Difference between revisions of "Role Based Security"

From SmartWiki
Jump to: navigation, search
Line 1: Line 1:
Role security is based on a [[Role|role]] that you associate with the [[User|user]]. With this scheme, you first create one or more [[Role|roles]], and then associate each [[User|user]] with one or more of those roles.
+
[[Role]] security is based on a [[Role|role]] that you associate with the [[User|user]]. With this scheme, you first create one or more [[Role|roles]], and then associate each [[User|user]] with one or more of those roles.
  
By setting a default [[User|user]] role in your [[Personal Settings|personal settings]], the system will always assume that you are adding someone using a specific [[Role|role]] when you add a new person to the system.
+
By setting a default [[User|user]] [[Role|role]] in your [[Personal Settings|personal settings]], the system will always assume that you are adding someone using a specific [[Role|role]] when you add a new person to the system.
  
 
<u>'''Advantages'''</u>
 
<u>'''Advantages'''</u>
  
There are three advantages to role-based security:
+
There are three advantages to [[Role|role]]-based security:
  
 
* You can make individuals, regardless of their organisation, members of a [[Role|role]] and give them access to a resource.
 
* You can make individuals, regardless of their organisation, members of a [[Role|role]] and give them access to a resource.

Revision as of 14:55, 31 October 2007

Role security is based on a role that you associate with the user. With this scheme, you first create one or more roles, and then associate each user with one or more of those roles.

By setting a default user role in your personal settings, the system will always assume that you are adding someone using a specific role when you add a new person to the system.

Advantages

There are three advantages to role-based security:

  • You can make individuals, regardless of their organisation, members of a role and give them access to a resource.
  • When you move the user to another organisation, it does not effect their permission to access a resource.
  • Associating the role with the resource is less time consuming if the alternative is to associate the resource to many organisations.

Disadvantages

  • You must create the roles and remember to set the appropriate roles when you create a new user.
  • If you upload new users, you must choose the correct roles in the upload wizard; however, you will be prompted.

This security scheme should be used when the relationships between users and the resources are more complex and you need to provide access to resources independent of any organisational structure.