O365 Requirements Traceability Matrix

Instructions For Completing This Document1.)

2.) For each issue identified, complete the following:

For detail regarding the practice of Requirements Management, please refer to the Requirements Management Practices Guide

Complete the Project Name, Project Manager Name, and Project Description fields

ID: A unique ID number used to identify the traceability item in the requirements traceability matrix.

Associated ID(s): This column should contain the ID of any associated utilities used for requirements tracking such as a repository, pipeline document, etc.

Technical Assumption(s) or Customer Need(s): This column should be populated with a description of the technical assumption or customer need linked to the functional requirement.

Functional Requirement: This column should be populated with a description of the functional requirement.

Status: This column should be populated with the current status of the functional requirement.

Architectural/Design Document: This column should be populated with a description of the architectural/design document linked to the functional requirement.

Technical Specification: This column should be populated with a description of the technical specification linked to the functional requirement.

System Component(s): This column should be populated with a description of the system component(s) linked to the functional requirement.

Software Module(s): This column should be populated with a description of the software module(s) linked to the functional requirement.

Test Case Number: This column should be populated with the test case number linked to the functional requirement.

Tested In: This column should be populated with the module that the functional requirement has been tested in.

Implemented In: This column should be populated with the module that the functional requirement has been implemented in.

Verification: This column should be populated with a description of the verification document linked to the functional requirement.

Additional Comments: This column should be populated with any additional comments

UP Template Version: 11/30/06 Page 2 of 16

REQUIREMENTS TRACEABILITY MATRIXProject Name: Office 365 Security v1.0

Project Manager Name: Richard Huang USPDG x6495

Project Description:

ID Priority Status v1.0 release Dev Owner

001 1.0.0 Proxies to Office 365 cloud

1.1.0 EAS (Exchange Active Sync) Proxy Critical In Progress yes Yusong

1.2.0 Critical In Progress yes Jeremy, JB

1.2.1 OWA - Mobile Proxy Deferred no

1.2.2 OWA - Lite Proxy Deferred no

1.3.0 MAPI Proxy Medium In Progress maybe Don

1.4.0 EWS (Exchange Web Service) Proxy Low Not Started maybe TBD

1.5.0 IMAP Proxy Deferred no

1.6.0 POP3 Proxy Provide decryption server for POP3 mail clients Deferred no

002 2.0.0

2.1.0 Mailbox Notification Server (streamming) Critical In Progress yes Yusong

2.2.0 Mailbox Discovery Monitor Critical Not Started yes Yusong

“Build a security email (Exchange) proxy to enable customers to benefit the flexibility, scalability of cloud-based messaging service (Office 365) while filtering malicious content and protecting of its data (encryption) residing on the Exchange server in the cloud.”

AssocID

Technical Assumption(s)and/or Customer Need(s)

FunctionalRequirement

Provide decryption and searching service for mail clients using EAS on mobile devices via the proxy; Support Apple iOS 6, Android 2.3.7 Gingerbread, 4.0.x Ice Cream Sandwitch, 4.1.x, 4.2.x Jellybean

Standard OWA (Outlook Web Access) Proxy

Provide decryption and searching service for mail clients using OWA from desktop browsers pointing to OWA server via the proxy; Support latest Chrome, Firefox, IE 9 (?) 10 - High, Safari Mac- Medium

browser clients accessing OWA server via mobile devices will get WAP-like content

Not an option in O365; Only available on on-premise Exchange server; Opera browsers will automatically pick up OWA Lite version but standard

Provide decryption and searching service for native Outlook clients on Windows desktop via the proxy; Support Windows Outlook 2007+

Provide decryption and searching service for native Outlook clients on Mac desktop via the proxy; Support Mac Outlook 2011+

Provide decryption and searching service for various IMAP mail cients like Outlook Express, Apple iMail, Thunderbird, etc

Email Delegation Services (back-end)

To monitor registered mailboxes/folders and receive notification when there's new email arriving

To discover existing mailboxes under the same domain when starting the service; It will also monitor changes on account creation, update, and deletion

A5

• ID: A unique ID number used to identify the requirement in the requirement traceability log.

B5

• Assoc ID: This column should contain the ID of any associated utilities used for requirements tracking such as a repository, pipeline document, etc.

C5

• Technical Assumptions or Customer Needs: This column should be populated with a description of the technical assumption or customer need linked to the functional requirement.

D5

• Functional Requirement: This column should be populated with a description of the functional requirement.

F5

• Status: This column should be populated with the current status of the functional requirement.







AssocID



2.3.0 Email Processing Agent Critical In Progress yes Yusong

2.4.0 Medium no

003 3.0.0 Crypto Services (back-end)

3.1.0 Crypto Web Services Critical In Progress yes Bharath

3.2.0 Key Management Services High Not Started yes Bharath

004 4.0.0

4.1.0 Search and Index Engine Critical In Progress yes Ray

4.2.0 Searching and Sorting Web Services Critical In Progress yes Liang-seng

To retrieve and update new emails upon arrival after applying various content processing web services (index, crypto, malware scanning); Support processing standard MIME content with multiple attachment

Contact and Calendar Entities Encryption Research

May not be an 1.0 item but will likely be asked by customers as competitors cover these

Yusong, Liang-seng

Provide both set of stateless and stateful (for MAPI) encryption/decryption web service API for content processing agent to call; Support AES256/CBC on content encryption; Use one key (user-defined) per email domain;

