Security Requirements

What are the Security Requirements?

Projects consist of a security level, and security levels are composed of one or more security requirements.

Security requirements serve as the operational foundation for projects.

A requirement is a condition that a user must meet to be certified, such as "U.S. Citizenship" or "ITAR training." Certifying a user for a requirement involves an admin verifying and confirming that the user, such as "John," satisfies the requirement, e.g., "U.S. Citizenship."

Requirements include additional properties beyond a name and a description. A requirement may define a maximum lifespan for certifications.

For example, the "ITAR Training" requirement may certify users for up to one year, necessitating annual re-certification. Some requirements, such as "U.S. Citizenship," may have no expiration, meaning users never need to be re-certified.

A security requirement is an individual condition, such as possessing a valid, non-expired license. Certifications, however, can be updated at any time.

Ensuring users meet the appropriate security requirements is the responsibility of the system admin. tiCrypt is not responsible for verifying the validity of expired licenses.

note

User satifies the security requirement only if the user certification is satisfied.

What is the UserCert under the Type Column in the Security Requirements Table?

UserCert displays the total number of user certifications for that security requirement, representing the number of users who satisfy the user certification associated with the security requirement.