3.2.2 Key Trust Boundaries
Following are the key trust boundaries:
Table 3-1 Key Trust Boundaries
| Trust Boundary | Includes | Access Control |
|---|---|---|
| Site Trust Boundary | All the NFs and other supporting elements for a given site. | Cluster Access Policies are implemented using some kind of Access Control Group (or Security Group) mechanism. |
| Cluster Trust Boundary | All the compute elements for a given cluster | Network Policies control Ingress and Egress traffic. Pod Security Policies manage the workloads allowed in the cluster (For example, no pods requiring privilege escalation). |
| DB Trust Boundary | All the cnDBTier elements for a given cluster | Firewall Policies control Ingress and Egress traffic. Database grants access and other permission mechanisms that provide authorization for users. |
| Orchestrator Trust Boundary (Orch Trust Boundary) | The orchestration interface and keys | Firewall Policies control the access to a Bastion server which provides orchestration services. Access to the Bastion host uses Secure Socket Shell (SSH) protocol. The cluster orchestration keys are stored on the Bastion host. |
| CS Trust Boundary | The common services implementing logging, tracing, and measurements. | Each of the common services provides independent Graphical User Interfaces (GUIs) that are currently open. The customer may want to introduce an api-gateway, implement authentication and authorization mechanisms to protect the OAM (Operations, Administrations, and Maintenance) data. The common services can be configured to use Transport Layer Security (TLS). When TLS is used, certificates must be generated and deployed through the orchestrator. |
| NF Trust Boundaries | A collection of 5G Network Functions deployed as a service. | Some 5G NF microservices provide OAM access through a GUI.
5G NF microservices provide Signaling access through a TLS protected HTTP2 interface. The certificates for these interfaces are managed via the certificate manager. |