{ "schema": "https://saferpage.de/schemas/trust-access-request-queue.v1", "generated_at": "2026-06-09T04:53:19+00:00", "domain": "aboshop.harzkurier.de", "available": true, "scan": { "id": "1fd02773-9c10-4cc9-93ab-dcda6d904ebd", "checked_at": "2026-06-08 22:47:28.90887+02" }, "status": "review_required", "summary": "Access-Request-Queue für aboshop.harzkurier.de: 4 Vorlage(n), 2 manuelle Review(s), 2 NDA-pflichtig, 4 gated Ressourcen angefragt.", "metrics": { "request_count": 4, "pending_count": 2, "nda_required_count": 2, "high_risk_count": 2, "gated_requested_count": 4, "resource_count": 6, "security_score": 46, "vendor_count": 1, "checked_page_count": 8 }, "resources": [ { "id": "PUB-01", "title": "Kurzreport", "access_level": "public", "url": "https://saferpage.de/aboshop.harzkurier.de" }, { "id": "PUB-04", "title": "Audit-Response Export", "access_level": "sanitized", "url": "https://saferpage.de/audit-response/aboshop.harzkurier.de/export" }, { "id": "PUB-05", "title": "Anbieter-Offenlegung", "access_level": "sanitized", "url": "https://saferpage.de/anbieter/aboshop.harzkurier.de/offenlegung-json" }, { "id": "GATED-01", "title": "ZIP-Nachweispaket", "access_level": "gated", "url": "https://saferpage.de/api/report/export?id=1fd02773-9c10-4cc9-93ab-dcda6d904ebd&format=zip" }, { "id": "GATED-02", "title": "Excel-Audit-Tabellen", "access_level": "gated", "url": "https://saferpage.de/api/report/export?id=1fd02773-9c10-4cc9-93ab-dcda6d904ebd&format=xlsx" }, { "id": "GATED-04", "title": "Vertrags- und TOM-Unterlagen", "access_level": "operator_only", "url": "" } ], "requests": [ { "id": "REQ-001", "requester_type": "Kunde/Einkauf", "company_domain": "kunde-beispiel.de", "status": "pending_manual_review", "requested_resource_ids": [ "PUB-04", "PUB-05", "GATED-01" ], "requires_nda": true, "expiry_days": 30, "approver": "Compliance/Legal", "decision_hint": "Freigeben, wenn legitimer Kundenzweck, NDA und Ressourcenscope bestätigt sind.", "risk": "medium", "allowed_actions": [ "approve_with_nda", "approve_without_nda", "deny", "request_more_context", "revoke", "delete_viewer_data" ] }, { "id": "REQ-002", "requester_type": "Auditor/Prüfer", "company_domain": "audit-beispiel.de", "status": "pending_dsb_review", "requested_resource_ids": [ "GATED-01", "GATED-02", "GATED-04" ], "requires_nda": true, "expiry_days": 14, "approver": "DSB/IT/Security", "decision_hint": "Nur mit Scope, Zweckbindung und Betreiberfreigabe; Vertrags-/TOM-Unterlagen nie automatisch senden.", "risk": "high", "allowed_actions": [ "approve_with_nda", "approve_without_nda", "deny", "request_more_context", "revoke", "delete_viewer_data" ] }, { "id": "REQ-003", "requester_type": "Besucher", "company_domain": "public", "status": "auto_public", "requested_resource_ids": [ "PUB-01" ], "requires_nda": false, "expiry_days": 0, "approver": "nicht nötig", "decision_hint": "Öffentliche Links bleiben ohne private Dokumente abrufbar.", "risk": "low", "allowed_actions": [ "approve_with_nda", "approve_without_nda", "deny", "request_more_context", "revoke", "delete_viewer_data" ] }, { "id": "REQ-004", "requester_type": "Viewer-Löschung", "company_domain": "viewer-beispiel.de", "status": "revoke_and_deidentify_required", "requested_resource_ids": [], "requires_nda": false, "expiry_days": 0, "approver": "Datenschutz/Support", "decision_hint": "Zugriff widerrufen, Viewer-Datensatz de-identifizieren, Downloadlinks