REVIEW-82: XCI-691 COmanage Group Management phase 1/beta - Design & Security Review

Overview

Groups of XSEDE users and staff can be used to coordinate research teams, manage authorization to resources, communication, and project management. XSEDE's User Requirements and Prioritization (UREP) team prioritized Group Management Use Cases GRP-02 through GRP-16 which led to a technology readiness assessment to identify, evaluate, and then recommend a group management technology solution. The assessment recommended to design and build a group management service centered on using the COmanage Registry hosted service from CILogon. XSEDE senior management approved the selection and service subscription costs.

Phase 1/beta of the group management service implemented using the COmanage Registry focuses on group management for XSEDE WBS staff and includes: managing authorization to the XSEDE Confluence Wiki (Confluence), the XSEDE project and issue tracking JIRA service (JIRA), the XSEDE Amazon Web Services Management Console (AWS), and XSEDE email lists driven using the Majordomo mailing list manager.

This design and security review gives key XSEDE stakeholders an opportunity to review the most important functional, design and security characteristics of XSEDE's CoManage Registry phase 1/beta implementation. Feedback from the review may affect the proposed design. A design that addresses the most important feedback items will be approved for delivery to production.

Review Summary

Reviewers feedback that was addressed:

  • Handling duplicate people
  • Clarify COmanage responsibilities for WBS Managers, Project Managers, and Delegated XSEDE staff
  • Suggest a Nagios or Inca test
  • Clarify COmanage logging capabilities
  • Suggestion for automatically aggregating all L3 WBS active member into an L2 WBS active group
  • Clarify who executes the onboarding enrollment flow
  • Clarify how to JIRA and Confluence access will be managed since not all staff should get accounts

Review Output Documents (Final)

Review Input Documents

Review Criteria

  1. Do the Behavior and Detailed Designs satisfy XSEDE's needs for managing WBS groups
  2. Does the Interface Design provide an intuitive user interface for managing WBS groups
  3. Does the entire design satisfy XSEDE security guidelines and standards
  4. Does the entire design mitigate significant risks appropriately
  5. Does the entire design satisfy XSEDE operational requirements

Schedule

Current Date: 2021-04-22
Current Status: Closed (Design and Security Review)
Target Date Actual Date Activity Milestone
  2021-03-05 Review launch date
2021-03-19 2021-04-15 Written feedback due (Reviewers)
2021-04-02 2021-04-15 Written response date (Review Material Developers)
2021-04-16 2021-04-15 Final approval due and completion date (Reviewers)
Review Created: 2021-03-05 6:05 pm
Review Last Updated: 2021-04-15 9:32 am

 

Reviewers

If you are a reviewer, please login to sign or withdraw from this review.

Required

  • Jim Basney
    VIEWED: 2021-04-01 16:17
    SIGNED: 2021-03-19 09:47
  • John-Paul Navarro
    VIEWED: 2021-04-15 09:32
    SIGNED: 2021-04-15 09:32
  • Derek Simmel
    VIEWED: 2021-03-19 17:05
    SIGNED: 2021-03-19 17:05

Optional

  • Maytal Dahan
  • Leslie Froeschl
    VIEWED: 2021-03-23 13:41
  • Christopher Lindsey
  • Michael Shapiro
    VIEWED: 2021-03-07 18:08
  • Shava Smallen
    VIEWED: 2021-03-19 13:42
  • Alexander Withers

Review Material Developers

Scott Koranda

Review Facilitator

John-Paul Navarro

 

Please post your comments using the "New topic" or "Post reply" buttons in the forum below.