Skip to end of metadata
Go to start of metadata
There are a series of security features built into ASTRA as follows:
- Secure databases run on UW-IT servers.
- Access to the ASTRA Web interface is protected by two-factor authentication, using an Entrust token.
- Whenever authorizations are modified (added, deleted, updated), post-entry review messages (PERM's) are sent via email to both the person who modifies authorizations and the person whose authorizations are modified.
- An audit trail of all modifications to authorization data is maintained.
- Delegators and Authorizers can only grant what they are authorized to grant.
- A person cannot grant themselves authorizations.
- All applications must authenticate with an X509 client certificate issued by the UWCA.