Security glossary(安全术语表)¶
Below are all the security terms you'll want to familiarize yourself with.
- Access: Indicates whether a user is able to know of a resource’s existence. If a user has access, they can receive various capabilities to use the resource via Roles. If a user does not have access, they will not know the existence of the resource. See: Resource, Role
- Access requirements: The unique security requirements that determine which users may access a Project or resource. These requirements consist of Organizations and/or Markings. If a user meets the access requirements for a Project or resource, then the user is allowed to see the existence of that Project or resource and can be granted a Role on it. See: Organization, Marking, Role
- Attribute: A type of structured information about a user, such as their name, email, or job title.
- Credential collector: Systems responsible for collecting the credentials of a user, which are then validated by the authentication source. The main type of collector is SAML.
- Default Roles (on the platform): There are four Roles that come with the Foundry platform: Owner, Editor, Viewer, and Discoverer. Role administrators can choose to customize these Roles or create completely new ones based on these defaults. Role definitions can also specify which Roles can grant other Roles on the same resource, creating a hierarchy of Roles. See: Role
- Default Role (on a Project): The default Role on a Project defines the Role automatically granted to all users who satisfy the access requirements. If a Project has no default Role, users will be able to see the Project’s name and description and request Project access, but will not be able to discover the Project contents. To encourage collaboration and discovery, Project creation uses a default Role of Viewer, unless otherwise specified. See: Role, Project
- Discretionary controls: Expand the overall capabilities a user has on top of their access and are granted via Roles. Discretionary controls are additive, meaning that discretionary controls can only add permissions for a user and cannot restrict permissions for a user. Discretionary controls can be granted to users through data sharing workflows: for instance, creating a report and sharing it with a colleague grants her view permissions on the report.
- Apply organization: The permission that allows a user to add an Organization to a resource as an access requirement. Users with this permission can apply the organization to resources, folders, or Projects. See: Organization, Access requirements; see also Organization permissions
- Expand access: Expand access refers to any change in the access requirements on a resource such that the audience that can potentially access that resource is expanded. In the case of Markings, the removal of any Marking is an expand access event. In the case of Organizations, expanding access can occur by either (1) adding additional Organizations when at least one is applied, or (2) removing the only Organization applied. See: Access requirements, Organization, Marking; see also Organization permissions
- Group: A set of users and/or other groups. A group may be internal, meaning defined in Foundry, or external, meaning defined by an external identity provider (like Active Directory) or user manager. Internal groups may contain external groups and users. See: Identity provider, User manager
- Identity provider: A system that gives applications the ability to validate users or services as they log in, and also provides information on users, groups, and attributes. An Identity Provider (IdP) is a source for user and group information and attributes. IdPs give applications the ability to validate users or services as they log in, and understand information about these users. See: Attribute, User, Group
- Inheritance/inherited permissions: Access requirements applied at the Project level are inherited by other files and folders within the Project. Similarly, Roles granted at the Project level will be granted on all resources in the Project via inheritance. See: Role
- Mandatory controls: An all-or-nothing access restriction. With mandatory controls in place, regardless of a user's Role, a user cannot access a resource in any way unless the user satisfies the resource’s mandatory controls. These controls take the form of Organizations and Markings. For example, if a colleague shares a report and the dataset backing the report was marked with a top-secret Marking, access to the report is not granted unless the user is cleared for top-secret level data. See: Role, Organization, Marking
- Marking: An access requirement applied to resources that restricts access in an all-or-nothing fashion. In order to meet access requirements, a user must be a member of all Markings applied on the resource. Markings are a mandatory control. See: Access requirement, Resource, Mandatory controls
- Marking category: A collection of Markings. The visibility of Marking categories can be restricted to certain Organizations, and can be visible or hidden. Visible categories are discoverable by anyone who is a member or guest member of the required Organizations. Hidden categories are only discoverable by users from the required Organizations who are explicitly granted permissions on the category or on the category’s Markings. See: Marking, Organization
- Space (previously known as Namespace): A higher-order grouping of Projects where uniform settings can be defined, such as a file system or usage tracking account. See: Project
- Organization: An access requirement applied to Projects that enforces strict silos between groups of users and resources. Every user will be a member of exactly one Organization. In order to meet access requirements, users must be a member of one Organization applied to a Project. Organizations are a mandatory control. See: Access requirement, Resource, Mandatory controls
- Organization discoverability: How users from one Organization view other Organizations, and vice versa. Discoverability across Organizations is configurable; an Organization’s users, groups, and/or resources can be made discoverable or hidden. See: Organization
- Permission: A set of capabilities granted to a user or group that allows them to perform certain tasks in the platform or on resources. See: Roles, Marking, Resource
- Project: A Project is a collaborative space that organizes people and resources for a particular purpose. Projects are the primary security boundary in Foundry and represent a collection of shared work. Users in a Project have approximately uniform access to its contents (specific access may vary depending on discretionary controls), meaning access requirements and Roles should be applied at the Project level. See: Resource, Access requirements
- Realm: An authentication source in Foundry. The realm of each user can be seen in Platform Settings. See: User
- Reference: A link to a resource that causes the resource to be included within the scope of a Project. References are typically used to include datasets from outside the current Project when building a data pipeline. See: Project
- Resource: Anything uniquely identifiable within the Foundry platform, such as Projects, folders, analyses, and datasets. Resources are secured with access requirements and permissions. See: Project, Roles
- Restricted view: A special kind of dataset where granular access to the data within the file is controlled based on defined rules. These rules are based on user attributes and will hide or reveal rows of the dataset based on the user’s level of access. See: Attribute, User
- Role: A collection of permissions that define the specific workflows that a user can perform on a given resource. Roles are a discretionary control and are generally granted at the Project level to provide uniform capabilities on all resources within the Project’s scope. See: Workflow, Resource, Discretionary controls
- Tag: Structured metadata that can be applied to resources for categorization and discovery. Tags are organized into categories, the visibility of which can be restricted to one or more Organizations. Tags can be a helpful construct, but tags do not add or imply security in any way.