Provide secured key management services to Crypto Services leverging existing Trend key management service (SecureCloud)

Search and Index Services (back-end)

To provide a secure, scalable, reliable, and high-performance email content index and search engine with equivalent capabilities to Office365's search/sorting features; Schema of Index engine is catered to query email messages with multiple attachments; Support one index file for a domain (company) for data privacy

Provide a set of stateless web services supporting Microsoft Advanced Query Search (AQS) syntax for searching and sorting requirement

A5


B5


C5


D5


F5








AssocID



005 5.0.0

5.1.0 Malware Scanning Web Services Deferred no

5.2.0 Spam Detection Web Services Deferred no

5.3.0 DLP Web Services Deferred no

006 6.0.0 GUI Console6.1.0 Signup and Deployment

6.1.1 New account creation process for trial To be designed by HIE High Not Started yes

6.2.0 License Management

6.2.1 High Not Started yes TBD

6.2.2 High Not Started yes TBD

6.2.3 Signoff decryption for all (or selected) mailboxes High Not Started yes TBD

6.3.0 Dashboard Medium maybe

6.4.0 Policy Management High Not Started maybe TBD

6.5.0 Key Management To be designed by HIE Deferred no

6.6.0 Log/Event query and Reporting Medium Not Started yes TBD

6.7.0 Admin User Management To be designed by HIE Medium maybe

Content Scanning Services (back-end)

Provide a set of stateless Malware Scanning web services to detect and clean malicious content in an email message

Provide a set of stateless Spam Detection web services to identify and block spam messages

Provide a set of stateless Data Leakage Prevention web services to filter sensitive content in an email message defined by customers

Tim; Parvez; TBD

Initial scanning and encryption for all (or selected) mailboxes for new account (backend)

Depending on 2.2.0 Auto Discovery Monitor capability; allow customization of encryption on individual accounts or all

License Expiration Monitoring and Enforcing

Allow 30d for trial; Stop encryption with another 30d grace period to tear down; Send notifications to admin/users to take action; user can't connect to proxies to read email aftrer grace period but admin can logon to console to decrypt emails (backend)

Depending on 2.2.0 Auto Discovery Monitor capability; allow customization of encryption on individual accounts or all

Provide critical security and encryption metrics for monitoring; To be designed by HIE - something basic is enough; don't need to be full blown

Some basic policy is enough - To be designed by HIE - do a competitor analysis first

provide audit log only in v1.0;To be designed by HIE/PM

A5


B5


C5


D5


F5








AssocID



6.8.0 Administration To be designed by HIE - do a competitor analysis first Medium maybe

Online Help yes Mike Sanko

Marketing/sale page

007 7.0.0

7.1.0 Build and RPM Packages High In Progress yes

7.2.0 Monitoring Scripts To be scoped out Medium Not Started yes TBD

7.3.0 … To be scoped out with Patrick Lu Everyone

008 8.0.0 Performance Tuning High Not Started yes Everyone

009

010

011

012

013

014

015

016

017

018

019

020

021

022

023

024

025

026

027

028

SaaS Operation (non-functional)

Build RPM packages for all software components for ease of deployment on AWS

Russell and others; Liang-seng dialy build

For everyone to design and fine tuning component performance

A5


B5


C5


D5


F5








AssocID



029

030

031

032

033

034

A5


B5


C5


D5


F5




Project Manager Name: Richard Huang

Project Description: <required>

QA Owner Tested In Implemented In Verification

TBD

EWS/Java

EWS/Java

Build a security email (Exchange) proxy to enable customers to benefit the flexibility, scalability of cloud-based messaging service (Office 365) while filtering malicious content and protecting of its data (encryption) residing on

Architectural/DesignDocument

SoftwareModule(s)

Test CaseNumber

EAS proxy server in node.js

OWA proxy server in node.js

Open source OpenChange in C/C++

J5

• Architectural/Design Document: This column should be populated with a description of the architectural/design document linked to the functional requirement.

K5

• Software Module(s): This column should be populated with a description of the software module(s) linked to the functional requirement.

L5

• Test Case Number: This column should be populated with the test case number linked to the functional requirement.

M5

• Tested In: This column should be populated with the module that the functional requirement has been tested in.

N5

• Implemented In: This column should be populated with the module that the functional requirement has been implemented in.








SoftwareModule(s)

Test CaseNumber

EWS/Java/Tika

Java/REST

Open SSL Node.js

Integrated with Secure Cloud Key Management Service

Open source Solr/Lucene

J5


K5


L5


M5


N5









SoftwareModule(s)

Test CaseNumber

J5


K5


L5


M5


N5









SoftwareModule(s)

Test CaseNumber

J5


K5


L5


M5


N5









SoftwareModule(s)

Test CaseNumber

J5


K5


L5


M5


N5



<required>

Defered assuming users will use EAC clients or other mail apps to read emails other than common browsers

Defered because O365 does not provide option to use to go with OWA lite version

Defered assuming O365 users are less likely to use IMAP clients to retrieve emailsDefered assuming O365 users are less likely to use POP3 clients to retrieve emails

AdditionalComments


<required>

AdditionalComments


<required>

AdditionalComments


<required>

AdditionalComments


<required>

AdditionalComments

Documents

O365 Requirements Traceability Matrix