Role Based Access Control

In the Social Registry, user management is typically handled through an administrative interface that allows administrators to create, modify, and deactivate user accounts. The specific process may vary depending on the system's design and configuration, but generally, the following process are involved:

  1. User Creation: Administrators can create new user accounts by entering basic information such as username, password, and email address. They may also assign roles and permissions to the new user.

  2. Role Assignment: Users are assigned roles based on their responsibilities within the system. Roles determine the permissions and access rights that users have within the system.

  3. User Activation and Deactivation: Administrators can activate or deactivate user accounts as needed. Deactivating an account prevents the user from accessing the system, while activating an account restores access.

  4. Audit Logs: The system may keep audit logs of user activity, recording actions such as login attempts, changes to user accounts, and access to sensitive data. Audit logs help administrators monitor user activity and identify potential security issues

User Roles

The following lists the different users in the Social Registry module along with their roles and responsibilities.

User RoleRole and Responsibility

Super Administrator

Role

The Super Administrator has the highest level of administrative access.

Responsibility

Total command of the system such as

  • able to configure every option.

  • possesses access to all data, features, and functionalities in the system.

  • able to manage additional administrators and users.

System Administrator

Role

The System Administrator manages the technical and operational aspects of the system.

Responsibility

  • Ensures the system is running smoothly.

  • Creates users, assigns and revokes privileges.

  • Handles technical issues and user support.

  • May share some responsibilities with the Super Administrator but typically focus on the technical side.

  • Manages system updates and maintenance.

Crypto Administrator

Role

The Crypto Administrator plays a crucial role in the system's security module.

Responsibility

  • Manages and secures cryptographic keys.

  • Oversees encryption practices to ensure data security.

  • Ensures data integrity and protection against unauthorised access.

  • Maintains the confidentiality, availability, and integrity of sensitive information.

  • Can decrypt and view individual encrypted records or PII information.

  • Normally, this role is linked to other important roles.

Registrar

Role

The Registrar manages the registration process of individuals in the Social Registry module.

Responsibility

  • Oversees the enrollment of new individuals.

  • Ensures that registration data is accurate and complete.

  • May validate and approve registration applications.

Data Administrator

Role

The Data Administrator manages the data in the Social Registry module.

Responsibility

  • Ensures data integrity and security.

  • Performs data updates and maintenance.

  • Manages data import and export processes.

  • Can create and manage data backups.

Data Validator

Role

The Data Validator ensures the accuracy and validity of the data collected.

Responsibility

  • Reviews and verifies the data entries for accuracy and completeness.

  • Identifies and corrects the errors or inconsistencies in the data.

  • Works closely with Data Administrators to maintain data quality.

  • Raises data correction requirements for Data Collectors or Data Administrators

Data Collector (Registration portal user)

Role

The Data Collector collects data through the registration portal.

Responsibility

  • Uses the online registration portal to collect and input data.

  • Ensures data is accurately entered into the system.

  • May assist individuals with the registration process through the portal.

Data Enumerator (Same as Data collector but offline)

Role

The Data Enumerator collects data offline, often in the field.

Responsibility

  • Conducts surveys and gathers data from individuals or households.

  • Typically makes use of the tools like ODK or Kobo.

  • Records data manually or using offline tools.

  • Submits collected data to the Data Administrator for integration into the system.

Data Collection Supervisor

Role

The Data Collection Supervisor oversees and manages the Registration Portal's data collection team to ensure accurate and effective data gathering.

Responsibility

  • Supervises Data Collectors using the registration portal.

  • Coordinates data collection activities within the portal to ensure efficiency.

  • Monitors the quality of data being entered into the Registration Portal.

Custom configuration for user roles

User RoleAddEditApproveEdit count before lockRequest for editEdit request approverApprove edit requestsRequest for correctionCorrection requested to

Super Administrator

Yes

Yes

Yes

-1

NA

NA

Yes

No

NA

System Administrator

No

No

No

NA

NA

NA

No

No

NA

Crypto Administrator

No

No

No

NA

NA

NA

No

No

NA

Registrar

Yes

Yes

Yes

-1

NA

NA

Yes

No

NA

Data Administrator

Yes

Yes

No

2

Yes

Super/System Administrator

Yes

No

NA

Data Validator

No

No

Yes

NA

No

NA

No

Yes

Data Collector

Data Enumerator

Yes

No

No

1

Yes

Data Administrator /Registrar

No

No

NA

Data Collector

Yes

Yes

No

1

Yes

Data Administrator /Registrar

No

No

NA

Data Collection Supervisor

Yes

Yes

No

1

Yes

Data Administrator /Registrar

No

Yes

Data Collector

Notes:

Edit count before lockDescription

-1

The user is free to edit the data without any limitations.

1

The user is allowed to make changes to the data only once.

2

The user is allowed to make changes to the data two times.

Last updated

Logo

Copyright © 2024 OpenG2P. This work is licensed under Creative Commons Attribution International LicenseCC-BY-4.0 unless otherwise noted.