Story User Management - COS301-SE-2025/CRISP GitHub Wiki
CRISP User Management System User Stories
Epic: Role-Based User Management for Threat Intelligence Platform
As cybersecurity professionals with different roles and responsibilities
I want a user management system that provides appropriate access and functionality based on my organizational role
So that I can effectively contribute to threat intelligence operations while maintaining security and operational boundaries.
BlueVisionAdmin User Stories
User Story 1: Cross-Organizational Platform Administration
As a BlueVisionAdmin
I want to manage the entire CRISP platform across all organizations
So that I can ensure platform stability, security, and proper operation for all participating institutions.
- I can view and manage users from all organizations in the platform
- I can create, modify, and deactivate organizations
- I can assign and modify user roles across any organization
- I can access comprehensive platform-wide audit logs and security events
- I can unlock accounts and reset passwords for any user
- I can configure global security policies and settings
- I can monitor platform performance and usage statistics
- I can force logout sessions for any user across the platform
- All my administrative actions are logged with detailed audit trails
User Story 2: System Security and Compliance Management
As a BlueVisionAdmin
I want to monitor and manage security events across the entire platform
So that I can maintain the highest security standards and ensure compliance with regulations.
- I can view real-time security alerts from all organizations
- I can investigate suspicious activities and user behaviors
- I can implement emergency security measures (mass logouts, account locks)
- I can generate compliance reports for regulatory requirements
- I can configure platform-wide security thresholds and policies
- I can access detailed forensic data for security incidents
- I can manage trusted device policies across organizations
- I can coordinate security responses with organization administrators
User Story 3: Platform Configuration and Maintenance
As a BlueVisionAdmin
I want to configure and maintain the CRISP platform infrastructure
So that all organizations have optimal performance and functionality.
- I can configure system-wide settings and parameters
- I can manage platform integrations and external services
- I can perform database maintenance and optimization tasks
- I can deploy updates and patches across the platform
- I can backup and restore platform data
- I can manage API keys and service configurations
- I can monitor system health and performance metrics
- I can troubleshoot technical issues across organizations
Publisher User Stories
User Story 4: Organization User Management
As a Publisher
I want to manage users within my organization
So that I can ensure appropriate access to threat intelligence and maintain organizational security.
- I can create new user accounts for my organization
- I can assign Viewer or Publisher roles to users in my organization
- I can view all users within my organization with their current status
- I can deactivate user accounts when personnel leave
- I can reset passwords for users in my organization
- I can unlock accounts that have been locked due to failed attempts
- I can view user activity and login history for my organization
- I cannot create BlueVisionAdmin accounts or access other organizations
- All my user management actions are logged for audit
User Story 5: Threat Intelligence Feed Management
As a Publisher
I want to manage threat intelligence feeds and sharing permissions
So that I can control what intelligence my organization shares and receives.
- I can create and publish threat intelligence feeds for my organization
- I can configure sharing permissions with trusted partner organizations
- I can manage user access to specific threat feeds within my organization
- I can set expiration dates and access controls for shared intelligence
- I can view analytics on feed usage and user engagement
- I can receive notifications when other organizations share feeds with us
- I can approve or deny feed sharing requests from external organizations
- I can track the provenance and chain of custody for threat intelligence
User Story 6: Organization Security Oversight
As a Publisher
I want to monitor and manage security for my organization
So that I can maintain appropriate security posture and respond to threats.
- I can view security events and alerts for my organization
- I can configure security policies specific to my organization
- I can review and approve high-risk user activities
- I can investigate suspicious behaviors within my organization
- I can coordinate with BlueVisionAdmins on security incidents
- I can generate security reports for organizational leadership
- I can manage trusted devices and authentication policies
- I can implement temporary security measures during incidents
Viewer User Stories
User Story 7: Secure Authentication and Profile Management
As a Viewer
I want to securely access my account and manage my profile
So that I can safely access threat intelligence while maintaining my account security.
- I can log in using my username/email and password
- I can enable two-factor authentication for enhanced security
- I can register trusted devices to reduce authentication friction
- I can change my password following security requirements
- I can update my profile information and contact details
- I can view my login history and active sessions
- I can terminate active sessions from other devices
- I receive notifications about security events on my account
- My account locks automatically after failed login attempts
User Story 8: Threat Intelligence Access and Consumption
As a Viewer
I want to access and consume threat intelligence relevant to my role
So that I can stay informed about threats and support my organization's security efforts.
- I can browse available threat intelligence feeds for my organization
- I can search and filter threat intelligence by type, severity, and date
- I can view detailed threat information including indicators and context
- I can bookmark important threats for future reference
- I can receive notifications about new high-priority threats
- I can export threat data in standard formats for analysis
- I can access threat intelligence through mobile devices
- I cannot modify or delete threat intelligence data
- My access to feeds is controlled by Publisher permissions
User Story 9: Personal Dashboard and Activity Tracking
As a Viewer
I want a personal dashboard showing my activity and relevant information
So that I can efficiently track my usage and stay updated on important developments.
- I can see a personalized dashboard with my recent activity
- I can view my threat intelligence consumption statistics
- I can see notifications about new feeds and important updates
- I can track my login history and account security status
- I can access help documentation and user guides
- I can provide feedback about platform functionality
- I can see announcements from my organization's Publishers
- I can view my current permissions and access levels
- Dashboard loads quickly and works on mobile devices