Security¶
Status¶
Status: Limited peer review
TDA Precedence¶
| TDA Submission | Relationship |
|---|---|
| 67 Digital Admissions | Influenced by |
| 75 Activate Account | Used in answers and approved (version 0.1.0) |
NFRs¶
| NFRs | Relationship |
|---|---|
| NFR.054 | Potentially Answers |
| NFR.056 | Potentially Answers |
Means to achieve¶
1 - Use small single responsibility services¶
The service is hosted in it's on Virtual Private Network. Each service uses dedicated service accounts for each component following least privileged principles.
System users have no access to the underlying cloud admin controls.
CI pipelines have been configured for rapid deployment of specific docker images when a patch has been prepared. Further details here: https://docs.google.com/document/d/14Ob5uZVJ-l9Tb-JlU2ouxcTfSOqPA_gKeoCCZAyyPVE/edit?usp=sharing
Where files are uploaded by users the Malware and Virus Scanner API will be used.
Pen testing occurs on most services periodically. All services benefit from common tooling that receives indirect pen testing.
Software dependency updates are performed by the service team and follow DevOps change practices: https://docs.google.com/document/d/1tGIYU-11l7G7byz1IZw-mhDHjJMPRnS_rIrAX5esyTM/edit?usp=sharing.
Compliance Requirements¶
- Use the team-data to apply cloud admin permissions to each project
- Use
{crsid}@gcloudadmin.g.apps.cam.ac.ukaccounts for privileged access operations: https://guidebook.devops.uis.cam.ac.uk/explanations/gcloudadmin-accounts/#more-information - Project is provisioned using the Google Cloud Product Factory
- For HTTP APIs use Cloud Run Terraform Module
- For asynchronous tasks use the ucam-faas library, docker base image and terraform module
- If users can upload files, use the Malware and Virus Scanner service.