Enclaves¶
Enclaves are the objects responsible for determining access permissions for the data stored in TruSTAR. When added to an enclave, a user can be given read, create, and update permissions to that enclave.
Enclave Types¶
There are three types of enclaves. An enclave’s type is determines the permissions that users can gain to it.
Internal Enclaves¶
These are private enclaves that only one company - or, in some cases, a group of companies - can access. These companies generally have full access to these enclaves; they can assign their users read, create, and update permissions. This is the enclaves that users should submit reports to.
Open Enclaves¶
These enclaves are open to all TruSTAR users. They generally consist of data pulled from external, open source feeds. Open enclaves are read-only. Companies can subscribe to them on the Enclave Marketplace, and their users will gain read access to them. However, no users can submit reports to these enclaves.
Closed Enclaves¶
These are similar to open enclaves, except that the external source that the reports are gathered from require credentials. In order to subscribe to a closed enclave, a company must provide its own credentials to that source. Upon providing credentials, each company will be provisioned its _own_ enclave for that source; they do not share reports with other companies that have also provided credentials to that source. Closed enclaves are read-only.
Endpoints¶
Schema¶
| Field | Description |
|---|---|
| id | the ID of the enclave |
| name | the name of the enclave |
| type | the type of the enclave; one of INTERNAL, OPEN, or CLOSED |
| read | whether the requesting user has READ access |
| create | whether the requesting user has CREATE access |
| update | whether the requesting user has UPDATE access |
Sample JSON¶
{
"guid": "e27b914b-b1ee-4d25-b4b2-d50db5208b4d",
"name": "Bambenek",
"read": true,
"create": false,
"update": false,
"enclaveType": "OPEN"
}