User Management System
The INTERSECT federated ecosystem has persons interactining with it in different User Roles. It also has systems, subsystems, and services acting on behalf of persons in their User Roles. The User Management System (UMS) is responsible for managing all aspects of such users, including delegations of user responsibilities to systems, subsystems, and services. The UMS has the following services and microservice capabilities (mapping the System-of-Systems Architecture to the Microservices Architecture):
User Accounts Administration Service
User Accounts Administration Capability: Create, read, update, and delete user accounts
User Authorization Administration Capability: Read and update user authorizations
User Registration Service
User Registration Capability: Request user account creation
User Profile Service
User Profile Capability: Read and update user account profile information
User Projects Service
User Projects Capability: Create, read, update, and delete user project information
User Authentication Service
User Authentication Capability: Authenticate a user
User Authorization Service
User Authorization Capability: Verify a user’s authorization
Minimum requrement
At minimum, there must be one and only one UMS in an INTERSECT federated ecosystem, as the UMS spans over the infrastructure systems within the same INTERSECT federated ecosystem. Individual services of the UMS may be distributed across infrastructure systems as needed, where some services may only exist once.
At minimum, the UMS reflects and enforces the defined User Roles of the User View.
Optional requrement
Optionally, multiple INTERSECT federated ecosystems may exist that operate either completely indepenently from each other or collaborate with each other, but each INTERSECT federated ecosystem has only one (its own) UMS.
Optionally, the UMS may additionally support user roles for external resources and services through the use of Adapters for External Resources and Services.