There are four operator roles established (petitioner, approver, certificate generator and manager), one service coordinator (service manager) and three associated figures (physical security manager, logical security manager and archivist). The function performed by each of the roles is explained below:
– Petitioner: person in charge of entering the certificate request data in the certificate request application. It must be taken into account that when a request enters through the EACAT this role disappears and remains for extraordinary cases (new entities or entities not registered in the EACAT or technical problems that prevent use of the platform.)
– Approver: person responsible for reviewing the data of the requests entered by the petitioner and approving (validating) or denying (returning to the petitioner) the request accordingly. In the case of petitions introduced by the EACAT, it will not be a review task of the petitioner's work, which does not exist, but if it will be necessary to verify that there are no obvious errors, evidence from the entities requesting certificates , etc.
– Generator: person in charge of generating the certificates once the requests have been approved
– Certificate manager: person in charge of enabling and revoking digital certificates during their life cycle (suspension is only by telephone). It must be taken into account that, when a request enters through the EACAT, this role disappears and remains for emergency cases (in which it is not possible to use the EACAT).
- Responsible for the service: the responsible for the service is responsible for the coordination and proper functioning of the Registration Entity, in the event that requests arrive in paper or signed PDF, receives the documentation, validates the identity and authority of the applicant bidder, verifies the documentation, notifies the subscriber of the start of processing, opens the files, files the documentation and notifies the petitioner of the start of the process. In addition, it acts as a link between the organization and CATCert.
– Physical security manager: the functions of the physical security manager consist of coordinating, controlling and reviewing the set of measures contained in the security policy and security rules and procedures related to physical aspects. In other words, everything that refers to the control of access to the operating room, the detection and extinguishing of fires, the protection of information and material at a physical level, etc. This role is included in the head of the Registration Entity T-CAT.
– Logical security manager: the functions of the logical security manager consist of coordinating, controlling and reviewing the set of measures contained in the security policy and security rules and procedures related to the logical aspects of the Registration Entity. That is, everything that refers to computer security (network access control, software installation policies, equipment configuration, etc.). This role is included in the Manager of the Registration Entity T-CAT.
- Archivist: the archivist or the person designated by him will be responsible for organizing, classifying, describing and ensuring the safeguarding of the documentation that is generated as a result of the issuance and management of the certificates in accordance with the management system documentary of his organization, or in his absence, according to the guidelines established by the CATCert archivist. This role is included in the Manager of the Registration Entity T-CAT.