Security Requirements
Security Requirements Overview
Projects are made up of a security level, and security levels are made up of one or more security requirements.
Security requirements are the operating source for the projects. A requirement is a condition for a user to be certified, such as U.S. Citizenship or ITAR training. Certifying a user for one of these requirements in the system means an admin ticking a box that says "Yes, user X satisfies the Y requirement".
- Requirements have additional properties beyond a name and a description.
- A requirement may specify a max lifespan for certifications.
For example, the ITAR Training requirement may only allow users to be certified for up to a year at a time, meaning each user must be re-certified annually.
Additionally, some requirements may not require an expiration for certifications. For example, certifications for U.S. Citizenship may be created with no expiration, meaning the user never has to be re-certified.
- A security requirement is an individual requirement such as having a non-expired license.
- Certifications can be updated at any period of frequency.
Offering users the appropriate security requirements is a system admin duty. tiCrypt is not responsible for checking that "Joe Smith" has a non-expired license. Requirements are also tools used within the system to help keep track of user certificates.
You can export security requirements using Export JSON
option in the top right.
Create a new security requirement
To create a new security requirement navigate to tab in Security Requirements
section.
- Click the
Create new security requirement
button in the top right. - In the prompt, type a name for the security requirement.
- Type a security requirement description.
- Select if you would like the security requirement to expire.
- Select the default certification lifespan.
- Select the maximum certification lifespan.
- Click .
Certify User(s) with a security requirement
To grant a user certification for a security requirement navigate to tab in Security Requirements
section.
- Select the security requirement you want to certify the user.
- Click the
Certify user(s)
button in the top right. - Type the name of the user(s) you would like to certify.
- Select an expiration date for the user(s).
- Select whether to skip the expiration date or attempt to update user certification once it expires.
- Click .
Edit security requirement
To edit an existing security requirement navigate to tab in Projects
section in Security Requirements
section.
- Select the security requirement you would like to edit.
- Click on the
Edit
button in the top right. - In the prompt, edit the security requirement name, description, certification expiration status, default, and maximum life span.
- Once you finished, click .
Delete security requirement
To delete an existing security requirement navigate to tab in Projects
section in Security Requirements
section.
- Select the security requirement you would like to delete.
- Click the
Delete
button in the top right. - Click .
You cannot delete a security requirement that is used by a security level or has certified users.