Skip to main content

Roles

User

  • The researcher who uses the Vault to store the research data.
  • Uses Virtual Machine to perform secure research.
  • Is part of a team run by a sub-admin.
  • May be part of a project run by a sub-admin.

Sub-Admin Role

  • Have team or project responsibilities.
  • Manages and modifies user permissions and projects under their own team only.
  • Can have multiple sub-admins in the same team. (e.g., ABC Team as preferred).

Admin Role

  • Have management responsibilities.
  • Similar to Super-admin except:
    • Cannot change/modify global settings.
    • Cannot stop/restart system services (and microservices).
    • Cannot modify super-admin settings.

Super-Admin Role

  • Have system responsibilities.
  • Can change anyone's permissions.
  • Has access to system settings.
  • Has access to global settings (i.e. add external servers, change key caching policy).

Escrow Users

  • Partially responsible to recover lost user private keys.
  • Always work as part of an escrow group.
  • Do not have access to the user interface.
  • Work together with the Super-Administrator and the Site-key admin in the key recovery process.

Site Key Admin

  • The unique most important user in the system.
  • Responsible to enroll the super-admins.
  • Responsible for lost user private key recovery.
  • Digital signature partially responsible.

User Ethical Considerations

Users should act responsibly and thoughtfully when using tiCrypt. For example, leaving a physical machine open and logged in could result in a physical security breach due to user negligence.