-
Notifications
You must be signed in to change notification settings - Fork 43
Architecture & Security
WIP
PIMS is architected and built to adhere to OCIO Information Security Standards.
Authentication options (IDIR, BCeID, BC Services Card) are offered via integration with an instance of Keycloak SSO, hosted by Platform Services.
All users must either have an active IDIR or BCeID account or use their BC Services Card to log in to PIMS.
These users must then be assigned a role and be marked as Active by an Administrator in order to access data within PIMS.
- OAuth2.0
- Open ID Connect (OIDC)
- HTTPS
- SSL
PIMS uses a role-based permissions architecture to ensure appropriate access is provided to data. These roles are contained only within the application's database. Keycloak's role management is no longer used.
Roles determine the level of access for each user. A user may currently only have one role. Users are assigned roles through the PIMS UI. Only users with the Administrator role may assign roles to other users.
| Role | Description |
|---|---|
| Administrator | Manage all users within PIMS. Can modify agencies, administrative areas, and users. Administrators have permissions to progress projects beyond the initial submission, and they may edit these projects. They can view and edit both projects and properties belonging to any agency. |
| General User | General Users can view properties and project within their own agency. They can also view properties and projects in the ERP state (see Glossary). General Users can submit projects and properties, but they can only edit properties belonging to their agency. |
| Auditor | The Auditor role is designed for users who only need viewing permissions. They can view all properties. They can view projects within their agency and those within the ERP state. Auditors have no permissions to add or edit records within PIMS. |
The hosting platform used for PIMS is OpenShift. The DevOps tools are GitHub Actions, ArgoCD, and OpenShift. Configuration values, including private keys, are primarily secured using Vault, with some OpenShift-related values stored directly as OpenShift secrets.
The API database used for storing property inventory is hosted in the OpenShift environment. It uses Crunchy Data and is backed up both within OpenShift and in S3 storage. External access is not available. Internal access is only available within the OpenShift Project to approved Pods. There is a separation of account permissions. The account solely for application use has the minimum permissions needed for the application's operation.
PIMS is designed to store sensitive property information. Users may mark properties as containing sensitive information, which should guide their decisions when potentially sharing this data outside of PIMS.
All software, frameworks, tools used and built by or for PIMS is presently Open Source. PIMS is built under the Apache 2.0 license.
Presently PIMS does not provide any electronic signatures. All signatures are provided externally through standard/historical processes.
All documentation of requirements and constraints is documented in the following locations: Jira, Confluence, GitHub. All documentation is visible and reviewed through Scrum Project Management processes and peer reviewed through Pull Requests within GitHub. All requirements and constraints are approved through Scrum Project Management processes (i.e. Backlog Refinement, Sprint Planning).
Testing is performed through the following; Manual Developer Testing, Manual QA Testing, Automated unit-test, Automated integration test, UAT Testing, CodeQL static analysis, OWASP ZAP dynamic analysis, and Code Climate reporting.
The PIMS API is a RESTful implementation. It is accessible externally but requires authentication via OAuth2.0. All HTTP methods are applied appropriately. URLS only identify a single resource type. Presently PIMS only supports output formats (JSON). The API is versioned and all URLs adhere to their version.
All data entered into PIMS is currently hosted within the database. The database model is available on the Database wiki page.
The intent of PIMS is a shared resource between all agencies/ministries to maintain inventory of property for the purpose of disposal and acquisition.
As PIMS is a property inventory, physical addresses of properties are stored. Additionally GIS latitude and longitude coordinates captured and stored within the database.
All dates and times are stored as UTC within the database.
PIMS has been designed and developed with the latest stable released software, frameworks and tools. It follows an update process that ensures that the main technologies and relevant dependencies are using the most recent stable version. GitHub (Dependabot) provides regular scans for vulnerabilities found within dependencies and submits regular Pull Requests (PR).
Direct access to the database and its host container is only possible through access to the appropriate OpenShift Project. Databases are backed up on a regular schedule.