Skip to main content

User Certifications

What are the User Certifications?

A User Certification is a pairing between a user and a security requirement, ensuring that there can be at most one certification for a particular user and requirement at a time.

Certifications are typically created by admins. When a user meets a specific requirement, the certification is added to the User Certifications section. A certification may have an expiration date, after which the user is no longer certified until the certification is updated (or renewed). Whether certifications for a requirement must expire or have no expiration date depends on the certification's initial setup.

In the User Certifications section, certifications are sorted and display the following:

  • All users who hold the certification.
  • The expiration date.
  • The creation date.
  • The last modification date.
  • The user who modified it.

Both users and requirements can be searched within this section.

If a user's certification has an expiration date, it cannot be deleted in this section. Admins can manually mark a user's certification as expired at any time if necessary.

How do I Enforce Compliance for an Export-controlled ITAR Research Project?

In tiCrypt, each asset has an encrypted resource key. Projects ensure compliance at the highest level by combining public key cryptography and access control mechanisms.

To enforce compliance for an ITAR-based project, you must use User certifications and tag all resources that belong to the project.

  1. Tag File with Project.

At some point, files in an ITAR project may become CUI and can be declassified by the project manager or admin.

  1. Untag File from Project.
note

To generate a report for the ITAR project, you may need to contact your audit team, who can create it for you.
Reports can be generated using queries that include all the necessary data to ensure compliance with an ITAR-level project.
File downloads are ussually restricted and automatically tracked in the audit logs.

tip

To transfer data into an ITAR-level project, use SFTP inboxes.

What is the Relationship between User Certifications and Security Requirements?

User certifications authorize users to be certified for a security requirement.

Security requirements make up the security level of a project. Without user certifications, no user would be able to satisfy the project security requirements. Without security requirements, user certifications would serve no purpose.

As a result, user certifications and security requirements co-exist as a user authorization tool for projects.

What is the Modified By Column in the User Certifications Table?

The Modified By column displays the last user who modified the user certification metadata. The full edit history for user certifications is available in the audit trail in tiAudit (a separate tool for auditing).