Test Case Title |
TC10.7 - Table with coverage of HTTPS, LDAP, SSO/tokenbased or Keys Based |
Goal |
Using different level of security. The Snap4City Tool can integrate with existing tools for authentication Advanced Smart City API and tools can be accessed You can connect with multiple tools Snap4City solution support privacy by design |
Prerequisites |
Using a PC or Mobile with a web browser. |
Expected successful result |
Verification of the adoption of HTTPS, LDAP and OAuth. |
Steps |
Issue 1: The prototype implements different levels of security and ensures that authentication, authorisation, and accounting is implemented through the platform
The most relevant tools and API are covered by LDAP and HTTPS as reported in the following table.
Area and major tool/modules |
Roles (LDAP or keys) |
SSO KeyCloak or Keys |
WEB HTTPS |
API HTTPS |
Snap4City Portal |
YES |
YES |
YES |
-- |
Dashboard Builder |
YES |
YES |
YES |
YES |
YES |
YES |
YES |
YES |
|
YES |
YES |
YES |
YES |
|
YES |
YES |
YES |
YES |
|
YES |
YES |
YES |
YES |
|
IOT brokers toward IOT APP with proxy |
YES |
YES |
YES |
YES |
IOT devices toward IOT Broker |
YES | YES |
YES |
YES |
YES |
YES |
YES |
YES |
|
YES |
YES |
YES |
YES |
|
YES |
YES |
YES |
-- |
|
YES |
YES |
YES |
-- |
|
YES |
YES |
YES |
-- |
|
YES |
YES |
YES |
YES |
|
Auditing |
YES |
YES |
YES |
YES |
Data Mapping |
YES |
YES |
YES |
YES |
Monitoring Containers |
None |
Separate for security |
YES |
YES |
Monitoring Cluster of Container |
None |
Separate for security |
YES |
YES |
None |
None |
YES |
YES |
|
Third party |
None |
YES |
-- |
|
None |
None |
YES |
YES |
|
None |
None |
YES |
YES |
|
None |
None |
YES |
-- |
|
FLINT, SPARQL |
None |
None |
YES |
-- |
None |
Separate for security |
YES |
YES |
|
Development Environment, ETL via VNC |
None |
Separate for security |
YES |
YES |
Issue 2: The Snap4City Tool can integrate with existing tools for authentication
The LDAP server has been set up. Presently the tools supporting LDAP are:
- Web portal: Https://www.snap4city.org
Issue 3: Advanced Smart City API and tools can be accessed via OAuth
See the mobile app “Firenze dove cosa”, “ Toscana dove cosa”, "Helsinki in a Snap", Antwerp in a Snap", "Toscana in a Snap".
Also see the Snap4city Portal Https://www.snap4city.org . On the portal, it is possible to perform a registration by means of Oauth with G+, Facebook and Twitter, starting in HTTP (for the moment). Once the registration is performed from the city users side, it has to be approved by the administrator.
Issue 4: Snap4City solution supports privacy by design
Snap4City solution and the organization proposed is conformant to privacy and ethics issues by design and to GDPR.
The platform is implementing privacy rules as stated by the European Union; The platform requires signed consent by the relevant parties covering its intended use, in other cases the informed consent would be enough; Personal data are protected (by encryption, and multiple hashing) into the store on cloud; The solution prefers to use non personal data or anonymized data; when personal information needs to be shown to others, the users is informed and authorisation obtained; When personal information is stored the users is capable to audit the access to its own data;