Optim™ provides three
types of security. For each Optim Directory,
you may establish any or all of the following types of security: Functional
Security, Object Security, and Archive File Security.
Functional Security
As the most general level of Optim Security,
Functional Security allows you to control user access to the interface
for functions provided by Optim.
Object security
Use object security to control access to specific objects
in the Optim directory, using
an access control list (ACL). Any Optim object
can be secured by associating it with an ACL. An ACL lists roles and
grants or denies privileges for each role to read, update, delete,
or execute (where appropriate) the object and the ACL.
Archive File Security
Archive File Security allows you to control access to data
in Archive Files. For example, you might use Archive File Security
to prevent any access to data in a specific table or column for most
users while granting access to members of selected roles for the same
data.
Access Control Domain
Use the Access Control Domain Editor to create and maintain
Access Control Domains. There are different ways to open the editor
depending upon whether you want to create a new Access Control Domain
or select an Access Control Domain to edit.
Access Control List
An Access Control List (ACL) governs the ability of a role
to perform actions (such as read, update, or delete) on both an object
and the associated ACL. Each Access Control Domain, File Access Definition,
and secured Optim object has
an ACL.
File access definition
By running an archive request that references a file access
definition (FAD), you can control access to data in one or more generated
archive files. The archived data is protected according to the settings
in the FAD, which can be changed as the security requirements for
your site change. When settings in the FAD are changed, the changes
apply to previously archived data as well as to data archived in the
future.
Exporting Security Definitions
Use the Export Security Definitions Utility to export security
definitions (ACDs, ACLs, and FADs) from one Optim Directory to another. The Export Security
Definitions Utility eliminates the need to recreate security definitions
manually and allows you to use the same definitions with the imported
objects they secure.
Import Security Definitions
The Import Security Definitions Utility copies security
definitions from a Secured Input File to the current Optim Directory. (A Secured Output File generated
by Security Definition Export is used as the Secured Input File.)