Tech-invite3GPPspaceIETFspace
21222324252627282931323334353637384‑5x

Content for  TS 33.117  Word version:  17.2.0

Top   Top   Up   Prev   Next
1…   4.2…   4.2.3…   4.2.3.4…   4.2.3.5…   4.2.4…   4.3…   4.3.4…   4.4…
4.2.3.5 Protecting sessions4.2.3.5.1 Protecting sessions - logout function4.2.3.5.2 Protecting sessions - Inactivity timeout4.2.3.6 Logging4.2.3.6.1 Security event logging4.2.3.6.2 Log transfer to centralized storage4.2.3.6.3 Protection of security event log files
...

 

4.2.3.5  Protecting sessionsp. 43

4.2.3.5.1  Protecting sessions - logout functionp. 43
Requirement Name:
Protecting sessions - logout function
Requirement Description:
The system shall have a function that allows a signed in user to logout at any time. All processes under the logged in user ID shall be terminated on log out. The network product shall be able to continue to operate without interactive sessions.
Only for debugging purposes, processes under a logged in user ID may be allowed to continue to run after detaching the interactive session.
Security Objective references:
tba.
Test Case:
Test Name:
TC_PROTECTING_SESSION_LOGOUT
Purpose:
To ensure a signed in user can logout at any time.
Procedure and execution steps:
Pre-Conditions:
  • The manufacturer shall declare that it has a function that allows a signed in user to logout at any time.
  • The tester has privileges to create a new account or use an existing account.
Execution Steps:
The accredited evaluator's test lab is required to execute the following steps:
  1. The tester creates a new account.
  2. The tester uses the new account or an existing account to log into network product. After x minutes the tester tries to logout network product.
Expected Results:
  • The tester can use a new account or an existing account to log into network product and logout network product after x minutes.
Expected format of evidence:
A testing report provided by the testing agency which will consist of the following information:
  • Settings, and configurations used
  • Test result (Passed or not)
Up
4.2.3.5.2  Protecting sessions - Inactivity timeoutp. 44
Requirement Name:
Protecting sessions - inactivity timeout
Requirement Description:
An OAM user interactive session shall be terminated automatically after a specified period of inactivity. It shall be possible to configure an inactivity time-out period.
Test Case:
Test Name:
TC_PROTECTING_SESSION_ INAC TIMEOUT
Purpose:
To ensure an OAM user interactive session shall be terminated at inactivity timeout.
Procedure and execution steps:
Pre-Conditions:
  • The tester has privileges to create an OAM user interactive session.
  • The tester has privileges to configure the inactivity time-out period for user interactive session.
  • Session log should be enabled.
Execution Steps:
  1. The tester creates OAM user A interaction session.
  2. The tester configures the inactivity time-out period for user A to x minute, for example 1 minute.
  3. The tester does not make any actions on the network production in x minutes. After that, the tester checks whether OAM user A interaction session has been terminated automatically.
Expected Results:
  • In step 3, OAM user A interaction session has been terminated automatically after x minute.
Expected format of evidence:
A testing report provided by the testing agency which will consist of the following information:
  • Session log
  • Settings, protocols and configurations used
  • Test result (Passed or not)
Security Objective references:
tba.
Up

