Skip to content

Security Strategy

Kade Keating edited this page Mar 8, 2025 · 8 revisions

Authentication & Authorization

Our stakeholder does not require authentication/authorization, our application will be available to all users.

CRIMSystemRequirements_Login

Data Protection & Privacy

Our stakeholder does not require data privacy.

CRIMSystemRequirements_Security

Threat Model & Risk Assessment

Although the system does not manage user authentication or sensitive data, the following risks have been considered:

  • Stale/Corrupt Cached Data:
    • If cached data becomes outdated or corrupted, users might see incorrect wildfire data
    • Mitigation: Implement cache expiration rules and validation timestamps
  • Local Data Exposure:
    • Cached data stored on a user's device could be accessed by other apps or attackers
    • Mitigation: Store data in a secure location

Code & Dependency Security

Regular security audits will be conducted on third-party dependencies (ex.GitHub Dependabot)

Compliance & Regulatory Considerations

As the application does not process personal data, the GDPR(General Data Protection Regulation) compliance is not required

System Requirements Document - Wildfire Visualization Platform.docx.pdf

Clone this wiki locally