CATEGORY:SECURITY
path: CREVE AND JAN MAPLES > HARRY BROWNE > WES MCKINLEY > CATEGORY:QM > CATEGORY:SECURITY
Security
Overview
Security can be addressed within the Nucleus environment with a high degree of granularity, ranging from User logon through individual field level security. A Security Matrix similar to Unix offers an easily managed yet robust security environment.
To reduce the workload of security management personnel, Group security assignments provide basic controls. Additional controls can be defined for individual tasks or individuals as required.
Nucleus can control security at these levels:
- User login and User setup
- Account access
- Command
- File - Read
- File - Write
- File - Delete
- Verb - Execute permission
- TCL access
- Device
- Menu and Menu choice
- Project access
- Screen Access
- Field view: Data view, Data change, Data hide, Field show, field hide
- Specific task permissions can be granted for a user
At the Nucleus command line:
The Nucleus SHELL provides a security layer above TCL/ECL, that will validate commands entered by the user. Commands not authorized according to a user's profile will denied.
- Permissions can be withheld or enabled according to group profiles
- Permissions can be withheld or enabled on an individual user basis
- Specific permissions can be granted according to a group profile
- Specific permissions can be granted to a an individual
- Audit trails of any change through a Nucleus rule-set (screen) can be initiated
- Audit trails of any action by any user at the shell prompt can be traced
Inherent in the Nucleus model, all screens developed in Nucleus automatically incorporate security validations based on:
- Group defined permissions
- Group excluded permissions
- User defined permissions
- User excluded permissions
GROUP security can be incorporated at these levels:
- Read
- Write
- Delete
- Command
- File
- Screen
- Printer
- Field
- Menu
Nucleus security follows a structure similar to Unix wherein groups or individual users can be allowed or prevented from:
- Reading a file
- Writing to a file
- Deleting records from a file
If a user (or group) has been defined to exclude read privileges for a file, a Nucleus screen based on the defined file will not operate for that user (or group of users)
Enabling Security
- User setup and basic user access controls
- The Nucleus Security Matrix
- Group Security
- Task Security
- Restricting pages within Nucleus screens
Restricting tasks
- Securing the EXECUTE command
- Securing commands, verbs and files
- Printer security
Enabling Security in Traditional or 'legacy' applications
Traditional or 'legacy' applications can be secured for any procedure based on read/write/delete requirements.
- Security Task definitiion
- User Security Subroutine
- Verify Permission and Access testing
User Site related Security
Nucleus Security provides:
- Branch and office access controls
- Password management, deny access methods
- Password renewal automation
- Password Changes Inquiry
- Password tech tips
Security in the Nucleus Environment
For the purposes of security:
- Links to detailed security information have been omitted.
- Security details are provided only to authorized individuals within companies that have purchased Nucleus licenses.
- Please contact Binary Star for complete details.
See Also
Security Reports:
- ProcessLogReport
- SyslogAuditReport
- OSConnectionReport
- AccessAuditReport
Security Logs and audit trails:
- Log of actions initiated at the Nucleus command Shell
- BUILD.DW.AUDITLOG
- WINAUDIT.RPT - File changes audit reporting
