REVIEW-28: SDIACT-216/XDCDB API and SDIACT-187/Enhance gateway_submit_attribute - Design/Security Review

Overview

General design and security risk review for a new XDCDB API for use by gateway_submit_attributes, OAuth 2.0 and CILogon user lookup, and xdusage allocation lookup.

Review Summary

Reviewers didn't raise any current design/security issues, thought there was a suggestion to consider an alternate design in the future. A reviewer suggested an additional review "input material" pointer be added, which we did.

Review Output Documents (Final)

No revisions made. The input material is the final material.

Review Input Documents

XDCDB-API Design
API Documentation

Review Criteria

  • Is the API sufficiently secure (authentication, authorization, and data disclosure)
  • Are the API actions and the information they provide read or update access to appropriate
  • Will the API software and the server be managed using appropriate operations and support practices

Schedule

Current Date: 2019-06-20
Current Status: Closed (Design and Security Review)
Target Date Actual Date Activity Milestone
  2016-07-25 Review launch date
2016-07-13 Written feedback due (Reviewers)
2016-07-22 2016-07-25 Written response date (Review Material Developers)
2016-07-26 2016-07-25 Final approval due and completion date (Reviewers)
Review Created: 2016-07-06 9:56 am
Review Last Updated: 2016-07-25 2:32 pm

 

Reviewers

If you are a reviewer, please login to sign or withdraw from this review.

Required

  • Jim Basney
    SIGNED: 2016-07-11 13:32
  • JP Navarro
    SIGNED: 2016-07-15 10:03

Optional

  • Eric Blau
    SIGNED: 2016-07-12 11:32
  • David Hart
    SIGNED: 2016-07-11 17:21
  • Jim Marsteller
  • Marlon Pierce
  • Scott Sakai
    SIGNED: 2016-07-11 20:14
  • Adam Slagell
    SIGNED: 2016-07-07 16:42
  • Shava Smallen
    VIEWED: 2019-04-18 12:47

Review Material Developers

Michael Shapiro
Amy M. Schuele

Review Facilitator

JP Navarro

 

Please post your comments using the "New topic" or "Post reply" buttons in the forum(s) below.

There are 2 discussion boards in this review. Please scroll down and post comments in the most appropriate board.