Cyborg ERP – Control Centre Client Roles-Based Access Control (RBAC) Framework

Secure, Transparent Access for Every Stakeholder

The Cyborg Control Centre powers a clear, tiered Roles-Based Access Control (RBAC) Framework across Cyborg ERP. Designed to align with NEP-2020, ISO 27001, and NIST practices, it keeps academic and administrative operations secure, auditable, and easy to govern.

Objective

Establish a structured, tier-based policy for user authorisation and access privileges—covering admins, faculty, students, and parents—so data stays confidential, actions are accountable, and governance is visible through Cyborg Control Centre (CCC).

Access Control Principles

Role-based access: Privileges mapped strictly to institutional designation.
Least privilege: Minimum rights required to perform the job.
Segregation of duties: Separate academic, financial, and admin powers to prevent misuse.
Dual approvals: Sensitive actions require two-layer authorisation.
Data access tagging: Every record is tagged (Institute → Department → Program → Role) for traceability.

Authentication & Security Controls

MFA : for admin and academic roles
SSO : with Azure AD / Google Workspace / University LDAP
Dynamic IP restriction : for campus/remote policies
Role-scoped API tokens : (JWT/OIDC with claims)
Encryption : AES-256 at rest; TLS 1.3 in transit
Comprehensive audit trails : for all user actions

Reporting & Compliance

Daily : Login & access logs → Generated by: System Admin → Reviewed by: CCC Security Officer
Weekly : Ticket / workflow status → Generated by: ERP Head → Reviewed by: CCC Ops Manager
Monthly : Role change & privilege report → Generated by: Security Officer → Reviewed by: CCC Command Head
Quarterly : User audit & compliance → Generated by: CCC Team → Reviewed by: Director / Management

Key Outcomes

Transparent, multi-level accountability
Audit-ready governance (ISO-27001 / NEP-2020 aligned)
Secure, traceable data access across modules
Simplified role provisioning and ongoing monitoring
Real-time oversight through the Cyborg Control Centre (CCC)

Control Centre — Roles-Based Access Control (RBAC) Framework

Empower your institution with secure, transparent, and policy-driven governance through the Cyborg Control Centre . Manage authorizations, approvals, and audit trails seamlessly — ensuring every action is accountable and every user has the right access.

📚 FREQUENTLY ASKED QUESTIONS (FAQS)

Q1. What does CCC control inside Cyborg ERP?

Ans: CCC governs who can access what across all modules using a tiered RBAC (Roles-Based Access Control) model — ensuring each stakeholder only sees and performs actions allowed by their role.

Q2. Can we customise roles and permissions?

Ans: Yes. Roles, scopes, and approval chains are fully configurable per campus, college, department, or program — while retaining complete auditability and control.

Q3. How is login/security handled?

Ans: CCC supports MFA, SSO (Azure AD / Google Workspace / University LDAP), dynamic IP policies, and role-scoped API tokens (JWT/OIDC) for secure authentication.

Q4. How is data protected and traced?

Ans: All data is encrypted using AES-256 at rest and TLS 1.3 in transit, and each record is tagged by Institute → Department → Program → Role for traceability. Every action is captured in audit trails.

Q5. Do sensitive actions need two approvals?

Ans: Yes. Dual-approval (maker–checker) can be enforced for high-risk operations such as role elevation, bulk updates, or financial/admin changes.

Q6. What compliance reporting is available?

Ans: Scheduled reviews include Daily login/access logs, Weekly workflow status, Monthly role/privilege changes, and Quarterly user audits — aligned with NEP-2020 and ISO 27001 standards.

Cyborg ERP – Control Centre Client Roles-Based Access Control (RBAC) Framework