Forgotten typo (7383e356) · Commits · STAN4CRA / EN 304 621 Network Management Systems

EN-304-621.md

+1 −1

Original line number	Diff line number	Diff line
		@@ -837,7 +837,7 @@ The operative context is described in more datail in the section [4.8 Operationa
		- [REQ-AUTH-3]: When a user or system identity has been authenticated, the product shall apply authorisation controls based on assigned roles or equivalent access-control attributes.
		- [REQ-AUTH-4]: The authorisation model shall enforce separation of privileges appropriate to the intended and reasonably foreseeable use of the product.
		- [REQ-AUTH-5]: The product technical documentation shall describe the authorization model implemented by the product.
		- [REQ-AUTH-6]: The product shall implement and document authorization controls in the technical documentation and in the user documentation, like RBAC or APAC, suitable for privileged interfaces and sensitive operations.
		- [REQ-AUTH-6]: The product shall implement and document authorization controls in the technical documentation and in the user documentation, like RBAC or ABAC, suitable for privileged interfaces and sensitive operations.
		- [REQ-AUTH-7]: All access to administrative interfaces, control functions, and sensitive operations shall be subject to strong authentication of users, services, or integrated components.
		- [REQ-AUTH-8]: Privileged interfaces shall be protected with [5.2.4 State-of-the-art cryptographic libraries].
		- [REQ-AUTH-9]: The product shall report all relevant events related to authorisation including, but not limited to, successful and unsuccessful use of identity, object access, policy change, privileged function use, data access and deletions, data changes and permission changes.

Original line number	Diff line number	Diff line
		@@ -837,7 +837,7 @@ The operative context is described in more datail in the section [4.8 Operationa
		- [REQ-AUTH-3]: When a user or system identity has been authenticated, the product shall apply authorisation controls based on assigned roles or equivalent access-control attributes.
		- [REQ-AUTH-4]: The authorisation model shall enforce separation of privileges appropriate to the intended and reasonably foreseeable use of the product.
		- [REQ-AUTH-5]: The product technical documentation shall describe the authorization model implemented by the product.
		- [REQ-AUTH-6]: The product shall implement and document authorization controls in the technical documentation and in the user documentation, like RBAC or APAC, suitable for privileged interfaces and sensitive operations.
		- [REQ-AUTH-6]: The product shall implement and document authorization controls in the technical documentation and in the user documentation, like RBAC or ABAC, suitable for privileged interfaces and sensitive operations.
		- [REQ-AUTH-7]: All access to administrative interfaces, control functions, and sensitive operations shall be subject to strong authentication of users, services, or integrated components.
		- [REQ-AUTH-8]: Privileged interfaces shall be protected with [5.2.4 State-of-the-art cryptographic libraries].
		- [REQ-AUTH-9]: The product shall report all relevant events related to authorisation including, but not limited to, successful and unsuccessful use of identity, object access, policy change, privileged function use, data access and deletions, data changes and permission changes.