Configure Role-Based Access Control (RBAC) in Intel Exchange
Role-Based Access Control (RBAC) is a mechanism that restricts user access to certain features or sensitive data based on the role of the user. Intel Exchange uses RBAC to define roles and manage user access to the platform features and data. As an administrator, you can manage user access to certain features and data based on the user roles by defining roles and assigning permissions. You can do the following to manage user access:
You can define user access to various features of the platform. You can also configure and allow users to perform only selected or all activities for a feature. For example, you can configure certain users to view threat data objects, while you can configure another set of users to update threat data objects. For more information, see Configure Feature Access.
You can define user access to threat data objects in Intel Exchange. For example, you can configure certain users only to view threat data objects whose TLP value is Green. For more information, see Configure Threat Data Access.
You can define user access to tags and tag categories in CTIX. For example, you can configure certain users to view only system tags in Tag Management. For more information, see
The access types mentioned control the user access to the CTIX. The following diagram shows the flow of access in the CTIX.
<img>
Configure Feature Access
You can define the permissions for a user group to access platform features and perform actions. There are three permissions:
View: You can define permissions to view the data of the feature. If you do not give view permissions, the whole feature is hidden in the application user interface and not visible to the users.
Create: You can define permissions to create an entity(Object) of the feature.
View & Update: You can define permissions to view and update existing data of the feature. The users can not add or create a new entity of this feature.
Enable Delete for All: You can define delete permissions for some features in your user group.
Users with Create & Update permission to a feature can access all the data of that feature.
You can create multiple user groups for various user roles in your organization and define the permissions for each user group. For more information, see→ Create User Group.
Steps
To configure feature access, follow these steps:
Go to Administration> User Management> User Groups.
Add a user group and define the view create and update permissions to the features.
Add users to the user group.
The users of this user group will be assigned with the permissions defined in the user group. A user can be assigned to multiple user groups and can access features as defined in the user groups.
Configure Threat Data Access
In addition to feature access, you can further configure user access to threat data objects based on TLP and tags.
You can select the TLPs to allow users to access threat data objects associated with selected TLPs. Users cannot view the objects associated with the not-selected TLPs in Threat Data. If no TLP is selected, users can access all threat data objects.
You can select tags to restrict users from accessing threat data objects associated with selected tags. Only tags from the Privileged Access Tags category can be added as restricted tags. If no tag is selected, users can access all threat data objects.
Steps
To configure threat data access, follow these steps:
Go to Administration> User Management> User Groups.
Add a user group and select the allowed TLPs and tags.
Add users to the user group.
The users of the user group can only access threat data objects of selected TLPs and tags.