CATEGORY:SECURITY
path: CATEGORY:SECURITY

Main Index, Nucleus

Security

Overview

Security can be addressed within the Nucleus environment with a high degree of granularity, ranging from User logon through individual field level security. A Security Matrix similar to Unix offers an easily managed yet robust security environment.

To reduce the workload of security management personnel, Group security assignments provide basic controls. Additional controls can be defined for individual tasks or individuals as required.

Nucleus can control security at these levels:

  • User login and User setup
  • Account access
  • Command
  • File - Read
  • File - Write
  • File - Delete
  • Verb - Execute permission
  • TCL access
  • Device
  • Menu and Menu choice
  • Project access
  • Screen Access
  • Field view: Data view, Data change, Data hide, Field show, field hide
  • Specific task permissions can be granted for a user

At the Nucleus command line:

The Nucleus SHELL provides a security layer above TCL/ECL, that will validate commands entered by the user. Commands not authorized according to a user's profile will denied.

  • Permissions can be withheld or enabled according to group profiles
  • Permissions can be withheld or enabled on an individual user basis
  • Specific permissions can be granted according to a group profile
  • Specific permissions can be granted to a an individual
  • Audit trails of any change through a Nucleus rule-set (screen) can be initiated
  • Audit trails of any action by any user at the shell prompt can be traced

Inherent in the Nucleus model, all screens developed in Nucleus automatically incorporate security validations based on:

  • Group defined permissions
  • Group excluded permissions
  • User defined permissions
  • User excluded permissions

GROUP security can be incorporated at these levels:

  • Read
  • Write
  • Delete
  • Command
  • File
  • Screen
  • Printer
  • Field
  • Menu

Nucleus security follows a structure similar to Unix wherein groups or individual users can be allowed or prevented from:

  • Reading a file
  • Writing to a file
  • Deleting records from a file

If a user (or group) has been defined to exclude read privileges for a file, a Nucleus screen based on the defined file will not operate for that user (or group of users)

Enabling Security

  • User setup and basic user access controls
  • The Nucleus Security Matrix
  • Group Security
  • Task Security
  • Restricting pages within Nucleus screens

Restricting tasks

  • Securing the EXECUTE command
  • Securing commands, verbs and files
  • Printer security

Enabling Security in Traditional or 'legacy' applications

Traditional or 'legacy' applications can be secured for any procedure based on read/write/delete requirements.

  • Security Task definitiion
  • User Security Subroutine
  • Verify Permission and Access testing

User Site related Security


Nucleus Security provides:

Security in the Nucleus Environment


For the purposes of security:

  • Links to detailed security information have been omitted.
  • Security details are provided only to authorized individuals within companies that have purchased Nucleus licenses.
  • Please contact Binary Star for complete details.

See Also


Security Reports:

  • ProcessLogReport
  • SyslogAuditReport
  • OSConnectionReport
  • AccessAuditReport

Security Logs and audit trails: