tsa user administration solution
play

TSA User Administration Solution Matthew Straub - PowerPoint PPT Presentation

Jun 08, 2023 •16 likes •266 views

TSA User Administration Solution Matthew Straub Matthew.Straub@associates.tsa.dhs.gov Matthew.Straub@CACI.com I N F O R M A T I O N D E P L O Y E D . S O L U T I O N S A D V A N C E D . M I S S I O N S A C C O M P L I S H E D . TSAs

  1. TSA User Administration Solution Matthew Straub Matthew.Straub@associates.tsa.dhs.gov Matthew.Straub@CACI.com I N F O R M A T I O N D E P L O Y E D . S O L U T I O N S A D V A N C E D . M I S S I O N S A C C O M P L I S H E D .

  2. TSA’s WebEOC Environment ▪ 6,300+ WebEOC user accounts dispersed all across the country ▪ 82 Production boards to maintain and develop ▪ 5 separate WebEOC systems to maintain • Production – Contains real-world data and Nationwide Exercises • Training – Used for Development, BETA Testing, Training • ITE – Used for final system testing before implementing in Production • ITE Training – Used for initial system testing • Azure – Used for external system data ingestion testing (RAPID) 2 | CACI Information Solutions and Services | CACI Proprietary Information

  3. TSA WebEOC Daily Ops and Incident Management ▪ Our system primarily utilized for as a daily incident management system (Daily Ops) ▪ Most users have one or many Daily Ops positions to track and provide Situation Awareness 24x7 for daily incident operations ▪ If our users login to support large scale, multi-day events, then they use Incident Management positons which provides another suite of boards to support large activations. 3 | CACI Information Solutions and Services | CACI Proprietary Information

  4. TSA’s WebEOC Growth Over Time 4 | CACI Information Solutions and Services | CACI Proprietary Information

  5. TSA’s WebEOC Team ▪ John Bogers (System Owner) ▪ Greg Birr (IT Lead) ▪ Joan Koss (Program Analyst) ▪ CACI Development/Support Team • Doug Leech • Elyse Schaya • Luther Ramsey • Michael Hairston • Matthew Straub 5 | CACI Information Solutions and Services | CACI Proprietary Information

  6. WebEOC Administration Dilemma ▪ 6,321 users, utilizing 82 boards (246 including Training), logging into 549 positions (1,098 including Training), between two WebEOC systems ▪ Our team does not have the bandwidth to actively manage user access ▪ All user permissions in the Production system need to be replicated in the Training system ▪ No single individual can effectively know each user’s required permissions with users all across the country 6 | CACI Information Solutions and Services | CACI Proprietary Information

  7. Ideal Solution ▪ Establish points of contacts (POCs) for each Position in WebEOC in order to manage (add/remove) user permissions within WebEOC, without making POCs Partial Administrators ▪ Every permission change in Production needs to replicate to the Training environment as well ▪ All permission changes need to be permanently documented until the end of TSA’s data retention period ▪ Required Quarterly User Audits need to be easily initiated, tracked, and reported on 7 | CACI Information Solutions and Services | CACI Proprietary Information

  8. Current User Administration Board Solution ▪ Our previous solution was a Microsoft InfoPath form utilizing the WebEOC API ▪ The InfoPath form was replaced by the User Administration board to provide a more seamless user experience, provide our development team more control, and an enhanced audit trail ▪ User Administration board is broken into five key areas • Positions List • Users List • Requests List • Audits List • External Request Form 8 | CACI Information Solutions and Services | CACI Proprietary Information

  9. Positions List ▪ Lists all currently active WebEOC Positions • Categorized into Partitions and Groups for easier filtering • Contains 1-2 approving POCs • Contains 1-2 Positions (Daily Ops and Incident Management) • Parent record for subsequent Request and Audit child records • Assigned to every Position in WebEOC 9 | CACI Information Solutions and Services | CACI Proprietary Information

