Home Page for the TeradataForum
 

Archives of the TeradataForum

Message Posted: Sun, 01 Feb 2004 @ 18:46:40 GMT


     
  <Prev Next>   <<First <Prev Next> Last>>  


Subj:   Re: Row and/or Column level security
 
From:   Chris Coffing

Thanks for the reply...

We thought of creating different views for the various groups of users and handling them using Role Base Security. Problem with that is we have a variety of applications coming from all sorts of things such as:

* Business Objects
* Access
* Cognos
* SQL Server...


When building a user interface using Business Objects you have to point to the proper objects (views and/or tables) so a user can simply drag and drop the objects they want for their reports. This makes different views for different users very difficult to manage. Join criteria is another issue.

It is tough enough managing security at an object level let alone taking it to a column level where Business Rules are a moving target...

What we need is a way to manage the technology. It is not there yet... or at least I have not found it... but I will keep looking...

What we are finding is this...

We can create Shield Views for security purposes. They work using the keyword USER as part of the WHERE criteria. We can join these views to one another but we start running into flaky issues when a user tries to join an object that is in the data model but not accessible from the view. In Business Objects, the joins get garbled because for one user they have access to all the underlying columns where another user does not so a query will work for one but the other gets an error or worse, they do not get the correct answer back...

We need a way to spider through the security settings for a user to determine if they will be able to run reports against objects where they have somewhat dynamic security access.

There are a lot of smart people on this list and I have come up with 14 different ways to secure a view myself and they all point to one thing...

HOW CAN WE MANAGE THIS LEVEL OF SECURITY???

"The challenge is not the technology, but our abilities to manage it."

You will be hearing me say that a lot.

That is always my number one goal in this business. Managing the technology while reducing the administrative overhead.

Come on you smart people. what is the answer. It is Blue Sky time!


Chris Coffing
Chief Information Officer
Coffing Data Warehousing
www.coffingdw.com



     
  <Prev Next>   <<First <Prev Next> Last>>  
 
 
 
 
 
 
 
 
  
  Top Home Privacy Feedback  
 
 
Copyright for the TeradataForum (TDATA-L), Manta BlueSky    
Copyright 2016 - All Rights Reserved    
Last Modified: 23 Jun 2019