4.2.3.6  Loggingp. 45

4.2.3.6.1  Security event loggingp. 45
Requirement Name:
Security event logging
Requirement Description:
Security events shall be logged together with a unique system reference (e.g. host name, IP or MAC address) and the exact time the incident occurred. For each security event, the log entry shall include user name and/or timestamp and/or performed action and/or result and/or length of session and/or values exceeded and/or value reached.
Section 2.11.10 of RFC 3871 specifies the minimum set of security events. Each vendor shall document what security events the product logs so that it can be verified by testing.
In particular, it shall be possible to log the following events (which are intended to be supported by the network product and which can be enabled by default at manufacturing time or at a later time by the operator):
EventTypes Description Event data to be logged
Incorrect login attemptsRecords any user incorrect login attempts to the network product
  • Username,
  • Source (IP address) if remote access
  • Timestamp
Administrator accessRecords any access attempts to accounts that have system privileges.
  • Username,
  • Timestamp,
  • Length of session,
  • Source (IP address) if remote access
Account administrationRecords all account administration activity, i.e. configure, delete, enable, and disable.
  • Administrator username,
  • Administered account,
  • Activity performed (configure, delete, enable and disable)
  • Timestamp
Resource UsageRecords events that have been triggered when system parameter values such as disk space, CPU load over a longer period have exceeded their defined thresholds.
  • Value exceeded,
  • Value reached (Here suitable threshold values shall be defined depending on the individual system.)
  • Timestamp
Configuration changeChanges to configuration of the network device
  • Change made
  • Username
Reboot/shutdown/crashThis event records any action on the network device that forces a reboot or shutdown OR where the network device has crashed.
  • Action performed (reboot, shutdown, etc.)
  • Username (for intentional actions)
  • Timestamp
Interface status changeChange to the status of interfaces on the network device (e.g. shutdown)
  • Interface name and type
  • Status (shutdown, missing link, etc.)
  • Timestamp
In addition, optionally it shall be possible to log also the following event (if supported):
EventTypes Description Event data to be logged
Change of group membership or accountsAny change of group membership for accounts
  • Administrator username,
  • Administered account,
  • Activity performed (group added or removed)
  • Timestamp.
Security Objective references:
tba.
Test case:
Test Name:
TC_SECURITY_EVENT_LOGGING
Purpose:
To verify that the network product correctly logs all required security event types.
Procedure and execution steps:
Pre-Conditions:
  • The following information shall be provided by the documentation accompanying the network product:
  • The log where the event is recorded and how it can be accessed (e.g. the complete path).
  • If the event type is enabled by default or how to enable it.
  • What O&M services can be used on the Network Product in the configuration according to the pre-requisites for testing in clause 4.1 and how to use them.
  • The tester has the needed administrative privileges to sufficiently perform the tests
  • If needed for testing specific O&M services, a tester machine is available.
Execution Steps:
For each O&M service perform the following test steps
  • The Tester sequentially triggers each security event listed in the requirement, while covering each option detailed in the individual security event descriptions.
  • The Tester verifies whether the security events, and their individual options, were correctly logged. In particular it is verified whether they include at least the event data specified as required to be logged.
Expected Results:
All security events are appropriately logged, including all required event data.
Expected format of evidence:
The testing report contains the following information for each security event:
  • List of O&M services
  • Commands executed per O&M services
  • The relevant parts of the logs in appropriate form (e.g. file, screenshot)
  • Test result (Passed or not)
Up
4.2.3.6.2  Log transfer to centralized storagep. 46
Requirement Name:
Log transfer to centralized storage
Requirement Description:
  1. The Network Product shall support forwarding of security event logging data to an external system. Secure transport protocols in accordance with clause 4.2.3.2.4, shall be used.
  2. Log functions should support secure uploading of log files to a central location or to an external system for the Network Product that is logging.
Security Objective references:
tba.
Test case:
Test Name:
TC_LOG TRANS_TO_CENTR STORAGE
Purpose:
To ensure log shall be transferred to centralized storage.
Procedure and execution steps:
Pre-Conditions:
  • The manufacturer shall list the standard protocols which transfer security event logging data.
  • The session between network product and central location or external system for network product log functions has been set up.
  • The tester has privilege to operate network product and related logs can be outputted.
Execution Steps:
  1. The tester configures the network product to forward event logs to an external system (according to bullet a) of requirement) and related logs are sent out.
  2. The tester checks whether the used transport protocol is secure protocol.
  3. The tester checks whether the central location or external system for network product log functions has stored the related logs.
  4. The tester configures the network product for secure upload of event log files to an external system (according to bullet b) of requirement) and performs a log file upload.
  5. The tester checks whether the used transport protocol for log file upload is a secure standard protocol.
  6. The tester checks whether the central location or external system for network product log functions has stored the related logs.
Expected Results:
  • The listed transport protocols are secure protocols.
  • The used transport protocol for log file upload is a secure standard protocol.
  • The tester finds that the central location or external system for network product log functions has stored the related logs.
Expected format of evidence:
A testing report provided by the testing agency which will consist of the following information:
  • Settings, protocols and configurations used,
  • Screenshot
  • Test result (Passed or not)
Up
4.2.3.6.3  Protection of security event log filesp. 47
Requirement Name:
Protection of security event log files
Requirement Description:
The security event log shall be access controlled (file access rights) so only privileged users have access to the log files.
Security Objective references:
tba.
Test case:
Purpose:
Verify that the log(s) is(are) only accessible by privileged user(s).
Procedure and execution steps:
Pre-Conditions:
  • Documentation describing where logs are stored and how these logs are accessed and the Network Product interfaces that these logs can be access from.
Execution Steps:
  1. The tester attempts to access log files using users accounts with and without the correct permissions for accessing log files.
  2. Repeat the test as described in step 1 using each of the interfaces as described in the Network Product documentation.
Expected Results:
The tester checks that log files are accessible when a user with the appropriate authorisation attempts to access them and fails when a user without the correct permissions attempts to access them
Expected format of evidence:
Pass/fail result as recorded by the tester.
Up

Up   Top   ToC