  10. Administrator’s View 10 | CACI Information Solutions and Services | CACI Proprietary Information

  11. POCs View ▪ Shows only Positions which the user is a POC ▪ Can view requests, add users, and audit users ▪ Cannot access any other view (Users, Requests, or Audits) ▪ Cannot edit/create Positions 11 | CACI Information Solutions and Services | CACI Proprietary Information

  12. POC User Request Review ▪ Clicking “Requests” button shows a list of all requests for the Position ▪ Previously Approved/Denied shown as read-only ▪ Pending Requests can be edited for review 12 | CACI Information Solutions and Services | CACI Proprietary Information

  13. POC User Request Approval/Denial ▪ Setting “POC Approval” to “Approved” and saving adds the user to the Position in both WebEOC and Training using the API ▪ User receives an automatic welcome email ▪ Setting “POC Approval” to “Denied” and saving sends the user a automatic denial email with the POC’s reason 13 | CACI Information Solutions and Services | CACI Proprietary Information

  14. Approval/Denial Automatic Email 14 | CACI Information Solutions and Services | CACI Proprietary Information

  15. Non-POC View ▪ Users which are not POCs of any Positions are shown no records ▪ A link is shown to the External WebEOC Access Request form 15 | CACI Information Solutions and Services | CACI Proprietary Information

  16. External User Request Form ▪ .NET Form hosted on the WebEOC server ▪ Used by non-POC users to submit requests into the User Administration board using the API ▪ Pulls Position data from WebEOC using the API 16 | CACI Information Solutions and Services | CACI Proprietary Information

  17. Notification Plugin ▪ Needed to email POC’s to review requests submitted from the External Request form ▪ Juvare created a Notification Plugin which has a Scheduled Task that runs every minute and sends emails for new requests ▪ Board field values are included if within brackets “[]” 17 | CACI Information Solutions and Services | CACI Proprietary Information

  18. Audits (Permission Removals) ▪ Lists all users which have access to the Position ▪ Shows name, last login date, and requesting Justification ▪ Loops through each user checked for removal and removes access from both WebEOC and Training ▪ If no more Positions assigned then the user is deleted 18 | CACI Information Solutions and Services | CACI Proprietary Information

  19. Mandatory Quarterly Audits ▪ Require all POC’s to complete an Audit each quarter to ensure appropriate access ▪ Can review Audit completion from colorization on the Display ▪ Remove all boards within Positions which fail to complete the Audit until POC’s comply ▪ Report is provided to leadership after the Audit which shows number of users removed and number of current users 19 | CACI Information Solutions and Services | CACI Proprietary Information

  20. Removed Users ▪ All Audited users are stored in a “Removed Users” List ▪ Shows who was removed, from what Position(s), by whom, when, and if the user account was fully deleted ▪ Useful when users claimed they recently had access, and for auditing purposes ▪ Can see this in the WebEOC Audit Log, but TSA archives the log quarterly for performance 20 | CACI Information Solutions and Services | CACI Proprietary Information

  21. Users List ▪ Lists every current non-Administrator user ▪ Only accessible by Administrators as it grants full control ▪ Able to add/remove multiple Positions simultaneously from WebEOC and Training ▪ Automatic email is sent to all Position POC’s affected 21 | CACI Information Solutions and Services | CACI Proprietary Information

  22. Ensuring Production and Training Match ▪ API calls can occasionally fail (system outages, network issues etc.) ▪ Created .NET application to compare various aspects between the Production and Training WebEOC systems ▪ Users are compared to ensure the identical access for all users 22 | CACI Information Solutions and Services | CACI Proprietary Information

  23. Error Handling ▪ External user Request Form and User Administration Board populate a User Administration error log ▪ Custom .NET application which compiles errors with the WebEOC error log to provide visualization, categorization, counts, and trends ▪ Errors are then able to be viewed to begin troubleshooting 23 | CACI Information Solutions and Services | CACI Proprietary Information

