X-Git-Url: https://gerrit.o-ran-sc.org/r/gitweb?a=blobdiff_plain;f=capifcore%2FREADME.md;fp=capifcore%2FREADME.md;h=b4149f9cf3188a0d2299202843e1668709352132;hb=04bff387835f0464f35bab936f7e572edf8c5346;hp=1f70c6ed69eaafb0b2d2d7be236f2709fbce178b;hpb=0c2f0bcf1141d3aa806a66be061772298a347254;p=nonrtric%2Fplt%2Fsme.git diff --git a/capifcore/README.md b/capifcore/README.md index 1f70c6e..b4149f9 100644 --- a/capifcore/README.md +++ b/capifcore/README.md @@ -68,6 +68,14 @@ For the CAPIF specification "TS29222_CAPIF_Discover_Service_API" a new dependenc has already been replaced in "TS29222_CAPIF_Discover_Service_API". 3. If it has not been replaced, add a replacement above the "" tag by copying and adapting the two rows above the tag. +### Security in CAPIF + +Security requirements that are applicable to all CAPIF entities includes provide authorization mechanism for service APIs from the 3rd party API providers and support a common security mechanism for all API implementations to provide confidentiality and integrity protection. + +In the current implementation Keycloak is being used as identity and access management (IAM) solution that provides authentication, authorization, and user management for applications and services. Keycloak provides robust authentication mechanisms, including username/password, two-factor authentication, and client certificate authentication that complies with CAPIF security requirements. + +A docker-compose file is included to start up keycloak. + ## Build and test To generate mocks manually, run the following command: @@ -96,4 +104,8 @@ To run the Core Function from the command line, run the following commands from ./capifcore [-port ] [-secPort ] [-chartMuseumUrl ] [-repoName ] [-loglevel ] [-certPath ] [-keyPath ] +Use docker compose file to start Keycloak: + + docker-compose up + To run CAPIF Core as a K8s pod together with ChartMuseum, start and stop scripts are provided. The pod configurations are provided in the `configs` folder. CAPIF Core is then available on port `31570`.