Account Management
Managing user accounts in CCC is crucial for maintaining both system performance and security. This section covers the different user roles within CCC, the process for adding and managing users, and the application of detailed password policy rules for each CCC password field to ensure adherence to security standards. Whether you’re an Administrator setting up new users or an Application Owner deploying services, this information will help you efficiently handle account management tasks and ensure the security of your CCC environment.
Understanding user roles
In CCC, there are two types of users: Administrator and Application Owner.
Administrator
As an Administrator, you hold the key to the full range of Crypto Command Center's (CCC) capabilities. You have unrestricted access to the Administrator dashboard, enabling you to:
-
Add and Manage Users: Create, modify, and delete user accounts, assign roles, and configure user permissions to ensure the right individuals have appropriate access.
-
Manage Devices: Add and configure devices that will interact with CCC, ensuring they are correctly integrated into your system.
-
Create Services: Define and set up services within CCC, tailoring them to meet the needs of your organization and its users.
-
Configure Notifications: Set up email notifications to keep users informed about system events, updates, and alerts.
-
Perform Server Administration: Oversee server settings and performance, ensuring that CCC operates efficiently and securely.
With these responsibilities, you play a crucial role in maintaining the overall functionality and security of the CCC environment, ensuring that the system supports your organization’s cryptographic operations effectively.
Application Owner
As an Application Owner, your primary responsibility is to deploy and manage the services that have been created by an Administrator for your organization. This role is crucial for ensuring that the services provided by the CCC are utilized effectively within your organization. Here’s what you need to know:
-
Service Deployment: You will be responsible for the deployment of various services within the CCC environment. This involves configuring and managing services tailored to the needs of your organization and its members.
-
Organizational Membership and Role Assignment: As an Application Owner, you must be linked to a specific organization within CCC. If your organization isn’t set up, it must be created before you can proceed. When your account is created, ensure that you are assigned to the relevant organization. This assignment is essential for accessing the necessary services and resources within CCC, and for ensuring that your organization’s structure is properly configured for seamless service deployment.
-
Collaboration with Administrators: While your role focuses on service deployment, you will often work in conjunction with Administrators who create and configure these services. Clear communication and collaboration with Administrators are essential for effective service management.
By fulfilling these responsibilities, you play a vital role in enabling your organization to leverage CCC’s capabilities, ensuring that services are deployed and managed efficiently to meet organizational needs.
Adding and managing users in CCC
Adding and managing users in CCC is straightforward. Here’s how you can do it:
Adding users
To add users:
Click on the Accounts tab at the top of your screen.
Select Users from the menu on the left. This brings up a list of all the users in the system, showing details like Status, Name, Username, Directory, and Role.
Click the Add User button on the right and fill out the details in the page that appears.
Enabling the Require two-factor authentication option adds an extra layer of security to the user’s login process. When selected, the user will need to use a two-factor authentication (2FA) app on their mobile device to log in to CCC. This means that in addition to their password, they will be required to enter a time-sensitive code generated by the 2FA app. This process helps protect the account from unauthorized access, even if the user’s password is compromised.
Press the Save button, when done.
Managing users
To manage users:
Click on the Accounts tab at the top of your screen.
Select Users from the menu on the left. This brings up a list of all the users in the system, showing details like Status, Name, Username, Directory, Role, and Organization.
Click on a user from the list, and then press the Edit button to open the user details pane at the bottom of the screen. in this pane, you can update user information, including the first and last name, and choose whether to enable two-factor authentication.
Click the Change Password button on the right of the user details pane to change the password.
Password Policy
In this section, we outline the specific rules for character usage in different CCC passwords. Understanding these policies is essential for maintaining the security and integrity of your CCC environment.
| Field | Valid Characters | Invalid Characters |
|---|---|---|
| admin password | ABCDEFGHIJKLMNOPQRSTUVWXYZ abcdefghijklmnopqrstuvwxyz 0123456789 !#$%&()*+,-./:<=>?@[]^_{}~";`| |
'\ Spaces are not allowed |
| application owner password | ABCDEFGHIJKLMNOPQRSTUVWXYZ abcdefghijklmnopqrstuvwxyz 0123456789 !#$%&()*+,-./:<=>?@[]^_{}~";`| |
'\ Spaces are not allowed |
| SO/CO/CU | ABCDEFGHIJKLMNOPQRSTUVWXYZ abcdefghijklmnopqrstuvwxyz 0123456789 !@#$%^*()-_=+[]{}'/:,.~&? Spaces are allowed |
\";<>`| |
| hsm_password1/hsm_password2 | ABCDEFGHIJKLMNOPQRSTUVWXYZ abcdefghijklmnopqrstuvwxyz 0123456789 !@#$%^*()-_=+[]{}/:,.~&? |
\'";<>`| Spaces are not allowed |
| crypto_officer_password | ABCDEFGHIJKLMNOPQRSTUVWXYZ abcdefghijklmnopqrstuvwxyz 0123456789 !@#$%^*()-_=+[]{}/:,.~&? Spaces are allowed |
\";'<>`| |
| credentialstore_password | ABCDEFGHIJKLMNOPQRSTUVWXYZ abcdefghijklmnopqrstuvwxyz 0123456789 !#$%&*+,-./:<=>?@^_{}~()[]<>| |
\";'` Spaces are not allowed |
| keystore_password | ABCDEFGHIJKLMNOPQRSTUVWXYZ abcdefghijklmnopqrstuvwxyz 0123456789 !#$%&()*+,-./:<=>?@[]^_{}~| |
\";'` Spaces are not allowed |
| truststore_password | ABCDEFGHIJKLMNOPQRSTUVWXYZ abcdefghijklmnopqrstuvwxyz 0123456789 !#$%&*+,-./:<=>?@^_{}~()[]| |
\";'` Spaces are not allowed |
| db_password | ABCDEFGHIJKLMNOPQRSTUVWXYZ abcdefghijklmnopqrstuvwxyz 0123456789 !#$%&*+,-./:<=>?@^_{}~()[]| |
\";'` Spaces are not allowed |
| ca_signed_certificate | ABCDEFGHIJKLMNOPQRSTUVWXYZ abcdefghijklmnopqrstuvwxyz 0123456789 !#$%&*+,-./:<=>?@()[]^_{}~";`\| |
' Spaces are not allowed |
