Proposed Requirement: The VNF MUST store Authentication Credentials encrypted except where there is a technical need to store the password unencrypted in which case it muct be protected using other security techinques that include the use of file and directory permissions. In addition, system authentication credential storage MUST use salting.

REVISED Proposed Requirement: The VNF MUST store Authentication Credentials used to authenticate to other systems encrypted except where there is a technical need to store the password unencrypted in which case it must be protected using other security techniques that include the use of file and directory permissions. Ideally, credentials can be stored in a TPM.

REVISED Proposed Requirement: The VNF MUST store Authentication Credentials used to authenticate to other systems encrypted except where there is a technical need to store the password unencrypted in which case it must be protected using other security techniques that include the use of file and directory permissions. Ideally, credentials SHOULD rely on a HW Root of Trust, such as a TPM or HSM.

Reason: missing requirement

ID: R-872986