  24. Planned Future Enhancements ▪ Build Active Directory LDAP Queries to automatically populate/verify user data ▪ Make POC’s per Position a related list (currently allows 2) ▪ Allow User Requests to submit multiple requests within a single submission, instead of the current single request ▪ Convert current SOAP API call to REST to remove the need for additional server-side Web Handler files (.ashx) 24 | CACI Information Solutions and Services | CACI Proprietary Information

  25. Questions or Comments Matthew Straub Matthew.Straub@associates.tsa.dhs.gov Matthew.Straub@CACI.com

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Darren Kwong, Dan Lynch The problem and solution What can I do? The user interface

Darren Kwong, Dan Lynch The problem and solution What can I do? The user interface

Jessica Cen, Long Do, Darren Kwong, Dan Lynch The problem and solution What can I do? The user interface Summary The Problem Have to schedule meet-ups to play Insufficient equipment Not enough players No quick

296 views • 16 slides
Unified Authentication, Authorization, and User Administration An Open Source Approach Ted

Unified Authentication, Authorization, and User Administration An Open Source Approach Ted

Unified Authentication, Authorization, and User Administration An Open Source Approach Ted C. Cheng, Howard Chu, Matthew Hardin Symas Corporation Outline Evolution of Related Technologies Unified AAA Architecture Provisioning AAA

396 views • 27 slides
USER SESSION RECORDING An Open Source solution Fraser Tweedale @hackuador 2017-10-22 ABOUT ME

USER SESSION RECORDING An Open Source solution Fraser Tweedale @hackuador 2017-10-22 ABOUT ME

USER SESSION RECORDING An Open Source solution Fraser Tweedale @hackuador 2017-10-22 ABOUT ME Working at Red Hat Platform Engineering (Security) FreeIPA and Dogtag Certificate System 2 User Session Recording: An Open Source

618 views • 45 slides
A Vision for DoD Solution Architectures User executes BP DoD EA OMG Primitives BP models

A Vision for DoD Solution Architectures User executes BP DoD EA OMG Primitives BP models

A Vision for DoD Solution Architectures User executes BP DoD EA OMG Primitives BP models Conformance class uniformly 2.0 described BP executes via BEA directly Business Enterprise Acq Domain Architecture: BEA Query BEA directly :

225 views • 4 slides
Reachability Analysis For Role Based Administration of User Attributes Xin Jin, Ram Krishnan,

Reachability Analysis For Role Based Administration of User Attributes Xin Jin, Ram Krishnan,

Reachability Analysis For Role Based Administration of User Attributes Xin Jin, Ram Krishnan, Ravi Sandhu Institute of Cyber Security (ICS) University of Texas at San Antonio (UTSA) San Antonio, Texas, USA April 22, 2014 1 / 25 Content

583 views • 25 slides
Shortcoming Solution Stylize boundaries, on-hover link Lack of user-friendly interface

Shortcoming Solution Stylize boundaries, on-hover link Lack of user-friendly interface

Shortcoming Solution Stylize boundaries, on-hover link Lack of user-friendly interface highlighting No genre filter, no custom feed sort Secondary settings menu Different scales for review scores Display denominator in score Inconsistent

310 views • 7 slides
Tektronix 100GBASE-LR4 and -ER4 Test Solutions Tektronix LR4/ER4 User Solution Version 1 What are

Tektronix 100GBASE-LR4 and -ER4 Test Solutions Tektronix LR4/ER4 User Solution Version 1 What are

Tektronix 100GBASE-LR4 and -ER4 Test Solutions Tektronix LR4/ER4 User Solution Version 1 What are 100GBASE-LR4/ER4? IEEE 802.3ba workgroup 100G (4 x 25Gb/s) LAN over single-mode fiber (SMF) LR4 specifies 10km reach ER4 specifies 40km

388 views • 24 slides
System Administration HW3 Shell Script changlp Computer Center, CS, NCTU Requirements User

System Administration HW3 Shell Script changlp Computer Center, CS, NCTU Requirements User

System Administration HW3 Shell Script changlp Computer Center, CS, NCTU Requirements User socket statistic (20%) Use one-line command to show per-user socket statistic ZFS snapshot management script (20%) Script for ZFS snapshot

