openEPCR will have a security model based on Role-Based Access Control (RBAC).
The idea is that every major action - viewing a PCR, editing a PCR, printing, inputting, etc. will have a list of roles associated with it as allowed to perform the action.
The second component of the security model is data security from non-authorized users. The RBAC component will handle all security and access control for authorized users accessing data through the GUI (or other intended means). Other security measures will cover:
- Data encryption to prevent access to data that is locally cached on the client system.
- Encryption of network communications between the client and server.
- Possible (in the future) encryption of data stored on the server.
- Suggestions on how to secure the server to prevent data access or tampering.
- Suggestions on security for the client machines.