search
All SpecificationsGovStack Website

5 Cross-Cutting Requirements

This section will highlight important requirements or describe any additional cross-cutting requirements that apply to this Building Block.

hashtag
5.1 Requirements

The cross-cutting requirements described in this section are an extension of the cross-cutting requirements defined in the Architecture specificationarrow-up-right and Security requirementsarrow-up-right. This section will highlight important requirements or describe any additional cross-cutting requirements that apply to this Building Block.

hashtag
5.1.1 System Audit Log Functionality (REQUIRED)

Each Building Block must implement access and authorization audit, logging, tracing, and tracking with alerts (minimally proxied or implemented through the API Management and Gateway services).

  • The system must log all user activity in the system.

  • User action log is visible for admin users.

  • By default user action log is stored for 1 year after which the system will delete the log automatically. The storage length is configurable in the rules engine.

See detailed audit logging requirements part of the Security Requirements specification section 6.2arrow-up-right. Also refer to the the Information Mediator Building Block's "Logging Services" (section 6.4)arrow-up-right, which may already provide an audit trail of API requests.

hashtag
5.1.2 Manage Identities and Access (REQUIRED)

Each building block must implement the ability to provision, de-provision, and manage Identities and access rights (this may or may not be centralized for the whole architecture as a unified provisioning process).

See the Security Requirements specification section 6.2 (IAM)arrow-up-right.

hashtag
5.1.3 Support for Accessibility and Context (REQUIRED)

The design of the building block should be inclusive, allowing for multiple languages/translations, as well as following all accessibility guidelines.

hashtag
5.1.4 Secure Ingress and Egress access mechanisms (REQUIRED)

Egress, in the world of networking, implies traffic that exits an entity or a network boundary, while Ingress is traffic that enters the boundary of a network. Any ingress or egress traffic must leverage an Information Mediator or secure API gateway.

hashtag
5.2 Standards

The following standards are applicable to data structures in the Registration Building Block:

Last updated

Was this helpful?