stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 12 Releases Wiki Activity
Files
8c8f0c632d7968fc799ff2ec6da0108de500f378
git.stella-ops.org/docs/security/vuln-rbac.md
StellaOps Bot 579236bfce
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
Details
Concelier Attestation Tests / attestation-tests (push) Has been cancelled
Details
Add MongoDB storage library and update acceptance tests with deterministic stubs 
- Created StellaOps.Notify.Storage.Mongo project with initial configuration.
- Added expected output files for acceptance tests (at1.txt to at10.txt).
- Added fixture input files for acceptance tests (at1 to at10).
- Created input and signature files for test cases fc1 to fc5.
2025-12-05 22:56:01 +02:00

21 lines
870 B
Markdown
Raw Blame History

# Vuln Explorer RBAC & ABAC (Md.XI draft)
> Status: DRAFT — pending security review and GRAP0101. Do not publish until roles/claims verified.
## Scope
- Roles/scopes, ABAC policies, attachment encryption/CSRF considerations for Vuln Explorer.
## Dependencies
- Security review; GRAP0101 identifiers; attachment token wording from Authority.
## Outline
- Scopes: vuln:view/investigate/operate/audit (+ legacy read).
- ABAC filters: vuln_env, vuln_owner, vuln_business_tier; enforcement in tokens/permalinks.
- Attachment tokens: issuance/verify; encryption notes; CSRF protections.
### Hash Capture Checklist (post-review)
- `assets/vuln-explorer/rbac-scope-table.md` (scope/role matrix)
- `assets/vuln-explorer/abac-claims.json` (sample token claims)
- `assets/vuln-explorer/attachment-token-flow.json` (issuance/verify payloads)
_Last updated: 2025-12-05 (UTC)_
Reference in New Issue View Git Blame Copy Permalink