Page 127 - Reference framework for integrated management of an SSC - A U4SSC deliverable on city platforms
P. 127

•  Provide a central and easily accessible module (via web) for the Administration of users, roles
                and permissions.
            •  Integrate existing user repositories as user records from local authorities or other user databases.

            •  Have the capacity to extend to adapt security mechanisms to the needs of each city.

            The Platform must ensure the privacy and security of the data stored or managed by the solution,
            especially in a shared resource environment (PaaS: Platform as a Service). Likewise, it must be
            possible to define different access profiles to the different types/groups of data, so avoiding their
            inappropriate use.

            The Platform must guarantee the secure sending of data to and receiving data from the devices
            connected to it, and its secure distribution to the applications that require it. At a minimum,
            authentication of the elements that originate the data and applications that require access to
            those data must be implemented.

            The Platform must allow the definition of different roles and levels of access on the data,
            functionalities, and services of the Platform, authorize or deny access to the different applications
            and define the privileges required to act on a certain set of data.


            Users of the SSC Platform may be individuals or applications that consume services or information.
            Different types of access for users should be considered based on different roles such as:

            •  System administrator

            •  Operator
            •  Managers

            •  SW clients of other applications

            Role/permission management should be set for at least three levels of security:


            •  Access to data: Limit the information that each user can view. For example, a user of a certain
                service will have access only to the information corresponding to the data of its service, and to
                global data like General data such as global averages, deviations, or others obtained from the
                joint processing of the data corresponding to all the services.
            •  Access to SSC Platform elements: Limit access to reports and dashboards configured on the
                Platform. For example, a service user will only be able to access the reports defined with the
                data corresponding to their scope.
            •  Functionality: Delimit the actions that certain users can perform based on their profile. For
                example, a report user will be able to determine which reports and objects a consumer user
                has access to. Another example would be that consumer users would only query reports that
                they have permission to access.






                                                       Reference framework for integrated management of an SSC | June 2023  113
   122   123   124   125   126   127   128   129   130   131   132