auslaufen lassen.", "risk": "high", "allowed_actions": [ "approve_with_nda", "approve_without_nda", "deny", "request_more_context", "revoke", "delete_viewer_data" ] } ], "approval_policy": [ { "id": "identity", "rule": "Requester-Domain, Unternehmen, Zweck und berechtigte Rolle prüfen.", "owner": "Compliance" }, { "id": "nda", "rule": "Gated Ressourcen nur nach NDA oder gleichwertiger Vertraulichkeitsbindung freigeben.", "owner": "Legal" }, { "id": "scope", "rule": "Nur konkret angefragte Ressourcen und nie pauschal alle Nachweise freigeben.", "owner": "Compliance/IT" }, { "id": "expiration", "rule": "Ablaufdatum je Freigabe setzen und Downloadlinks danach widerrufen.", "owner": "Platform/IT" }, { "id": "revocation", "rule": "Deny, Revoke und Viewer-Löschung mit Auditlog und De-Identifizierung unterstützen.", "owner": "Datenschutz" }, { "id": "auto_approval", "rule": "Auto-Approval nur für erlaubte Kundendomains, CRM-Status und Public/Sanitized-Ressourcen.", "owner": "Sales/Compliance" } ], "notification_payloads": [ { "target": "Slack/Teams", "event": "trust_access.requested", "fields": [ "request_id", "company_domain", "resource_ids", "nda_required", "risk", "approve_url", "deny_url" ] }, { "target": "Webhook/Jira", "event": "trust_access.approved", "fields": [ "request_id", "resource_ids", "expires_at", "approver", "scan_id" ] }, { "target": "Audit Log", "event": "trust_access.viewer_deleted", "fields": [ "request_id", "viewer_domain", "deleted_at", "deidentified_fields" ] } ], "decision_contract": { "approve": { "required_fields": [ "request_id", "approver", "resource_ids", "expires_at", "nda_required" ], "effect": "dry_run_only" }, "deny": { "required_fields": [ "request_id", "approver", "reason" ], "effect": "dry_run_only" }, "revoke": { "required_fields": [ "request_id", "approver", "reason" ], "effect": "dry_run_only" }, "delete_viewer_data": { "required_fields": [ "viewer_identifier", "operator_approval" ], "effect": "dry_run_only" } }, "links": { "html": "https://saferpage.de/datenraum/aboshop.harzkurier.de/zugriffe", "json": "https://saferpage.de/datenraum/aboshop.harzkurier.de/zugriffe-json", "csv": "https://saferpage.de/datenraum/aboshop.harzkurier.de/zugriffe-csv", "markdown": "https://saferpage.de/datenraum/aboshop.harzkurier.de/zugriffe-md", "data_room": "https://saferpage.de/datenraum/aboshop.harzkurier.de", "document_delivery": "https://saferpage.de/datenraum/aboshop.harzkurier.de/zustellung", "access_automation": "https://saferpage.de/datenraum/aboshop.harzkurier.de/automatisierung", "connections": "https://saferpage.de/trust/aboshop.harzkurier.de/connections", "legal_agreements": "https://saferpage.de/trust/aboshop.harzkurier.de/nda", "viewer_privacy": "https://saferpage.de/trust/aboshop.harzkurier.de/viewer-datenschutz", "api_operations": "https://saferpage.de/trust/aboshop.harzkurier.de/api", "journey_test": "https://saferpage.de/trust/aboshop.harzkurier.de/journey-test", "domain_verification": "https://saferpage.de/betreiber/aboshop.harzkurier.de/verifizierung", "audit_response": "https://saferpage.de/audit-response/aboshop.harzkurier.de", "operator_board": "https://saferpage.de/betreiber/aboshop.harzkurier.de" }, "does_not_grant_access": true, "disclaimer": "Diese Queue ist ein Betreiber-Blueprint. Sie genehmigt keine echten Anfragen, erzeugt keine privaten Downloadlinks und ersetzt keine NDA-, Rollen- oder Rechtsfreigabe." }