Functional Requirements for Access Control in Internal Software of IT Application Investment Projects Using State Budget Funds

Requirements for Access Control Functionality in Internal Software of IT Application Investment Projects using State Budget Funds

Based on Subsection 4, Section II, Basic Safety Requirements for Internal Software issued with Decision 742/QD-BTTTT of 2022, the requirements for the Access Control functionality are stipulated as follows:

4.1. The Access Control functionality for Internal Software includes:

a) Functionality allowing the setting of a timeout limit;

b) Functionality allowing the restriction of the administrative network addresses permitted to access and manage the Software remotely;

c) Functionality allowing the assignment and minimum permissions for access, management, and use of the Software's different resources for users/groups of users with different roles and business requirements;

d) Functionality allowing the setting of minimum rights (access, management) for application administrative accounts according to their authority;

e) Functionality allowing the alteration and separation of the application management port from the application service provision port;

f) Functionality allowing the temporary locking of application management outside of working hours.

4.2. Specific requirements for each Access Control functionality mentioned above, when the Software is deployed on the information system according to each level, are referenced in detail in Section 2, the attached Appendix.

Requirements for System Log Functionality in Internal Software of IT Application Investment Projects using State Budget Funds

According to Subsection 5, Section II, Basic Safety Requirements for Internal Software issued with Decision 742/QD-BTTTT of 2022, the requirements for the System Log functionality are stipulated as follows:

5.1. The System Log functionality for Internal Software includes:

a) Functionality allowing the recording of system logs including information on:

i. Time of log creation;

ii. Log categorization;

iii. Operation/error description;

iv. Performer of the operation/error generator;

v. Importance level.

b) Functionality allowing the management and storage of system logs on a central management system;

c) Functionality allowing the permission-based access and management of system log data for accounts with different administrative functions.

5.2. Specific requirements for each System Log functionality mentioned above, when the Software is deployed on the information system according to each level, are referenced in detail in Section 3, the attached Appendix.

Respectfully!