Security Model
  • Set of agents/plugins per user session
  • Adhere to principal of least privilege
  • Entry point
    • Authentication (e.g. frontend in different authentication domain)
    • Pluggable
    • Ssl/ssh
  • Plugins
    • Run with privileges of user
    • Propagation of credentials through network
  • Agents
    • Require elevated privileges
    • Starting/stopping/reconfigure
  • Session manager controls credentials
    • Query API
    • Agent/Plugin API’s include credentials
    • Refresh credentials
Unless otherwise stated, the content of this page is licensed under Creative Commons Attribution-ShareAlike 3.0 License