Skip to content

Definition of F.User accounts management lacks operational flexibility

Vertical Standard Comment

Please complete the below fields. Further instructions can be found in the repositories README.md Do not forget to add a Label, using the sidebar on the right.

Standard Version (see README.md for info):

V0.0.5

Line Number:

Clause/Subclause:

4.2

Paragraph/Figure/Table:

Comment:

As defined, there is no possibility for a multi-tenant system, or a hierarchical PKI. Additionally, there is no possibility for fine grained access control. Users are either administrators or operators in this scheme, which is very limited in applicability.

There are two potential changes, one is more involved than the other.

The first is to treats each service at a particular hierarchy level or distance from the root of trust. This would involve significant redefinitions across the document.

The other is to approach this when discussing user accounts management.

Proposed Changes:

F.User accounts management:

  • System administrator account: authorised to install, configure and update the product.
  • System operator account: authorised to operate the PKI services.

NOTE 6: Access control methods are not prescribed by this standard. Access control should be granted at the granularity of individual PKI services, and may be granted at the granularity of individual PKI service functions. This includes the user accounts management service.

NOTE 7: The PKI services are logically scoped to a PKI context beginning at a trust root, the CA. Products may support multiple independent CAs. In that case, system operator accounts should be scoped at least to the granularity of one or more such PKI contexts, and may include finer grained access control as described in the previous note.

NOTE 8: Hierarchical PKIs are treated as an extension of the previous note. Products may permit managing dependent PKI contexts derived from an ancestor context, with finer scoped access control as covered in the previous notes. Management of such dependent PKI contexts is itself a function that may require individual access control.

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information