|
|
The following use cases were recorded by the Data Security, Entitlements and Obligations Sub-com and have been used to define user, data and agreement attributes that will be needed.
|
|
|
|
|
|
| Use case | User attributes | Data attributes | Agreement attributes | Proposed Rule Prefix | Rule | Comments |
|
|
|
|-----------------------------------|------------------------------|---------------------------------------------------|-----------------------------------------------------------|----------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
|
|
|
| Economic sanctions | PermanentLocationNationality | ResourceLocaleID | | Esanctions | Data Attribute = "Restricted" AND/OR "Export AuthorizationRequirements"THEN Rule: Esanction[Origin Country, Target Country]PULL Data Attribute(ResourceLocaleID) OPEN Table: (EsantionCountry:list) PULL "COUNTRY"IF User Attribute:(Nationality) AND (Permanent Location) = list THEN "OK" ELSE "ACCESS DENIED" | TABLE: EcoSanctionOrigin Country, Target Country, Santion Description |
|
|
|
| State secrets | PermanentLocation | ResourceLocaleID | | StSecrets | Data Attribute = "Restricted" AND/OR "Export AuthorizationRequirements" THEN Rule: StSecret[Country]PULL Data Attribute(ResourceLocaleID) OPEN Table: (StSecret_Country:list) IF User Attribute:(Permanent Location) = list THEN "OK" ELSE "ACCESS DENIED" | TABLE: StSecretTarget Country, Description of secret requirement |
|
|
|
| Export restrictions | PermanentLocation | ResourceLocaleIDExportAuthorizationRequirements | | ExpRestrict | Data Attribute = "Export AuthorizationRequirements" THEN Rule: ExpRestrict[Country]PULL Data Attribute(ResourceLocaleID) OPEN Table: (ExpRestrict_Country:list) IF User Attribute:(Permanent Location) = "Country" THEN "OK" ELSE "ACCESS DENIED" | TABLE: ExpRestrictTarget Country, Description of export requirement |
|
|
|
| PSC (Production Sharing Contract) | | ResourceSecurityClassificationTermsOrigin of data | AgreementExternalIDStartDateEndDate | PSC | Data Attribute("Terms") = ("PSC") THEN Rule: Terms[Production Sharing Contract] OPEN Table: (Terms_Type:PSC, JOA, Other? / Job Role / Start Date / End Date) IF User Attribute:(Job Role) = Job Role, AND 'Current DATE'>'Terms(Start Date) AND <Terms(End Date) THEN Access "OK" ELSE "Access Denied" | TABLE: Terms_Production Sharing ContractTarget Country, Description of terms requirement, Start Date, End DateNOTE: This table is likely to be unique for each BigOil company |
|
|
|
| JOA (Joint Operating Agreement) | | ResourceSecurityClassificationTermsOrigin of data | AgreementExternalIDStartDateEndDate | JOA | Data Attribute("Terms") = ("JOA") THEN Rule: Terms[Joint Operating Agreement]IF User Attribute:(Job Role) = Job Role, AND 'Current DATE'>'Terms(Start Date) AND <Terms(End Date) THEN Access "OK" ELSE "Access Denied" | TABLE: Terms_Joint Operating AgreementTarget Country, Description of terms requirement, Start Date, End DateNOTE: This table is likely to be unique for each BigOil company |
|
|
|
| Data subscription | | ResourceSecurityClassificationOrigin of data | AgreementExternalIDStartDateEndDate | DataSub | Data Attribute("Terms") = ("Subscription)THEN Rule: Terms[Data Subscription]IF User Attribute:(Job Role) = Job Role, AND 'Current DATE'>'Terms(Start Date) AND <Terms(End Date) THEN Access "OK" ELSE "Access Denied" | TABLE: Data SubscriptionTarget Country, Description of terms requirement, Start Date, End DateNOTE: This table is likely to be unique for each BigOil company |
|
|
|
| Data purchase | | ResourceSecurityClassificationOrigin of data | AgreementExternalIDCounterparties | DataPurch | | |
|
|
|
| Multi-client data | | ResourceSecurityClassificationOrigin of data | AgreementExternalIDEndDate | MCData | | |
|
|
|
| Data exchange | | ResourceSecurityClassificationOrigin of data | AgreementExternalID | DataEx | | |
|
|
|
| Data room | | ResourceSecurityClassificationOrigin of data | AgreementExternalIDRestriction expirationStartDateEndDate | Droom | Data Attribute("ResourceSecurityClassification") >= 1THEN Rule: DataRule[Security Classification]IF "Security Classification" > 0 THEN OPEN Table(DataSecurityClassification) | TABLE: Data Security ClassificationOne time setup, unique per Company0= Authenticated User1=Authenitcated User + Access Control (Group, Perm)2 = Authenticated User + Access Control (specific use)3 =Authenticated User + Access Control + 2FA + Encryption (unique, Company managed key) | |
|
|
\ No newline at end of file |