Security

Authentication is the process of verifying the identity of a person or process within the guidelines of a specific security policy. Authorization is the process of evaluating whether a particular authenticated identity has permission to perform a task (such as read or write) on a particular resource. To understand, plan for, and implement authentication and authorization for the Open Metadata Architecture, see the SAS Intelligence Platform: Security Administration Guide.

In addition to the security features that are provided with the SAS Open Metadata Architecture, SAS Integration Technologies provides other authentication and authorization mechanisms. These additional features enable you to implement the appropriate security for your enterprise. SAS Integration Technologies security provides additional mechanisms for authenticating users of IOM servers against an LDAP and Microsoft Active Directory server, and for providing authorized access to IOM Bridge servers. (For COM server connections, SAS Integration Technologies utilizes Windows security features. For details, see Setting SAS Permissions on the Server (COM/DCOM) and Windows Client Security in the SAS Integration Technologies: Developer's Guide).

This section covers the following authentication and authorization topics:

• Overview of Domains. To understand the discussion of domains within this section, see Overview of Domains.
  
  
• Authentication Options. For details about implementing authentication, see Implementing Authentication.
  
  

• User, Group, and Login Structure. For details about the SAS Metadata Server user, group, and login structure, and how to specify login definitions for your user credentials, see Defining Users, Groups, and Logins on the SAS Metadata Server.

• Additional Server Security. For details about additional server security, see Setting up Additional Server Security.
  
  
• Security for Spawner, Pooling, and Load-Balancing Configurations. For details about the differences between SAS Workspace Server and SAS Stored Process Server security, spawner security, and pooling and load-balancing security, see
  • To understand security considerations for workspace servers, pooled workspace servers, load-balancing stored process servers, or load-balancing workspace servers, see Planning for Workspace and Stored Process Server Security.
  • For spawner security, see Planning the Spawner Security.
  • For pooling security, see Planning the Pooling Security (IOM Bridge only).
  • For load-balancing security, see Planning the Load-Balancing Security (IOM Bridge only).
    
    

• Xythos WFS WebDAV Authentication and Authorization. For details about the SAS Integration Technologies extension to the Xythos WFS WebDAV server, see Implementing Authentication and Authorization for the Xythos WFS WebDAV Server.

• Client Security and Encryption. For details about implementing security in applications and implementing encryption, see Implementing Security in Client Applications and Implementing Encryption