Security Model

From OpenEPCR
Jump to: navigation, search

openEPCR will have a security model based on Role-Based Access Control (RBAC).

The idea is that every major action - viewing a PCR, editing a PCR, printing, inputting, etc. will have a list of roles associated with it as allowed to perform the action.

The second component of the security model is data security from non-authorized users. The RBAC component will handle all security and access control for authorized users accessing data through the GUI (or other intended means). Other security measures will cover:

  • Data encryption to prevent access to data that is locally cached on the client system.
  • Encryption of network communications between the client and server.
  • Possible (in the future) encryption of data stored on the server.
  • Suggestions on how to secure the server to prevent data access or tampering.
  • Suggestions on security for the client machines.
Retrieved from "http://www.openepcr.org/index.php?title=Security_Model&oldid=37"
Personal tools