689 views • 17 slides
A Robust and User-friendly Machine Learning Image Segmentation Solution Presented by Mike Marsh,

A Robust and User-friendly Machine Learning Image Segmentation Solution Presented by Mike Marsh,

Segmentation Trainer A Robust and User-friendly Machine Learning Image Segmentation Solution Presented by Mike Marsh, Ph.D. Dragonfly Product Manager Thursday, March 2, 2017 10th FIB-SEM Users Group Meeting Gaithersburg, MD About ORS

1.08k views • 41 slides
A smart card based solution for user- centric identity management Jan Vossaert Researcher at

A smart card based solution for user- centric identity management Jan Vossaert Researcher at

A smart card based solution for user- centric identity management Jan Vossaert Researcher at KaHo Sint-Lieven Affiliated Researcher at KULeuven 1 Overview Introduction Approach Overview of the architecture Protocols

460 views • 21 slides
PACKAGE LEAFLET: INFORMATION FOR THE USER {INVENTED NAME} 30 mg solution for injection pre-filled

PACKAGE LEAFLET: INFORMATION FOR THE USER {INVENTED NAME} 30 mg solution for injection pre-filled

PACKAGE LEAFLET: INFORMATION FOR THE USER {INVENTED NAME} 30 mg solution for injection pre-filled syringe Deleted: , Icatibant Deleted: . Deleted: Read all of this leaflet carefully before you start using this medicine. - Keep this leaflet.

56 views • 4 slides
Solution Recording and Playback: Vortex Shedding This tutorial demonstrates how to use the

Solution Recording and Playback: Vortex Shedding This tutorial demonstrates how to use the

STAR-CCM+ User Guide 6663 Solution Recording and Playback: Vortex Shedding This tutorial demonstrates how to use the solution recording and playback module for capturing the results of transient phenomena. The particular scenario being modeled

377 views • 27 slides
Simulation-based user equilibrium: improving the fixed point solution methods Mostafa AMELI

Simulation-based user equilibrium: improving the fixed point solution methods Mostafa AMELI

The MAGnUM project Simulation-based user equilibrium: improving the fixed point solution methods Mostafa AMELI Directors of Research: Prof. Ludovic LECLERCQ (COSYS-LICIT) Prof. Jean-Patrick LEBACQUE (COSYS-GRETTIA) le Sminaire Modlisation

352 views • 20 slides
Submitted on Monday, September 9, 2019 - 11:50 Submitted by anonymous user: 96.54.220.181

Submitted on Monday, September 9, 2019 - 11:50 Submitted by anonymous user: 96.54.220.181

From: Comox Valley Regional District [ mailto:no-reply@cvrdwebsite.ca ] Sent: September 9, 2019 11:51 AM To: administration < administration@comoxvalleyrd.ca > Subject: Form submission from: Request to Appear as a Delegation Submitted on

253 views • 10 slides
Aadhaar Based Payment Services - A Simple , Secure and User friendly Mode of Payment Solution

Aadhaar Based Payment Services - A Simple , Secure and User friendly Mode of Payment Solution

Aadhaar Based Payment Services - A Simple , Secure and User friendly Mode of Payment Solution Two variants of Aadhaar based Payment Services Distribution of Electronic Benefit transfer ( crediting the bank accounts of the beneficiaries

387 views • 12 slides
Fea eature Preview: : Use ser-Prompts in DocumentsCorePack for Dynamics 365 User-Prompts:

Fea eature Preview: : Use ser-Prompts in DocumentsCorePack for Dynamics 365 User-Prompts:

Fea eature Preview: : Use ser-Prompts in DocumentsCorePack for Dynamics 365 User-Prompts: Incorporate user-input into generated documents Requirement Solution Use Cases Sol olution on Pop Popula lar Use e Ca Cases ses

