Common Criteria Roles and Permissions
User Roles can be edited by navigating to Admin | Roles and choosing Assign Roles, then Edit. On the Role Assignment page you will be able to select which users should be assigned to which role.
The User Roles that comply with Common Criteria standards are:
-
Administrator
-
User
-
Read Only User
By default, Administrators have all possible Role Permissions. To view the list of permissions and security attributes that associate to each User Role, navigate to Admin | Roles and select each role to view the list of permissions. Each user session will be limited by the Role Permissions assigned to that user.
Each can be associated with individual user identities, or can be associated with either a local Group or an Active Directory Group. To assign a Role to a User or Group, navigate to Admin > Roles > Assign Roles.
To administer configurations required for Common Criteria standards, an Administrator requires the default permissions that are included for the Administrator Role.
Assigning Roles to Users
The default role assignment for new users is set by navigating to Admin | General tab | User Experience section (scroll to bottom). To ensure that no new users are created or imported with any extra privileges, make sure that this setting is set to “None.”
To edit this default setting, click Edit and select “None” from the dropdown list as shown by the screenshot below. Then click Save.
To assign users to Roles that are compliant with Common Criteria standards to specific users or groups, navigate to Admin | Users and select the user, OR navigate to Admin | Roles; then click Assign Roles.
Under the By User Or Group tab, select a user or group from the dropdown, then click Edit.
The Roles supported in Common Criteria include Administrator, User, and Read Only User.
To apply one of these roles, select it from the righthand list and move it to the left side under the Assigned box. Ensure that every user only is assigned only one of these Roles. If both “Administrator” and “Read Only User” are assigned to the same user, the user will maintain full Administrator access to Secret Server. Click Save Changes:
Management Functions Based On Role
This section describes management activities and corresponding roles of the evaluated security functionality.
| Role | Management Functions |
|---|---|
| Read-only User | Search and list Secrets |
| User | Use Secret/Launch session |
| User | Request access to Secret |
| Administrator | Create, view, expire, edit, and assign Secrets |
| Administrator | Perform bulk operations on Secrets |
| Administrator | Create and manage groups |
| Administrator | Create and manage roles, assign roles to users |
| Administrator | Create and manage containers (folders) |
| Administrator | Create and manage Secret policy |
| Administrator | Configure TOE SF (see Table 5) |
| Administrator | Create, manage, and unlock local accounts |
| Administrator | Configure IIS, SQL, syslog |
| Administrator | Update TOE |
Table 5: Management Functions and Roles
By default each User Role is attached to Permission Sets. To view the specific permissions that each role is attached to, navigate to Admin | Roles and click into the user roles listed to see the list of permissions.
Organizations can tailor these user roles to maintain whatever permissions settings are required for your specific user environment.
8.3 Common Criteria Management Activities Based On Role
The following table specifies the user role required to allow each management activity listed according to Common Criteria Standards.
| Requirement | Management Activities | Role |
|---|---|---|
| ESM_EAU.2 | Management of authentication data for both interactive users and authorized IT entities (if managed by the TSF) | Administrator |
| ESM_EID.2 | Management of authentication data for both interactive users and authorized IT entities (if managed by the TSF) | Administrator |
| ESM_ICD.1 | Definition of identity and credential data that can be associated with users (activate, suspend, revoke credential, etc.) | Administrator |
| Management of credential status | Administrator | |
| Enrollment of users into repository | Administrator | |
| ESM_ICT.1 | Configuration of circumstances in which transmission of identity and credential data (and object attributes, if applicable) is performed | Administrator |
| FAU_STG_EXT.1 | Configuration of external audit storage location | Administrator |
| FIA_AFL.1 | Management of the threshold for unsuccessful authentication attempts | Administrator |
| Management of actions to be taken in the event of an authentication failure | Administrator | |
| FIA_USB.1 | Definition of default subject security attributes, modification of subject security attributes | Administrator |
| FMT_MOF.1 | Management of sets of users that can interact with security functions | Administrator |
| FMT_SMR.1 | Management of the users that belong to a particular role | Administrator |
| FTA_SSL.3 | Configuration of the inactivity period for session termination | Administrator |
| FTA_TAB.1 | Maintenance of the banner | Administrator |
| FTP_ITC.1 | Configuration of actions that require trusted channel (if applicable) | Administrator |
| FTP_TRP.1 | Configuration of actions that require trusted path (if applicable) | Administrator |
Table 6: Management Functions and Roles by Common Criteria Requirement
