Access control¶
Overview¶
Security Dashboard will be in full HTTPS and specific credentials could be applied for each feature and component.
ROD/COD/Site Administrator will not have any credential for the first release of security dashboard, indeed actions through security dashboard
are not properly defined for these roles.
@todo :
- confirm credentials for following features : view/note/metrics
- complete credentials for : report/tickets features
- handover :
=> is there a shift system ?
=> do you want to manage it with an handover tool or something else ?
Notes¶
CSIRT members : people recognized through LDAP server.
NGI Security Officer / Site Security Officer : Security officers from GOCDB .
Remember : https://wiki.egi.eu/wiki/GOCDB/Input_System_User_Documentation#Viewing_users
| EGI view |
global view of security dashboard : all NGIs, all Sites |
| NGI view |
global view of a given NGI and related sites |
| SITE view |
single site view |
Credentials by feature¶
| Role |
EGI view |
NGI view |
SITE view |
| EGI CSIRT members |
true |
true |
true |
| NGI Security Officer |
false |
true if owner |
true if owner |
| Site Security Officer |
false |
false |
true if owner |
| Site Administrator |
false |
false |
false |
| ROD |
false |
false |
false |
| COD |
false |
false |
false |
- ticket against site : RT ticket managment
-----------------------
| Role |
view |
submit/update/close |
| EGI CSIRT members |
|
|
| NGI Security Officer |
|
|
| Site Security Officer |
true if owner |
false |
| Site Administrator |
false |
false |
| ROD |
false |
false |
| COD |
false |
false |
- site reports access
------------------------
| Role |
view |
| EGI CSIRT members |
true |
| NGI Security Officer |
|
| Site Security Officer |
|
| Site Administrator |
false |
| ROD |
false |
| COD |
false |
- site note : tool to add a note related to site issues
------------
| Role |
view |
submit/delete |
| EGI CSIRT members |
true |
true |
| NGI Security Officer |
true if owner |
true if owner |
| Site Security Officer |
true if owner |
true if owner |
| Site Administrator |
false |
false |
| ROD |
false |
false |
| COD |
false |
false |
| Role |
view |
| EGI CSIRT members |
true if owner |
| NGI Security Officer |
true if owner |
| Site Security Officer |
true if owner |
| Site Administrator |
false |
| ROD |
false |
| COD |
false |
- handhover : see questions
-----------------
| Role |
view |
submit/delete |
| EGI CSIRT members |
|
|
| NGI Security Officer |
|
|
| Site Security Officer |
|
|
| Site Administrator |
false |
false |
| ROD |
false |
false |
| COD |
false |
false |