filtered view of interface on distribution level - prevent information leakage

[cvandeplas]

This feature request is to ask for a kind of a "filtered view" allowing the user to choose a more restrictive view of the data he sees. The reasoning is that you might be using your own account to do presentations to a group of people. However this group of people should not be able to see everything that you can normally see as this would violate the distribution of the data.

Today the only way to do this is to create a special account member of a special organisation that's member of a number of sharing groups. This is not very practical and does not work for sharing groups which you do not control.

Example to make this accessible:

• in the user-profile allow the user to create virtual-views. A virtual view is a view where the user chooses which distribution/sharing-group should be visible.
• put a combo-box in the top black bar listing all the pre-configured virtual views..
• the user can select any of these options
• the MISP interface will then store this level as "permission level" when showing all the data.

Example:

• User John, of org JohnCorp is member of 2 sharing groups JohnCorp Customers, JohnCorp Industry Partners and HYDROGEN-ISAC.
• logged in he can see data of all these sharing groups, plus my org only
• he creates a new view called Presenting for Customers. For this view he checks the boxes to allow visibility of JohnCorp Customers and JohnCorp Industry Partners, This Community, Connected communities and All communities. He does NOT check the boxes for My org only, nor the secret HYDROGEN-ISAC, as his customers should not see this data.
• John goes to his customer, logs in on his MISP, and enables the filter Presenting for Customers.
• He then starts his demo and presentation knowing that he will not leak out data.

[iglocska]

Ha, that's a cool idea.

On Thu, Feb 28, 2019 at 10:48 AM Christophe Vandeplas < notifications@github.com> wrote:

This feature request is to ask for a kind of a "filtered view" allowing the user to choose a more restrictive view of the data he sees. The reasoning is that you might be using your own account to do presentations to a group of people. However this group of people should not be able to see everything that you can normally see as this would violate the distribution of the data.

Today the only way to do this is to create a special account member of a special organisation that's member of a number of sharing groups. This is not very practical and does not work for sharing groups which you do not control.

Example to make this accessible:

• in the user-profile allow the user to create virtual-views. A virtual view is a view where the user chooses which distribution/sharing-group should be visible.
• put a combo-box in the top black bar listing all the pre-configured virtual views..
• the user can select any of these options
• the MISP interface will then store this level as "permission level" when showing all the data.

[image: image] https://user-images.githubusercontent.com/1073662/53557402-1d7d2100-3b46-11e9-8f90-85cff3b772a4.png

Example:

• User John, of org JohnCorp is member of 2 sharing groups JohnCorp Customers, JohnCorp Industry Partners and HYDROGEN-ISAC.
• logged in he can see data of all these sharing groups, plus my org only
• he creates a new view called Presenting for Customers. For this view he checks the boxes to allow visibility of JohnCorp Customers and JohnCorp Industry Partners, This Community, Connected communities and All communities. He does NOT check the boxes for My org only, nor the secret HYDROGEN-ISAC, as his customers should not see this data.
• John goes to his customer, logs in on his MISP, and enables the filter Presenting for Customers.
• He then starts his demo and presentation knowing that he will not leak out data.

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/MISP/MISP/issues/4240, or mute the thread https://github.com/notifications/unsubscribe-auth/ADf6wKT_byWyw09t5QNDHDetV_W1TdMsks5vR6X1gaJpZM4bWaBC .