Content

Hephaistos security

Security

Hephaistos is not an application designed for the top-secret usage. Currently the only one security feature is the access restriction to the application: it requires login and password pair from each user.

Data are currently transferred on the HTTP protocol in the open form. In the future we want compress transferred data. Of course, this will be more the performance than a security feature, but transfered data will be not so easy readable.

Roles

Hephaistos knows these roles:

• enterprise manager - is an administrator of the application
• top manager - role prepared for usage in the next Hephaistos releases
• project manager - is a manager of the project and project team
• team leader - can do some work like project manager
• project member - is a member of the project team

Permissions

Hephaistos has a built-in set of the security features. Here you can see them:

• only enterprise manager can create new user and manage his / her access to application
• an user can edit his / her contact informations and change his / her password
• new project can be created by enterprise manager only
• only enterprise manager can set project manager for a project and setup project team
• project manager can create and plan tasks for his / her project and assign worker to task
• team leader can manage tasks of his / her project (change the assignee, finish task)
• project member can add activity to any task of the project, in which he / she is a member

Currently there are no visibility restrictions in the Hephaistos application. Each user can see all resource, project, task and activity records.

We want to add the monitoring costs feature to our application in the future. And then will come top manager role to the play.