Ctrlk

UBI Network
Glossary
Sources and References
Network Participants Guide
Toasters Docs

Powered by GitBook

On this page

5.1.1: Authentication and Authorization:
5.1.2: Data Encryption:
5.1.3: Vulnerability Management:

UBI Network
Business Requirement Document
5. Non-Functional Requirements

5.1. Security

5.1.1: Authentication and Authorization:

All user sessions must be managed with a secure token (e.g., JWT).
Role-Based Access Control (RBAC) must be strictly enforced. A Beneficiary user must not be able to access Provider features, and vice versa.

5.1.2: Data Encryption:

All sensitive data, including PII, must be encrypted at rest in the database.
The system must use HTTPS/SSL for all data in transit.

5.1.3: Vulnerability Management:

The codebase must undergo regular security scans to identify and fix vulnerabilities.
Dependencies must be regularly updated to patch security flaws.

Previous5. Non-Functional Requirements Next5.2. Usability and User Experience (UX)

Last updated 16 days ago