Information Input Validation
All 18F DevOps user input happens at the BOSH command line interface (CLI) which requires specific syntax and parameters to be used in order to execute job functions. Rules for checking the valid syntax of information system inputs (e.g., character set, length, numerical range, acceptable values) are in place to verify that inputs match specified definitions for format and content. Inputs passed to interpreters are prescreened to prevent the content from being unintentionally interpreted as commands. The extent to which the information system is able to check the accuracy, completeness, validity, and authenticity of information is guided by organizational policy and operational requirements. The data inputs as part of the Cloud Foundry are validated in several ways. The validation is a series of steps put in place to ensure consistent data and to protect the system from corruption, either malicious or accidental. The data validation takes place in the same mechanism either through the web user interface (where data validation errors are shown to the authenticated user to correct) or programmatically through web service APIs. (where error messages are returned showing where data is rejected).
The UAA uses a Restful API with set endpoint and parameters. Users depending on thier authorized access can only make request to specific endpoint that activate specific functions that take a limited and defined set of parameters.
System and Information Integrity Policy for 18F
cloud.gov system monitors the integrity of system inputs using Tripwire.
User Account and Authentication (UAA) Server
The UAA uses an api with set endpoint and parameters. Users depending on thier authorized access can only make request to specific endpoint that activate specific functions that take a limited and defined set of parameters.