Article 81
This article is inactive.
This article has been deemed outside of scope for the debate and exists only for reference.
Management and control of access rights
1. Union space operators shall implement the management and control of access rights through identity and access management protocols.
2. The protocols referred to in paragraph 1 shall set-out the conditions and procedures for the logical and physical access rights to systems and assets, including for remote access.
3. The identity and access management protocols referred to in paragraph 1 shall:
(a) be capable of safeguarding accesses to the ground segment and to the centres for the control of the space segment;
(b) allow restriction of physical and logical access to all critical assets, critical information, critical functions, critical operations and, as appropriate, critical equipment or information identified in accordance with Article 80(2);
(c) be tailored to standard operations and to emergency situations, to enable effective and timely emergency responses upon the activation of the response and recovery plans referred to in Article 87.
4. When setting-out the conditions and procedures referred to in paragraph 2, Union space operators shall cover the issuance, the continuous management (including change, upgrade or downgrade), the revocation, termination, verification and the audit of logical and physical access rights for all authorised devices, processes, and users.
Those conditions and procedures shall be based on the principles of ‘need to know’ and ‘the least privilege’ (limitation to what is required for ensuring a legitimate and approved use or activity).
5. The identity and access rights referred to in paragraph 2 shall be revoked automatically when the authorizations of staff or devices expire or are no longer needed.
6. The identity and access management protocols referred to in paragraph 1 shall ensure adequate protection of information and assets identified in accordance with Article 80(2) from risks, including from damage, misuse or unauthorised access or usage.
Warning: Cannot modify header information - headers already sent by (output started at /var/www/html/article.php:8) in /var/www/html/script/loginauth.php on line 163