stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 16 Releases Wiki Activity
Files
579236bfce197db61f9f31bd9645665ba620726a
git.stella-ops.org/docs/security/vuln-rbac.md
StellaOps Bot 579236bfce
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
Details
Concelier Attestation Tests / attestation-tests (push) Has been cancelled
Details
Add MongoDB storage library and update acceptance tests with deterministic stubs 
- Created StellaOps.Notify.Storage.Mongo project with initial configuration.
- Added expected output files for acceptance tests (at1.txt to at10.txt).
- Added fixture input files for acceptance tests (at1 to at10).
- Created input and signature files for test cases fc1 to fc5.
2025-12-05 22:56:01 +02:00

870 B
Raw Blame History

Vuln Explorer RBAC & ABAC (Md.XI draft)

Status: DRAFT — pending security review and GRAP0101. Do not publish until roles/claims verified.

Scope

  • Roles/scopes, ABAC policies, attachment encryption/CSRF considerations for Vuln Explorer.

Dependencies

  • Security review; GRAP0101 identifiers; attachment token wording from Authority.

Outline

  • Scopes: vuln:view/investigate/operate/audit (+ legacy read).
  • ABAC filters: vuln_env, vuln_owner, vuln_business_tier; enforcement in tokens/permalinks.
  • Attachment tokens: issuance/verify; encryption notes; CSRF protections.

Hash Capture Checklist (post-review)

  • assets/vuln-explorer/rbac-scope-table.md (scope/role matrix)
  • assets/vuln-explorer/abac-claims.json (sample token claims)
  • assets/vuln-explorer/attachment-token-flow.json (issuance/verify payloads) Last updated: 2025-12-05 (UTC)