Skip to content
This repository has been archived by the owner on May 16, 2023. It is now read-only.

Verschärftes Rechte- und Rollenkonzept #153

Open
BrittaTSI opened this issue May 18, 2021 · 8 comments
Open

Verschärftes Rechte- und Rollenkonzept #153

BrittaTSI opened this issue May 18, 2021 · 8 comments
Labels
data privacy Issue concerns data privacy Frontend Investigate Portal Rel. 2 (07.06.2021) Schnelltestportal Stufe 2 laut Sprintplan von Rainer security Issue concerns security

Comments

@BrittaTSI
Copy link

BrittaTSI commented May 18, 2021
edited
Loading

gem. Gespräch TSI Security/Datenschutz/Dev, 03.05.2021 / Differenzierung der Rechte je im PoC ausgeführter Rolle -> Wer darf eingeben, wer darf ausdrucken, wer darf speichern

https://miro.com/app/board/o9J_lOjvz8M=/?moveToWidget=3074457356491331127&cot=14
@Ein-Tim
Copy link
Contributor

Ein-Tim commented May 18, 2021

Is this really an issue for the documentation repository? If yes could you please further elaborate it?

Thank you!

@BrittaTSI
Copy link
Author

It is a requirement of our Security and Privacy colleagues that we have to provide more details in our role and authorization concept.
The concept is a mandatory deliverable in the Telekom's Privacy & Security Asssement process (part of the SDSK) but we were asked to track this issue separately because of its importance.
Documentation seemed to me the most appropriate repository for this issue. What do you think?

@Ein-Tim
Copy link
Contributor

Ein-Tim commented May 18, 2021

@BrittaTSI Thank you for elaborating! Yes, in this case I agree that it can stay in this repository!

@BrittaTSI
Copy link
Author

@Ein-Tim
P.S. Same holds for https://github.com/corona-warn-app/cwa-documentation/issues/617, please see my comments there.

@Ein-Tim
Copy link
Contributor

Ein-Tim commented May 18, 2021

@BrittaTSI Thank you! And also thank you for tracking this issue transparently here!

@MikeMcC399
Copy link

@BrittaTSI
Is there a document published in this repository which defines the role and authorization concept you refer to? You write that you (TSI?) have to provide more details there, so it only makes sense to have this issue here in this repository if the document is also posted here, or would be posted here at a later date.

If, on the other hand, the document is an internal document, then perhaps the issue is better listed in one of your internal systems which isn't visible to the Internet community.

@BrittaTSI
Copy link
Author

BrittaTSI commented May 18, 2021
edited
Loading

@MikeMcC399
You have a point here.
The document itself is indeed Telekom-internal. I will try to find another reposistory to move it to.
The topic is of course documentation but I do not want to confuse non-Telekom collaborators with our internal stuff.

@BrittaTSI BrittaTSI transferred this issue from corona-warn-app/cwa-documentation May 18, 2021
@BrittaTSI BrittaTSI added data privacy Issue concerns data privacy Prio 3 security Issue concerns security labels May 18, 2021
@BrittaTSI BrittaTSI changed the title Verschärftes Rechte- und Rollenkonzept Verschärftes Rechte- und Rollenkonzept - REPO ÄNDERN! May 18, 2021
@BrittaTSI BrittaTSI added Sprint/Date tbd Frontend Portal Rel. 2 (07.06.2021) Schnelltestportal Stufe 2 laut Sprintplan von Rainer and removed Prio 3 Sprint/Date tbd labels May 19, 2021
@BrittaTSI BrittaTSI changed the title Verschärftes Rechte- und Rollenkonzept - REPO ÄNDERN! Verschärftes Rechte- und Rollenkonzept Jun 9, 2021
@BrittaTSI
Copy link
Author

Vermutung - Anforderung ist mittlerweile obsolet.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
data privacy Issue concerns data privacy Frontend Investigate Portal Rel. 2 (07.06.2021) Schnelltestportal Stufe 2 laut Sprintplan von Rainer security Issue concerns security
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@BrittaTSI @MikeMcC399 @Ein-Tim