A-090 - Credentials & Secrets
Purpose
Provide authentication material required to access systems and services within the lab.
Asset Type
- Information
Description
- SSH keys, passwords, API tokens and service credentials
- Used across infrastructure, platforms and administrative access
- Stored locally or within service configurations
Criticality
- Critical
Sensitivity
- Highly Sensitive
Exposure Level
- Internal
Trust Zone
- Hybrid
Dependencies
- Administrative Access (A-001)
- Identity systems (planned)
Relationships
- Used by Gitea, VPS access, administrative operations
- Present across multiple systems and configurations
Security Position (Architecture Context)
- Central to authentication and privilege control
- Compromise enables lateral movement and escalation
- Often targeted through indirect attacks (phishing, leaks, misconfigurations)
Existing Protective Measures
- SSH key-based authentication
- Root login disabled
- Limited access distribution
Owner / Responsibility
- Security Role (Sec)
Notes
- No centralized secrets management yet
- Potential exposure via configuration files or repositories