@@ -260,6 +260,7 @@ For the purposes of the present document, the [following] abbreviations apply:
`PKI Public Key Infrastructure`
`PP Protection Profile`
`RA Registration Authority`
`RBAC Role-Based Access Control`
`RCA Root Certificate Authority`
`RCS Remote Control System`
`SHA Secure Hash Algorithm`
@@ -1338,12 +1339,12 @@ The PKI may generate a key pair and associated public key, and later communicate
- REFERENCE: REQ-5.10-02
- REQUIREMENT:The pki shall manage different user profile allowing privilage segragation. This mechanisme shall provide meand to differenciate users account capabilities for the following roles:
- PKI Administrator: Authorized to install, configure, and maintain the PKI produt, ensuring its proper operation and security.
- REQUIREMENT:The pki shall manage different user profiles, allowing RBAC. This mechanism shall provide means to differentiate user account capabilities for the following roles:
- PKI Administrator: Authorized to install, configure, and maintain the PKI product, ensuring its proper operation and security.
- PKI Operator: Authorized to perform operational tasks to ensure the availability and integrity of the PKI system.
- PKI Officer (or Registration Authority Officer): Authorized to manage certificate lifecycle operations, including approvals and revocations.
- PKI Auditor: Authorized to monitor and review PKI operations to ensure compliance and security.
- RATIONALE: Only authorised, identicated and authenticated user should be able to access the PKI services and stored data. This covers threats all threats.
- RATIONALE: Only authorized users should be able to access the PKI services and stored data. This covers all threats.
- APPLICABILITY: All use cases.
## 5.11 Secure communication with external entities
