ | sec.code.004 | IaaC | Integrated SAST | | | | | via IDE Plugins | | | | | **should** be | | | | | used during | | | | | Secure Coding | | | | | stage triggered | | | | | by Developer | | | | | Code trigger. On | | | | | the local | | | | | machine: through | | | | | the IDE or | | | | | integrated test | | | | | suites; | | | | | triggered on | | | | | completion of | | | | | coding by | | | | | developer. | | +--------------+--------------+------------------+------------------+ | sec.code.005 | IaaC | SAST of Source | | | | | Code Repo | | | | | **should** be | | | | | performed during | | | | | Secure Coding | | | | | stage triggered | | | | | by Developer | | | | | Code trigger. | | | | | Continuous | | | | | delivery | | | | | pre-deployment: | | | | | scanning prior | | | | | to deployment. | | +--------------+--------------+------------------+------------------+ .. raw:: html

Table 2-42: Reference Model Requirements: IaaC Security, Secure Code Stage

**Continuous Build, Integration and Testing Stage Requirements** +-------------+--------------+------------------+------------------+ | Ref # | sub-category | Description | Notes | +=============+==============+==================+==================+ | sec.bld.001 | IaaC | SAST -Static | Example: open | | | | Application | source OWASP | | | | Security Testing | range of tools. | | | | **should** be | | | | | applied during | | | | | the Continuous | | | | | Build, | | | | | Integration and | | | | | Testing stage | | | | | triggered by | | | | | Build and | | | | | Integrate | | | | | trigger. | | +-------------+--------------+------------------+------------------+ | sec.bld.002 | IaaC | SCA – Software | Example: open | | | | Composition | source OWASP | | | | Analysis | range of tools. | | | | **should** be | | | | | applied during | | | | | the Continuous | | | | | Build, | | | | | Integration and | | | | | Testing stage | | | | | triggered by | | | | | Build and | | | | | Integrate | | | | | trigger. | | +-------------+--------------+------------------+------------------+ | sec.bld.004 | IaaC | DAST – Dynamic | Example: OWASP | | | | Application | ZAP. | | | | Security Testing | | | | | **should** be | | | | | applied during | | | | | the Continuous | | | | | Build, | | | | | Integration and | | | | | Testing stage | | | | | triggered by | | | | | Stage & Test | | | | | trigger. | | | | | Security testing | | | | | that analyses a | | | | | running | | | | | application by | | | | | exercising | | | | | application | | | | | functionality | | | | | and detecting | | | | | vulnerabilities | | | | | based on | | | | | application | | | | | behaviour and | | | | | response. | | +-------------+--------------+------------------+------------------+ | sec.bld.005 | IaaC | Fuzzing | Example: GitLab | | | | **should** be | Open Sources | | | | applied during | Protocol Fuzzer | | | | the Continuous | Community | | | | Build, | Edition. | | | | Integration and | | | | | testing stage | | | | | triggered by | | | | | Stage & Test | | | | | trigger. Fuzzing | | | | | or fuzz testing | | | | | is an automated | | | | | software testing | | | | | technique that | | | | | involves | | | | | providing | | | | | invalid, | | | | | unexpected, or | | | | | random data as | | | | | inputs to a | | | | | computer | | | | | program. | | +-------------+--------------+------------------+------------------+ | sec.bld.006 | IaaC | IAST – | Example: | | | | Interactive | Contrast | | | | Application | Community | | | | Security Testing | Edition. | | | | **should** be | | | | | applied during | | | | | the Continuous | | | | | Build, | | | | | Integration and | | | | | Testing stage | | | | | triggered by | | | | | Stage & Test | | | | | trigger. | | | | | Software | | | | | component | | | | | deployed with an | | | | | application that | | | | | assesses | | | | | application | | | | | behaviour and | | | | | detects presence | | | | | of | | | | | vulnerabilities | | | | | on an | | | | | application | | | | | being exercised | | | | | in realistic | | | | | testing | | | | | scenarios. | | +-------------+--------------+------------------+------------------+ .. raw:: html

Table 2-43: Reference Model Requirements: IaaC Security, Continuous Build, Integration and Testing Stage

**Continuous Delivery and Deployment Stage Requirements** +-------------+--------------+------------------+------------------+ | Ref # | sub-category | Description | Notes | +=============+==============+==================+==================+ | sec.del.003 | IaaC | Artifact and | Example: GitLab | | | | Image Repository | uses the open | | | | Scan **should** | source Clair | | | | be continuously | engine for | | | | applied during | container | | | | the Continuous | scanning. | | | | Delivery and | | | | | Deployment | | | | | stage. | | +-------------+--------------+------------------+------------------+ .. raw:: html

Table 2-44: Reference Model Requirements: IaaC Security, Continuous Delivery and Deployment Stage

**Runtime Defence and Monitoring Requirements** +-------------+--------------+------------------+------------------+ | Ref # | sub-category | Description | Notes | +=============+==============+==================+==================+ | sec.run.002 | IaaC | RASP – Runtime | | | | | Application | | | | | Self-Protection | | | | | **should** be | | | | | continuously | | | | | applied during | | | | | the Runtime | | | | | Defence and | | | | | Monitoring | | | | | stage. Security | | | | | technology | | | | | deployed within | | | | | the target | | | | | application in | | | | | production for | | | | | detecting, | | | | | alerting, and | | | | | blocking | | | | | attacks. | | +-------------+--------------+------------------+------------------+ | sec.run.003 | IaaC | Application | Example: GitLab | | | | testing and | Open Sources | | | | Fuzzing | Protocol Fuzzer | | | | **should** be | Community | | | | continuously | Edition. | | | | applied during | | | | | the Runtime | | | | | Defence and | | | | | Monitoring | | | | | stage. Fuzzing | | | | | or fuzz testing | | | | | is an automated | | | | | software testing | | | | | technique that | | | | | involves | | | | | providing | | | | | invalid, | | | | | unexpected, or | | | | | random data as | | | | | inputs to a | | | | | computer | | | | | program. | | +-------------+--------------+------------------+------------------+ | sec.run.004 | IaaC | Penetration | Typically done | | | | Testing | manually. | | | | **should** be | | | | | continuously | | | | | applied during | | | | | the Runtime | | | | | Defence and | | | | | Monitoring | | | | | stage. | | +-------------+--------------+------------------+------------------+ .. raw:: html

