The application, content and underlying data is secured through a variety of measures:
The Application's content management system (CMS) reflects a fairly comprehensive and sophisticated security model for guarding access to report content - over and above the security of the data (through the cube) or security of the functionality (through license type). Security is available at both the book folder and book level through a roles based model.
Security Roles are defined in the administrative console by system administrators. These roles are used primarily to manage access to books and their contents (reports). Roles are used to a lesser extent to control access to data sources (see data security below).
The role security model governing the content is described below in "Content Security Model".
Functional security is driven by the type of client license allocated to a user and any extended security profiles attached to a specific content item for a given role. The primary purpose of licenses is to differentiate between simplified and advanced functionality and publishing capabilities.
There are 3 types of licenses with 3 different levels of functionality:
- Consumer Licenses - this client license allows users to access to the application and consume predefined reports. However, they cannot start a new report from scratch and have had some of the advanced choices in the client application limited. They are also presented with a different workspace (animated "viewer" by default).Most importantly, consumers CAN ONLY save content to the user's own private domain and CANNOT see any content in the group domain (regardless of their security roles).
- Analyst Licenses - this client license type allows user to access the entire application and consume predefined reports. This includes the ability to start new reports from scratch and to access all advanced functions. However, they CANNOT save content into the public domain.
- Professional Licenses - this client license type allows user to access the entire application and consume predefined reports. This includes the ability to start new reports from scratch and to access all advanced functions. Professional users can also save content to the private, group and public domains.
- Viewer Licenses - allows end users to simply view content from inside the HTML5 viewer application. Since they have no ability to save content, they can only read information from the public domain.
Independent of the functional security within the client application, users can be delegated administrative roles in the administrative tools:
- Full Administrator: have complete control of the application
- System Administrator - have the ability to set and maintain the "system" requirements of the application
- User Administrator - have the ability to create, edit and delete users and their security roles
Independent of the license settings, extended security roles will enable or disable certain functions over and above the generic functional security assigned to licenses.
Data security is driven effectively by the security roles defined within the cubes themselves by the cube administrators. The application facilitates this data security layer by accessing the cubes as the user - and in effect provides the SECURE mechanism for users to only interact with the cubes metadata and the query results. The details of data security can be found in third party manuals on Analysis Services Security Roles.
NOTE: In addition to the data security layer offered inherently in the cubes, the client Pyramid application blocks native access to the cube servers via the application UNLESS administrators have given users explicit access to the data source from within the administrative console.
All users must belong to at least 1 role, as defined in the application's administrative console. This role framework is used primarily to govern access to reporting content saved to the CMS. The logic for content access is illustrated and described below.
There are 4 content domains - Private, Group, Public and Legacy. Access to these domains is controlled by the user's account, their roles and user's license type:
- Consumers, Analysts and Professionals have a private domain where they can read and write "my" reports controlled by their user account (not roles). No other user (except for administrators) has access to another user's private domain.
- Only analysts and professional users have read and write access to the group domain, but specific access to folders and books within this domain is governed by role security.
- All users have read access to the public domain, but specific access to folders and books within this domain is governed by role security. Only professional users can save content into the public domain
- Legacy content is read accessible by all user types. Content cannot be saved to the legacy domain by any user type.
Analytic Book Folders
Content can be organized into folders (known as "book folders") within each domain. In turn, each book folder can be secured with read/write permissions by role. When a user saves content to the CMS they can elect which roles will have read and write access to the folder and its sub-ordinate contents. Folder security does NOT inherently cascade down to its sub-folders and/or books.
When an item is saved into one of the domains and/or folders, it can be secured with read/write permissions by role (which is independent of the folder it is saved into). However, a book will not be accessible to an end user if they do not at least have read access to its parent folder (and so on up the folder hierarchy tree).
Reports in Analytic Books / Slides in Dashboards
Reports/Slides in a given book/dashboard effectively inherit the security of the book/dashboard. There is no way to set specific security settings for each report within a book.
NOTE: Administrators with access to the content store can change any and all security settings related to books and book folders from within the administrative console.
Extended Security Profiles, as described above, are used by content publishers to lock down the application for specific users (via roles) for a given content item (book). Providing more granular control of the application, extended security provides a quick and elegant solution to both content and data access through the lock down of certain advanced analytic functions. See Extended Security for more.