- User: An individual who has been authenticated and has access to Foundry. A user is defined by an external Identity Provider (e.g. an Active Directory system). See: Realm
- User manager: An optional Foundry module used to add custom logic to the login flow, typically to assign user groups and attributes during login. For example, the user manager can allow specific users to log in while disallowing logins for all other users. The simplest user managers are synchronous, meaning Foundry will reach out to the service synchronously (at the same time) during login with no user interaction. Asynchronous user managers (AUMs) will redirect to a server which can display a page and support user interaction (such as acknowledging an end-user license agreement) before allowing the login to proceed. See: User
- Workflow: Sets of permissions required to perform a specific user action that should be granted together in a single Role. See: Role
中文翻译¶
安全术语表¶
以下是您需要熟悉的所有安全术语。
- 访问权限(Access): 指示用户是否能够知晓某个资源的存在。如果用户拥有访问权限,他们可以通过角色(Roles)获得使用该资源的各种能力。如果用户没有访问权限,他们将不知道资源的存在。 参见:资源(Resource)、角色(Role)
- 访问要求(Access requirements): 决定哪些用户可以访问项目(Project)或资源的独特安全要求。这些要求由组织(Organizations)和/或标记(Markings)组成。如果用户满足项目或资源的访问要求,则该用户被允许看到该项目或资源的存在,并可被授予相应的角色(Role)。 参见:组织(Organization)、标记(Marking)、角色(Role)
- 属性(Attribute): 关于用户的结构化信息类型,例如姓名、电子邮件或职位。
- 凭证收集器(Credential collector): 负责收集用户凭证的系统,然后由认证源进行验证。主要的收集器类型是SAML。
- 默认角色(平台层面)(Default Roles (on the platform)): Foundry平台自带四种角色:所有者(Owner)、编辑者(Editor)、查看者(Viewer)和发现者(Discoverer)。角色管理员可以选择自定义这些角色,或基于这些默认角色创建全新的角色。角色定义还可以指定哪些角色可以在同一资源上授予其他角色,从而形成角色层级结构。 参见:角色(Role)
- 默认角色(项目层面)(Default Role (on a Project)): 项目上的默认角色定义了自动授予所有满足访问要求的用户的角色。如果项目没有默认角色,用户将能够看到项目的名称和描述并请求项目访问权限,但无法发现项目内容。为鼓励协作和发现,除非另有指定,项目创建时默认角色为查看者(Viewer)。 参见:角色(Role)、项目(Project)
- 自主控制(Discretionary controls): 在用户访问权限基础上扩展其整体能力,并通过角色(Roles)授予。自主控制是累加性的,意味着自主控制只能为用户增加权限,而不能限制用户的权限。自主控制可以通过数据共享工作流授予用户:例如,创建报告并与同事共享,即授予该同事对报告的查看权限。
- 应用组织(Apply organization): 允许用户将组织(Organization)作为访问要求添加到资源的权限。拥有此权限的用户可以将该组织应用于资源、文件夹或项目。 参见:组织(Organization)、访问要求(Access requirements);另请参阅组织权限
- 扩展访问(Expand access): 指对资源访问要求的任何更改,使得可能访问该资源的受众范围扩大。对于标记(Markings),移除任何标记都属于扩展访问事件。对于组织(Organizations),扩展访问可以通过以下方式发生:(1) 在已应用至少一个组织时添加额外的组织,或 (2) 移除唯一已应用的组织。 参见:访问要求(Access requirements)、组织(Organization)、标记(Marking);另请参阅组织权限
- 组(Group): 一组用户和/或其他组。组可以是内部的(即在Foundry中定义),也可以是外部的(由外部身份提供商如Active Directory或用户管理器定义)。内部组可以包含外部组和用户。 参见:身份提供商(Identity provider)、用户管理器(User manager)