313 views • 5 slides
Do informal risk-sharing groups reduce the challenge of

Do informal risk-sharing groups reduce the challenge of

Do informal risk-sharing groups reduce the challenge of providing weather indexed insurance products? Evidence from a randomized <ield experiment in

437 views • 25 slides
Presentation on ASSESSMENT OF THE COMMUNITY MANAGED PROJECTS (CMP) APPROACH IN DEVELOPING RURAL

Presentation on ASSESSMENT OF THE COMMUNITY MANAGED PROJECTS (CMP) APPROACH IN DEVELOPING RURAL

Presentation on ASSESSMENT OF THE COMMUNITY MANAGED PROJECTS (CMP) APPROACH IN DEVELOPING RURAL WATER SUPPLY SCHEMES: A case of Pawe and Mandura woredas, North Eastern part of Benishangul Gumuz Regional State By: Meron Mebrahtu Advisor: Dr.

834 views • 47 slides
Connections A Message from the Province Leader This is the fifth edition of Presentation

Connections A Message from the Province Leader This is the fifth edition of Presentation

Newslettter of the Presentation Brothers | Autumn 2016 PRESENTATION BROTHERS Connections A Message from the Province Leader This is the fifth edition of Presentation Connections: the annual newsletter of the Anglo-Irish Province of the

573 views • 6 slides
PLACES OF WORSHIP: THE CHALLENGE OF CONTINUING USE St. Werburghs Seminar Michael OBoyle

PLACES OF WORSHIP: THE CHALLENGE OF CONTINUING USE St. Werburghs Seminar Michael OBoyle

PLACES OF WORSHIP: THE CHALLENGE OF CONTINUING USE St. Werburghs Seminar Michael OBoyle B.Arch MUBC MRIAI Bluett & ODonoghue Architects The Coach House, Dublin Castle 23 rd November 2010 THE CHALLENGE OF CONTINUING USE

527 views • 27 slides
entrepreneurs: lessons from Ethiopia Francesco Strobbe December 14, 2017 Top Business

entrepreneurs: lessons from Ethiopia Francesco Strobbe December 14, 2017 Top Business

Financing growth -oriented women entrepreneurs: lessons from Ethiopia Francesco Strobbe December 14, 2017 Top Business Environment Obstacle for Firms in Ethiopia 1 Source: World Bank Enterprise Survey 2016 Challenges faced by women

384 views • 13 slides
Local Authority Pollinator Award Dearbhala Ledwidge Heritage Officer Kilkenny County Council

Local Authority Pollinator Award Dearbhala Ledwidge Heritage Officer Kilkenny County Council

Lets Get Buzzing Local Authority Pollinator Award Dearbhala Ledwidge Heritage Officer Kilkenny County Council Local Authority Heritage Officers 8 categories: National TT competition Community Involvement & Planning Built

493 views • 20 slides
DETERMINANTS OF FINANCIAL INCLUSION FOR YOUTH ENTREPRENEURSHIP: EVIDENCE FROM ADDIS ABABA CITY

DETERMINANTS OF FINANCIAL INCLUSION FOR YOUTH ENTREPRENEURSHIP: EVIDENCE FROM ADDIS ABABA CITY

CBMS PROJ ECT TITLE: DETERMINANTS OF FINANCIAL INCLUSION FOR YOUTH ENTREPRENEURSHIP: EVIDENCE FROM ADDIS ABABA CITY AND SHIRKA W EREDA DEGIFE KETEMA,ABEL TEWOLDE, EDEN G/ MIKAEL,HIWOT GIRMA,SENAYIT SEYOUM,KASS AHUN MAMO ARSI UNIVERSITY

754 views • 24 slides
Recent Trends in Public Finance: contd B: Revenue and Grant Performance In the past four

Recent Trends in Public Finance: contd B: Revenue and Grant Performance In the past four

I: Recent Trends in Public Finance: Ethiopia A: Overall situation Ethiopia has a population of over 80 million, The country is a Federal State; consisting of the Federal Government, 9 Regional Governments and 2 City Administrations,

139 views • 13 slides

More recommend