Table 2-45: Reference Model Requirements: Iaac Security, Runtime Defence and Monitoring Stage

.. _24810-compliance-with-standards-source-rm7910: 2.4.8.10. Compliance with Standards (source `RM7.9.10 <../../../ref_model/chapters/chapter07.md#7910-compliance-with-standards>`__) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ +-------------+--------------+------------------------------+-------+ | Ref # | sub-category | Description | Notes | +=============+==============+==============================+=======+ | sec.std.001 | Standards | The Cloud Operator | | | | | **should** comply with | | | | | Center for Internet Security | | | | | CIS Controls | | | | | (`https: | | | | | //www.cisecurity.org/ `__); | | | | | Center for Internet Security | | | | | - | | | | | `http | | | | | s://www.cisecurity.org/ `__ | | +-------------+--------------+------------------------------+-------+ | sec.std.002 | Standards | The Cloud Operator, Platform | | | | | and Workloads **should** | | | | | follow the guidance in the | | | | | CSA Security Guidance for | | | | | Critical Areas of Focus in | | | | | Cloud Computing (latest | | | | | version) | | | | | `https://cloudsecuri | | | | | tyalliance.org/ `__. | | | | | Cloud Security Alliance - | | | | | `https://cloudsecur | | | | | ityalliance.org/ `__ | | +-------------+--------------+------------------------------+-------+ | sec.std.003 | Standards | The Platform and Workloads | | | | | **should** follow the | | | | | guidance in the OWASP Cheat | | | | | Sheet Series (OCSS) | | | | | `https | | | | | ://github.com/OWASP/CheatShe | | | | | etSeries `__. | | | | | Open Web Application | | | | | Security Project | | | | | `https://www.owasp.or | | | | | g `__ | | +-------------+--------------+------------------------------+-------+ | sec.std.004 | Standards | The Cloud Operator, Platform | | | | | and Workloads **should** | | | | | ensure that their code is | | | | | not vulnerable to the OWASP | | | | | Top Ten Security Risks | | | | | `https://owasp.org/www-proj | | | | | ect-top-ten/ `__ | | +-------------+--------------+------------------------------+-------+ | sec.std.005 | Standards | The Cloud Operator, Platform | | | | | and Workloads **should** | | | | | strive to improve their | | | | | maturity on the OWASP | | | | | Software Maturity Model | | | | | (SAMM) | | | | | `https://owaspsamm.org/bl | | | | | og/2019/12/20/version2-commu | | | | | nity-release/ `__ | | +-------------+--------------+------------------------------+-------+ | sec.std.006 | Standards | The Cloud Operator, Platform | | | | | and Workloads **should** | | | | | utilise the OWASP Web | | | | | Security Testing Guide | | | | | `https://github.com/OWA | | | | | SP/wstg/tree/master/document | | | | | `__ | | +-------------+--------------+------------------------------+-------+ | sec.std.007 | Standards | The Cloud Operator, and | | | | | Platform **should** satisfy | | | | | the requirements for | | | | | Information Management | | | | | Systems specified in ISO/IEC | | | | | 27001 | | | | | `https://www.iso | | | | | .org/obp/ui/#iso:std:iso-iec | | | | | :27001:ed-2:v1:en `__; | | | | | ISO/IEC 27001 is the | | | | | international Standard for | | | | | best-practice information | | | | | security management systems | | | | | (ISMSs) | | +-------------+--------------+------------------------------+-------+ | sec.std.008 | Standards | The Cloud Operator, and | | | | | Platform **should** | | | | | implement the Code of | | | | | practice for Security | | | | | Controls specified ISO/IEC | | | | | 27002:2013 (or latest) | | | | | `https://www.is | | | | | o.org/obp/ui/#iso:std:iso-ie | | | | | c:27002:ed-2:v1:en `__ | | +-------------+--------------+------------------------------+-------+ | sec.std.009 | Standards | The Cloud Operator, and | | | | | Platform **should** | | | | | implement the ISO/IEC | | | | | 27032:2012 (or latest) | | | | | Guidelines for Cybersecurity | | | | | techniques | | | | | `https://www.iso | | | | | .org/obp/ui/#iso:std:iso-iec | | | | | :27032:ed-1:v1:en `__; | | | | | ISO/IEC 27032 is the | | | | | international Standard | | | | | focusing explicitly on | | | | | cybersecurity | | +-------------+--------------+------------------------------+-------+ | sec.std.010 | Standards | The Cloud Operator | | | | | **should** conform to the | | | | | ISO/IEC 27035 standard for | | | | | incidence management; | | | | | ISO/IEC 27035 is the | | | | | international Standard for | | | | | incident management | | +-------------+--------------+------------------------------+-------+ | sec.std.011 | Standards | The Cloud Operator | | | | | **should** conform to the | | | | | ISO/IEC 27031 standard for | | | | | business continuity; ISO/IEC | | | | | 27031 - ISO/IEC 27031 is the | | | | | international Standard for | | | | | ICT readiness for business | | | | | continuity | | +-------------+--------------+------------------------------+-------+ .. raw:: html

Table 2-46: Security Recommendations