|
|
SAS Information Delivery Portal 1.1 |
|
Aggregating content through a single access point necessitates a robust security system so that you provide the right level of access control to information and applications.
In the SAS Information Delivery Portal, security is managed in the enterprise directory, where content can be made available to a user based on who the user is or what role he or she plays in the organization. This is achieved using Access Control Instructions (ACIs) that are placed on entities in the directory. These ACIs are used to allow or deny users or groups of users access to the content that is represented by the directory entities.
The enterprise directory also serves as the means for authenticating users of the SAS Information Delivery Portal. Users are represented as entities in the directory and can be assigned both individual and group access permissions. A group of users whose members all perform the same role in an organization can be registered in the enterprise directory as a group. This ability to group users together, along with the ability to define ACIs on an entry for a group, is the cornerstone of the role-based security supported by the portal.
When a user attempts authentication to the portal, the portal searches the enterprise directory for the object that represents that user so that his or her credentials can be verified. At that time, the enterprise directory also provides a security token to the portal for that user. The portal uses this token to grant or restrict access to content. In effect, the token allows a user to access entries that he or she is authorized to see.
Using the enterprise directory as the authentication mechanism provides the additional benefit of single sign-on support. If all content is registered with the enterprise directory and accessed through the security token object, then the user need only log on to the system one time.
The n-tiered architecture of the SAS Information Delivery Portal provides additional security for both your applications and your data. For example, using stored processes enhances security because the programs that access your sensitive data are contained on the server instead of being widely distributed with the client applications.
|
|
SAS Information Delivery Portal 1.1 |
|