Overview
Review of design and security elements of the an incremental upgrade to the XSEDE SSO login hub (login.xsede.org).
Review Input Documents
Review Criteria
Scenario 1: User login to service
- Concerns to be addressed when discussing this scenario:
- How are accounts created, updated, and deactivated?
- How is logging handled?
- What does the user have access to on the server outside their home directory?
- How are home directory content quotas managed?
- How are backups managed?
- What client software is available initially to the user?
- How is 2-factor login handled?
- How is password login handled?
Scenario 2: Hacker attempts to login to service
- Concerns to be addressed when discussing this scenario:
- Are there any controls and mitigation responses to repeated failed logins?
- How is failed login logging handled?
Schedule
Current Date: 2023-05-28Current Status: Closed (Design and Security Review)
| Target Date | Actual Date | Activity Milestone |
|---|---|---|
| 2015-09-02 | Review launch date | |
| 2015-09-11 | Written feedback due (Reviewers) | |
| 2015-09-18 | 2015-09-09 | Written response date (Review Material Developers) |
| 2015-09-25 | 2015-09-09 | Final approval due and completion date (Reviewers) |
Review Last Updated: 2015-12-14 9:36 am
Reviewers
If you are a reviewer, please login to sign or withdraw from this review.
Required
- Jim Basney
- Randal Butler
Optional
- Jim Marsteller
Review Material Developers
Stephen McNally
Michael Campfield
David Carver
Randal Butler
Jim Marsteller
Tabitha Samuel
Shava Smallen
John-Paul Navarro
Review Facilitator
John-Paul Navarro
