This system acts as a link shortener for CIA2 employees
This system maintains a set of user-provided links and their associated short links
This section describes an attached diagram of the authorization boundary for CIA2 Infrastructure's information system.
This section describes an attached diagram of the network architecture for CIA2 Infrastructure's information system.
This section describes an attached diagram of various dataflows for application and related elements of the CIA2 Infrastructure's information system.
The developer of the application supports CIA2 Public Affairs Officers by administering the application and its infrastructure.
CIA2 Public Affairs Officers (PAOs) in each division of the agency review public communications to citizens who are customers of the CIA2. PAOs review requests from colleagues to generate and publish content that is the target of a shortlink and can unpublish shortlinks.
The general public is free to click on shortlinks
CIA2 develops, operates, and maintains the CIA2 link shortener system
This is the custom CIA2 application within the system.
This is the web application framework upon which the developer writes the custom CIA2 application for the user interface and API of this system.
This is the database for the custom CIA2 application within the system.
This is the operating system for the web server that runs the custom CIA2 application within the system.
This inventory item is an instance from the CIA2Cloud Compute Service (CCS) Service. It is a Linux server.
This inventory item is an instance from the CIA2Cloud Load Balancer (CLB) Service. It is a Linux server.
This is the control implementation for the application and infrastructure that compose to the CIA2 Infrastructure's system.
The CIA2 application and infrastructure are composed as designed and implemented with lease privilege for the elements of this system.
For the CIA2 application, the custom application is designed and implemented on top of the Django Framework to enforce least privilege. The application has a role for CIA2 Public Affairs Officers and one for the developers for privileged permissions, respectively. Only the latter can access or change administrative and security configurations and related data.
The Django Framework and Django REST Framework (DRF), by default, allows any user with the is_staff role attribute to access administrative functions in an application using the framework. CIA2 developers have disabled this behavior, relying on the custom roles identified in the relevant section.
For the CIA2 database, the system account and credentials for the application to read and write to the system datastore has specific read and write authorization for specific tables. This database service account does not have full administrative permissions to add, modify, or delete all respective tables. For the production environment, only the CIA2 developer has a dedicated account with equivalent permissions. Only local network socket access, within in the Linux server, is permitted by host firewall configuration. Remote access, privileged or unprivileged, is not allowed remotely and the system engineer must locally authenticate for access.
For the RedHat Linux server upon which the CIA2 application is deployed in this system, only the system engineer has a non-privileged user to log in remotely via the SSH protocol to perform ad-hoc inspection, monthly log review as required by policy and procedure, and emergency debugging of the system. Privileged system administration operations may only be performed with the sudo subsystem which requires a password, two-factor authentication, and has enhanced logging of all commands executed. The system engineer must log in remotely and then use sudo to elevate privileges. Remote access with the privileged account is prohibited by configuration and attempts are logged.
For this remote SSH access, least privilege is additionally enforced by allowing this access via a specific network zone in the CIA2 cia2cloud account accessible to only the system engineer via CIA2's VPN solution, which requires the system engineer use a dedicated account with their own password and two-factor authentication token.
For cia2cloud account and API access to reconfigure the Linux server and its load balancer, administrative access is only allowed for the system engineer via a special cloud IAM role. The authentication and authorization for this role is controlled by an integration with the organization's single sign-on solution. This solution will only be accessible and correctly execute for them when they are on the VPN with their account with traffic forwarded to the appropriate network zone in the CIA2 account in the cia2cloud. It will not work the developer or any staff users of the application.
NIST Special Publication 800-53 Revision 5: Security and Privacy Controls for Federal Information Systems and Organizations