Changes between Version 2 and Version 3 of Internal/Rbac/OrbitRbacDesign/ThreatAnalysis


Ignore:
Timestamp:
Aug 31, 2006, 7:49:55 PM (18 years ago)
Author:
hedinger
Comment:

Legend:

Unmodified
Added
Removed
Modified

  • Internal/Rbac/OrbitRbacDesign/ThreatAnalysis

    v2 v3  
    11=== ORBIT Threat Analysis ===
    2 The primary motivation for using role-based access control with the ORBIT Testbed is to insure that every user has complete access to each and every ORBIT resource he or she needs to perform each phase of an experiment without giving each user root privileges.  Each identifieable task of each phase could be a role and a user need only have the commensurate privileges when acting in a given role.
     2The primary motivation for using role-based access control with the ORBIT Testbed is to insure that every user has complete access to each and every ORBIT resource he or she needs to perform each phase of an experiment without giving each user root privileges.  Each identifiable task of each phase could be a role and a user need only have the commensurate privileges when acting in a given role.
    33
    44Because ORBIT is designed to be operated as a service available to the research community, no one experiment should affect a future one, and each project must be protected from other projects.
     
    77
    88List of threats
    9 * intentional or unintentional disruption of experiments by nonproject members due to interference with ORBIT resources.
    10 * intentional or unintentional disruption of experiments by project members due to interference with ORBIT resources or project resources.
    11 * unintended read access to a user's or a project's experimental scripts or locally developed components or data results by other users or projects.
    12 * intentional or unintentional modification of a user's or a project's scripts or own components or data results by nonproject members.
    13 * unathorized access to ORBIT system code, esp., device driver source or controller scripts.
     9 * intentional or unintentional disruption of experiments by nonproject members due to interference with ORBIT resources.
     10 * intentional or unintentional disruption of experiments by project members due to interference with ORBIT resources or project resources.
     11 * unintended read access to a user's or a project's experimental scripts or locally developed components or data results by other users or projects.
     12 * intentional or unintentional modification of a user's or a project's scripts or own components or data results by nonproject members.
     13 * unauthorized access to ORBIT system code, esp., device driver source or controller scripts.
    1414
    1515Noting should affect the integrity of experimental results nor any project member's ability to properly interpret those results.
     
    2727Are there any other threats that might require the use of RBAC with ORBIT?
    2828
    29 How are eaach of there goals affected by or depend upon
     29How are each of these goals affected by or depend upon
    3030 * Separation of Duty (SoD),
    3131 * the Principle of Least Privilege, and