Skip to content Skip to navigation

JIRA Issue

[#XCI-428] Security risk analysis for GRP-17 Drive project membership with an email message

[XCI-428] Security risk analysis for GRP-17 Drive project membership with an email message Created: 08/10/2018  Updated: 08/10/2018

Status: Proposed
Project: XSEDE Cyberinfrastructure Integration
Component/s: XSEDE User Portal (XUP)
Fix Version/s: None

Type: XCI Evaluation Priority: Major
Reporter: Lee Liming Assignee: Unassigned
Resolution: Unresolved Votes: 0

XSEDE Priority:  3.6 UREP'17
Public activity link: https://software.xsede.org/display/xci-428
Use Cases:
GRP-17: Drive project membership with an email message
Use Case Priority: Medium
Track status in meeting: no

 Description   

We need to request and receive a security risk analysis for use case GRP-17 to review the security risks of the proposed use case and identify ways to mitigate these risks in the implementation.

From the CDP:

The current XSEDE system (and policy) does not allow for project PIs to invite other people to join the project team and share their allocation(s). There are several reasons for this, including some that involve security risks and our current strategy for mitigating those risks. Given enough development effort, the XUP team could implement a mechanism to support this use case, but the security risks and mitigation strategies need to be revisited by experts.



 Comments   

There are comments for XCI-428 that can be viewed with XSEDE authentication.