- 身份提供商(Identity provider): 一种系统,为应用程序提供在用户登录时验证用户或服务的能力,并提供关于用户、组和属性的信息。身份提供商(IdP)是用户、组信息和属性的来源。IdP使应用程序能够在用户或服务登录时对其进行验证,并了解有关这些用户的信息。 参见:属性(Attribute)、用户(User)、组(Group)
- 继承/继承权限(Inheritance/inherited permissions): 在项目级别应用的访问要求会被项目内的其他文件和文件夹继承。同样,在项目级别授予的角色将通过继承授予项目中的所有资源。 参见:角色(Role)
- 强制控制(Mandatory controls): 一种全有或全无的访问限制。在实施强制控制的情况下,无论用户的角色如何,除非用户满足资源的强制控制要求,否则用户无法以任何方式访问该资源。这些控制以组织(Organizations)和标记(Markings)的形式存在。例如,如果同事共享了一份报告,而支持该报告的数据集被标记为绝密标记,则除非用户被授权访问绝密级别数据,否则不会授予对该报告的访问权限。 参见:角色(Role)、组织(Organization)、标记(Marking)
- 标记(Marking): 应用于资源的访问要求,以全有或全无的方式限制访问。为了满足访问要求,用户必须是应用于该资源的所有标记的成员。标记是一种强制控制。 参见:访问要求(Access requirement)、资源(Resource)、强制控制(Mandatory controls)
- 标记类别(Marking category): 标记的集合。标记类别的可见性可以限制给特定的组织,可以是可见的或隐藏的。可见类别可供所需组织的任何成员或来宾成员发现。隐藏类别仅能被来自所需组织且被明确授予该类别或其标记权限的用户发现。 参见:标记(Marking)、组织(Organization)
- 空间(Space)(原称命名空间(Namespace)): 项目的高级分组,可以在其中定义统一的设置,例如文件系统或使用跟踪账户。 参见:项目(Project)
- 组织(Organization): 应用于项目的访问要求,在用户组和资源组之间强制执行严格的隔离。每个用户恰好是一个组织的成员。为了满足访问要求,用户必须是应用于项目的一个组织的成员。组织是一种强制控制。 参见:访问要求(Access requirement)、资源(Resource)、强制控制(Mandatory controls)
- 组织可发现性(Organization discoverability): 一个组织的用户如何查看其他组织,反之亦然。跨组织的可发现性是可配置的;一个组织的用户、组和/或资源可以设置为可发现或隐藏。 参见:组织(Organization)
- 权限(Permission): 授予用户或组的一组能力,允许他们在平台或资源上执行特定任务。 参见:角色(Roles)、标记(Marking)、资源(Resource)
- 项目(Project): 项目是一个协作空间,为特定目的组织人员和资源。项目是Foundry中的主要安全边界,代表共享工作的集合。项目中的用户对其内容具有大致统一的访问权限(具体访问权限可能因自主控制而异),这意味着访问要求和角色应在项目级别应用。 参见:资源(Resource)、访问要求(Access requirements)
- 领域(Realm): Foundry中的认证源。每个用户的领域可以在平台设置中查看。 参见:用户(User)
- 引用(Reference): 指向资源的链接,导致该资源被包含在项目的范围内。引用通常用于在构建数据管道时包含来自当前项目外部的数据集。 参见:项目(Project)
- 资源(Resource): Foundry平台中任何可唯一标识的内容,例如项目、文件夹、分析和数据集。资源通过访问要求和权限进行保护。 参见:项目(Project)、角色(Roles)
- 受限视图(Restricted view): 一种特殊的数据集,其中对文件内数据的细粒度访问基于定义的规则进行控制。这些规则基于用户属性,并根据用户的访问级别隐藏或显示数据集的行。 参见:属性(Attribute)、用户(User)
- 角色(Role): 权限的集合,定义了用户在给定资源上可以执行的具体工作流。角色是一种自主控制,通常在项目级别授予,以在项目范围内的所有资源上提供统一的能力。 参见:工作流(Workflow)、资源(Resource)、自主控制(Discretionary controls)
- 标签(Tag): 可应用于资源的结构化元数据,用于分类和发现。标签被组织成类别,其可见性可以限制给一个或多个组织。标签可能是一个有用的结构,但标签不以任何方式增加或暗示安全性。
- 用户(User): 已经过身份验证并有权访问Foundry的个人。用户由外部身份提供商(例如Active Directory系统)定义。 参见:领域(Realm)
- 用户管理器(User manager): 一个可选的Foundry模块,用于向登录流程添加自定义逻辑,通常用于在登录期间分配用户组和属性。例如,用户管理器可以允许特定用户登录,同时禁止所有其他用户登录。最简单的用户管理器是同步的,这意味着Foundry会在登录期间同步(同时)联系该服务,无需用户交互。异步用户管理器(AUM)会重定向到可以显示页面并支持用户交互(例如确认最终用户许可协议)的服务器,然后再允许登录继续进行。 参见:用户(User)
- 工作流(Workflow): 执行特定用户操作所需的权限集,这些权限应作为一个整体授予单个角色。 参见:角色(Role)