This section will highlight important requirements or describe any additional cross-cutting requirements that apply to this Building Block.
The cross-cutting requirements described in this section are an extension of the cross-cutting requirements defined in the Architecture specification and Security requirements. This section will highlight important requirements or describe any additional cross-cutting requirements that apply to this Building Block.
Each Building Block must implement access and authorization audit, logging, tracing, and tracking with alerts (minimally proxied or implemented through the API Management and Gateway services).
The system must log all user activity in the system.
User action log is visible for admin users.
By default user action log is stored for 1 year after which the system will delete the log automatically. The storage length is configurable in the rules engine.
See detailed audit logging requirements part of the Security Requirements specification section 6.2. Also refer to the the Information Mediator Building Block's "Logging Services" (section 6.4), which may already provide an audit trail of API requests.
Each building block must implement the ability to provision, de-provision, and manage Identities and access rights (this may or may not be centralized for the whole architecture as a unified provisioning process).
See the Security Requirements specification section 6.2 (IAM).
The design of the building block should be inclusive, allowing for multiple languages/translations, as well as following all accessibility guidelines.
Egress, in the world of networking, implies traffic that exits an entity or a network boundary, while Ingress is traffic that enters the boundary of a network. Any ingress or egress traffic must leverage an Information Mediator or secure API gateway.
The following standards are applicable to data structures in the Registration Building Block: