REVIEW-2: SDIACT-122 Incremental SSO Hub fixes and enhancements - Design and Security Review

Overview

Review of design and security elements of the an incremental upgrade to the XSEDE SSO login hub (login.xsede.org).

Review Input Documents

Review Criteria

Scenario 1: User login to service

  • Concerns to be addressed when discussing this scenario:
    • How are accounts created, updated, and deactivated?
    • How is logging handled?
    • What does the user have access to on the server outside their home directory?
    • How are home directory content quotas managed?
    • How are backups managed?
    • What client software is available initially to the user?
    • How is 2-factor login handled?
    • How is password login handled?

Scenario 2: Hacker attempts to login to service

  • Concerns to be addressed when discussing this scenario:
    • Are there any controls and mitigation responses to repeated failed logins?
    • How is failed login logging handled?

Schedule

Current Date: 2019-11-20
Current Status: Closed (Design and Security Review)
Target Date Actual Date Activity Milestone
  2015-09-02 Review launch date
2015-09-11 Written feedback due (Reviewers)
2015-09-18 2015-09-09 Written response date (Review Material Developers)
2015-09-25 2015-09-09 Final approval due and completion date (Reviewers)
Review Created: 2015-09-02 9:48 am
Review Last Updated: 2015-12-14 9:36 am

 

Reviewers

If you are a reviewer, please login to sign or withdraw from this review.

Required

  • Jim Basney
  • Randal Butler

Optional

  • Jim Marsteller

Review Material Developers

Stephen McNally
Michael Campfield
David Carver
Randal Butler
Jim Marsteller
Tabitha Samuel
Shava Smallen
John-Paul Navarro

Review Facilitator

John-Paul Navarro

 

Please post your comments using the "New topic" or "Post reply" buttons in the forum below.