Security Roles and Personnel Control

ActivID CMS roles and other subsystem operating roles should only be assigned to authenticated personnel. A priority and necessary role is that of the local ActivID CMS Security Officer (SO). The SO role in ActivID CMS is in charge of monitoring the application of security policies and procedures by local personnel and by the hardware at the operating site.

Specifically, the ActivID CMS SO role must supervise and manage control so that role separation is maintained and that the access privileges are not abused or misused. When a deployment spans over multiple operating sites, this then requires that there be multiple ActivID CMS SOs to supervise, monitor, and maintain security policies. The ActivID CMS SO should obtain and maintain records with the role assignments and their revocations.