Security classes are the most important part of CA Endevor/DB security. Security classes define restrictions that apply to dictionaries, CCIDs and users. Each of these entities can be associated with a different security class. At execution time (during stage two of the signon process), the security system combines all the security classes referenced and arrives at a resultant set of "permission flags". If an activity controlled by a permission flag is disallowed at any level (dictionary, CCID or user), the user signed on to that dictionary and working under that CCID will not be allowed to perform that activity.
The dictionary, CCID and user definitions each contain a reference to a security class name. There will usually be few security classes in a CCDB. Many installations set up one for the Security Administrator (usually NDVR-GLOBAL), one for DBAs, one for development leaders and one for general application developers.
|
Copyright © 2013 CA.
All rights reserved.
|
|