Open Framework, Information Management Strategy & Collaborative Governance | Data & Social Methodology - MIKE2.0 Methodology
Wiki Home
Collapse Expand Close

Members
Collapse Expand Close

To join, please contact us.

Improve MIKE 2.0
Collapse Expand Close
Need somewhere to start? How about the most wanted pages; or the pages we know need more work; or even the stub that somebody else has started, but hasn't been able to finish. Or create a ticket for any issues you have found.

Security Conceptual Design Deliverable Template

From MIKE2.0 Methodology

Share/Save/Bookmark
Jump to: navigation, search
Under construction.png
This article is currently Under Construction. It is undergoing major changes as it is in the early stages of development. Users should help contribute to this article to get it to the point where is ready for a Peer Review.
This deliverable template is used to describe a sample of the MIKE2.0 Methodology (typically at a task level). More templates are now being added to MIKE2.0 as this has been a frequently requested aspect of the methodology. Contributors are strongly encouraged to assist in this effort.
Deliverable templates are illustrative as opposed to fully representative. Please help add examples to this template that are representative of the proposed output.

Overview

The Security Architecture is sometimes broken into a separate deliverable, depending on the complexity of the requirements. Some issues to consider in defining the security model are:

  • What kind of login access control is needed for each of the client side programs?
  • What access control is needed at the database itself?
  • Will security be managed at the level of the user, the relation, and/or the view?
  • Who will control accounts and privileges, and what procedures will be used?
  • What kind of audit trail is needed?
  • Should security be managed through database capabilities, and/or through stored procedures or gateway programs?
  • How do security concerns impact the distributed architecture, and the use of performance strategies such as replication and caching?

Security requirements will be particularly complex if the solution must service external clients or if the data is of a secretive nature. Security Standards should drive the Security Architecture.

Example 1 - Security Conceptual Design for an Inventory investment model

Listed below are example Security Conceptual Design for an Inventory investment model:

Security Conceptual Design

1. The following section (Security Conceptual Design) provides a high-level overview to Client solution elements and standards that System 2-0 adheres to.

Center

2. Access to the Client system is controlled via XYZ managed web based applications.

3. Users typically interact with the BI client applications (i.e. Cognos or Business Objects) via their web browser.

4. Enabling a Secure FTP connection between the user and Client requires the existence of a fixed IP-address.

5. Users are unable to access or trigger applications hosted on any Client servers other then LPAR3. The specifically prevents users from controlling the ETL jobs used to move data between the ASDF Replica, BDS2, ODS2 or RDS database schemas.

Cognos users will require their own LDAP group to access SYSTEM reporting functionality.

Wiki Contributors
Collapse Expand Close

View more contributors