Loading EN-304-621.md +6 −10 Original line number Diff line number Diff line Loading @@ -405,16 +405,12 @@ See [5.2.6 Role based authorisation](#526-role-based-authorisation) ### 5.3.3 Mitigations for managed device configuration integrity and confidentiality Push style configuration updates: - **[REQ-CONF-0]** The product shall enable the device to verify the integrity of the configuration. - **[REQ-CONF-1]** NMS sends the configuration only through [5.2.1 Secure channel]. Pull style configuration updates: - **[REQ-CONF-2]** Connectible configuration update API shall enable managed device to verify the product's authenticity. - **[REQ-CONF-3]** The product shall ensure that the provdided credentials are valid. - **[REQ-CONF-4]** NMS shall ensure that the managed device role, place in the topology and function matches the requested configuration. * **[REQ-CONF-1]** The product shall interface only through a [5.2.1 Secure channel]. * **[REQ-CONF-2]** Where the product distributes or makes available configuration to managed devices * The product shall ensure that the configuration is protected against unauthorized modification and disclosure; * The product shall ensure that only the intended managed device can obtain and apply the relevant configuration; * The prodcut shall ensure that the device can verify the integrity of the configuration. * **[REQ-CONF-3]** The configuration interfacing design shall enable the managed device to verify the authenticity of the product. ### 5.3.4 Secure updates Loading Loading
EN-304-621.md +6 −10 Original line number Diff line number Diff line Loading @@ -405,16 +405,12 @@ See [5.2.6 Role based authorisation](#526-role-based-authorisation) ### 5.3.3 Mitigations for managed device configuration integrity and confidentiality Push style configuration updates: - **[REQ-CONF-0]** The product shall enable the device to verify the integrity of the configuration. - **[REQ-CONF-1]** NMS sends the configuration only through [5.2.1 Secure channel]. Pull style configuration updates: - **[REQ-CONF-2]** Connectible configuration update API shall enable managed device to verify the product's authenticity. - **[REQ-CONF-3]** The product shall ensure that the provdided credentials are valid. - **[REQ-CONF-4]** NMS shall ensure that the managed device role, place in the topology and function matches the requested configuration. * **[REQ-CONF-1]** The product shall interface only through a [5.2.1 Secure channel]. * **[REQ-CONF-2]** Where the product distributes or makes available configuration to managed devices * The product shall ensure that the configuration is protected against unauthorized modification and disclosure; * The product shall ensure that only the intended managed device can obtain and apply the relevant configuration; * The prodcut shall ensure that the device can verify the integrity of the configuration. * **[REQ-CONF-3]** The configuration interfacing design shall enable the managed device to verify the authenticity of the product. ### 5.3.4 Secure updates Loading