Projects
Projects
tiCrypt protects user data through end-to-end encryption, ensuring that even if an attacker gains access to the servers, they will only be able to access encrypted data without the decryption keys, which are not stored on the server. While relying solely on cryptographic functions for security measures is not feasible due to performance and user convenience, projects serve as a conventional protection system based on administrator-defined access controls in conjunction with the end-to-end encryption.
The core of tiCrypt is its projects, which allow for resource tagging and determine access privileges. Tagging a resource, such as a file or group, with a project restricts access to specified users. Projects consist of a security level, name, description, and set of members. Projects can also have subprojects, forming a hierarchy.
Projects serve as a security tagging mechanism, enabling any type of resource to be protected and shared only with members of that project. Once a resource is tagged with a project label, its accessibility and manipulation are significantly restricted. Projects are composed of security levels, which consist of one or more security requirements.
You cannot create a project without a security level. This is because a project is essentially a group of requirements that makes up a security level.
To create a new project, go to then select the section in the right panel. Click the Create New Project
button in the top right panel.
Type the following details:
- The tag text
- Tag color
- Name of project
- Optional description
- Security level
- Optional Principal Investigator (PI)
Click .
Every project has a variety of project actions as follows:
Action | Notes |
---|---|
Add member | Allows users to grant other users memberships to the project. |
Assign to Subadmin | Allows admins to delegate the project to other sub-admins who are managers in the project. |
Create subproject | Users can create a subproject of the selected project. |
Edit Project | Users can edit the 'profile' information about a project such as the name, tag, description, PI and security level. |
Make Announcement | Users can make announcements to all members of the project. The announcement will appear as a notification. |
Delete Project | Users can delete a project. |
Users may click on the Open Overlay
button to access the project overlay options.
These actions can be accessed as seen in the video below.
Project info
The project info tab displays all of the information about a project. A user can see when the project was created when it was last modified, the security level that it tags, and the Principal Investigator. The security requirements that make up the security level are also displayed. The video below displays how to access this information.
Users who have the user role can only reach projects from their profile tab or from the project tab in My vault.
Users who have admin roles can reach projects from the management tab and have different workflows.
Projects can be tagged in the Virtual machines tab in the drives section. Attaching the project-tagged drive to a VM will make the VM tagged.
Performing a 'change project' (tagging an element to a project) action anywhere in tiCrypt requires you to be part of that project.
Add member
A user can add members to a project if they have the correct permissions to do so.
There are several ways to add members to a project. Admins can use preferred workflows to perform this action as seen below.
A user may be added to a project but if the user does not have all of the certifications from each security requirement that make up that project then they will not be able to view resources tagged by that project.
Create subproject
A subproject is a project that is branched off of a parent. Subprojects do not inherit any access restrictions from the parent. A user might be able to access resources tagged with a particular project, but not be able to access resources tagged with a parent project.
Similarly, a subproject may have a completely different security level (set of requirements) than its parent project. They are completely independent when it comes to "who can access what", but the project hierarchy does determine who can tag resources with a particular project in the first place.
Additionally, before you can add a user to a project (make them a member), they must be a member of any ancestor projects (parent, parent's parent, etc.). To maintain this relationship, you also cannot remove a user from a project until you have removed them from any descendant projects. You can create a project as seen below.
Edit project
A user may want to change the name, description, security level, or Principal Investigator
of a project. They may do so either in the tab or the tab by clicking on the Edit
button as seen below.
Make an Announcement
A user can make an announcement of up to 250 characters to all users that have memberships to the project by clicking on the Make Announcement
either from the tab or the tab as seen below. The announcement will appear in notifications which can be accessed by clicking on the Notifications
icon on the top right side of the screen.
Notifications older than three months will be automatically archived by default. You may change this setting on request.
Delete project
Projects can be deleted from the tab as seen below.
A user can delete a project if there are no subprojects nested underneath that project and the project does not have any members.
You will not be able to delete a project even if you are the only member of it. This means all projects may only be deleted from the management tab by an admin.
Project Membership
If a user is a member of a project, it means that they have a membership for that project. The Project Membership tab displays all of the Projects in the system, and each individual that has a membership for it. The projects are sorted by their colored tag as seen below. Users name's, date joined, roles, expiration and restrictions
are also displayed. Users may be searched to determine all the projects they are part of.
Although there are actions that can be taken when you select a project under project memberships, they are simply the actions that exist for that project.
Admins can view the expiration date of the projects if they have one, in the Expiration
column.
Resources by Project
Users can view resources used by each of the projects in which they are certified. The following columns are shown.
- Project Name
- Number of VMs
- Cores
- Memory
- Total drives
- Attached drives
- Total disk space
There are no specific actions in this tab other than the standard actions in the projects section. It is simply a way to view resource usage.