REVIEW-49: XCI-185 Analyze SSO Hub usage - Design/Security Review

General design and security risk review for new SSO hub usage collection and analysis

1. Using Globus Usage stats for GSISSH Servers to determine the number of logins from the SSO hub was found not to be possible because the server stats don't include client info.
2. A suggestion for compiling the number of unique IP addresses for each user to determine potentially compromised accounts was found to be out of scope and also redundant since SSO Hub has other security measures in place for that kind of scenarios.
3. A suggestion to determine how many logged in users are sitting idle (and for how long) on the SSOHub was determined to be out of scope.
4. A suggestion for a metric on the total number of gsissh connections over the specified period was accepted.
5. A suggestion to specify that filtered raw data would be generated on a daily basis and sent to a central repository being designed as part of XCI-187 was accepted and the design doc updated.

https://software.xsede.org/viewvc/xsede/xci/activities/xci-185/trunk/Deliverables/XCI-185-SSOHubUsage-Design.pdf?revision=3985&view=co

Please focus on these questions:

1. Does the proposed design gather the most useful usage information?
2. Are the methods proposed to gather capture usage information appropriate?
3. Are the methods proposed to analyze usage appropriate?
4. Are relevant XSEDE security policies and best practices followed?
5. Is the proposed usage information data access and privacy reasonable?

and the following solution support scenarios:

1. XSEDE has recent and historical SSO hub usage information (as a service and as a client to other SSH services)