General design and security risk review for a new XDCDB API for use by gateway_submit_attributes, OAuth 2.0 and CILogon user lookup, and xdusage allocation lookup.
Reviewers didn't raise any current design/security issues, thought there was a suggestion to consider an alternate design in the future. A reviewer suggested an additional review "input material" pointer be added, which we did.
Review Output Documents (Final)
No revisions made. The input material is the final material.
Review Input Documents
- Is the API sufficiently secure (authentication, authorization, and data disclosure)
- Are the API actions and the information they provide read or update access to appropriate
- Will the API software and the server be managed using appropriate operations and support practices
ScheduleCurrent Date: 2019-03-20
Current Status: Closed (Design and Security Review)
|Target Date||Actual Date||Activity Milestone|
|2016-07-25||Review launch date|
|2016-07-13||Written feedback due (Reviewers)|
|2016-07-22||2016-07-25||Written response date (Review Material Developers)|
|2016-07-26||2016-07-25||Final approval due and completion date (Reviewers)|
Review Last Updated: 2016-07-25 2:32 pm
If you are a reviewer, please login to sign or withdraw from this review.
- Jim Basney
SIGNED: 2016-07-11 13:32
- JP Navarro
SIGNED: 2016-07-15 10:03
- Eric Blau
SIGNED: 2016-07-12 11:32
- David Hart
SIGNED: 2016-07-11 17:21
- Jim Marsteller
- Marlon Pierce
- Scott Sakai
SIGNED: 2016-07-11 20:14
- Adam Slagell
SIGNED: 2016-07-07 16:42
- Shava Smallen
Review Material Developers
Amy M. Schuele
Please post your comments using the "New topic" or "Post reply" buttons in the forum(s) below.
There are 2 discussion boards in this review. Please scroll down and post comments in the most appropriate board.