Overview
General design and security risk review for a new XDCDB API for use by gateway_submit_attributes, OAuth 2.0 and CILogon user lookup, and xdusage allocation lookup.
Review Summary
Reviewers didn't raise any current design/security issues, thought there was a suggestion to consider an alternate design in the future. A reviewer suggested an additional review "input material" pointer be added, which we did.
Review Output Documents (Final)
No revisions made. The input material is the final material.
Review Input Documents
Review Criteria
- Is the API sufficiently secure (authentication, authorization, and data disclosure)
- Are the API actions and the information they provide read or update access to appropriate
- Will the API software and the server be managed using appropriate operations and support practices
Schedule
Current Date: 2023-09-24Current Status: Closed (Design and Security Review)
| Target Date | Actual Date | Activity Milestone |
|---|---|---|
| 2016-07-25 | Review launch date | |
| 2016-07-13 | Written feedback due (Reviewers) | |
| 2016-07-22 | 2016-07-25 | Written response date (Review Material Developers) |
| 2016-07-26 | 2016-07-25 | Final approval due and completion date (Reviewers) |
Review Last Updated: 2016-07-25 2:32 pm
Reviewers
If you are a reviewer, please login to sign or withdraw from this review.
Required
- Jim Basney
VIEWED: 2019-10-03 15:02
SIGNED: 2016-07-11 13:32 - John-Paul Navarro
SIGNED: 2016-07-15 10:03
Optional
- Eric Blau
SIGNED: 2016-07-12 11:32 - David Hart
SIGNED: 2016-07-11 17:21 - Jim Marsteller
- Marlon Pierce
- Scott Sakai
SIGNED: 2016-07-11 20:14 - Adam Slagell
SIGNED: 2016-07-07 16:42 - Shava Smallen
VIEWED: 2019-04-18 12:47
Review Material Developers
Michael Shapiro
Amy M. Schuele
Review Facilitator
John-Paul Navarro
Please post your comments using the "New topic" or "Post reply" buttons in the forum(s) below.
There are 2 discussion boards in this review. Please scroll down and post comments in the most appropriate board.
