356022
Description
Mind Map by Craig Parker, updated more than 1 year ago
|
Created by Craig Parker
about 11 years ago
|
|
U3.3 Administration
- Creating, deleting, changing access
rights for subjects and to objects
- Time consuming, complicated, error prone
- Can be simplified by aggregation of
subjects and or objects
- Can be simplified by aggregation of
subjects and or objects
- Time consuming, complicated, error prone
- Groups
- Creates an intermediate layer
between the subjects and objects
- Simplifies admin by grouping subjects
- Simplifies admin by grouping subjects
- Subjects may belong to more than 1 group
- Objects may be accessible by more than 1 group
- Permissions for individuals within a group can still
be altered without changing the group permissions
- Creates an intermediate layer
between the subjects and objects
- Roles
- Permission to objects is assigned
to the role that is created
- Subjects are then
assigned a role
- administrator role will allow you to
perform most functions
- Clerk role will have
limited functions
- Also a form of
segregation of duties
- Also a form of
segregation of duties
- Clerk role will have
limited functions
- administrator role will allow you to
perform most functions
- Subjects are then
assigned a role
- Permission to objects is assigned
to the role that is created
- Groups Vs Roles
- group is a collection of users and is really a
vehicle to simplify the administration of user's
access rights.
- role is a collection of access rights (or permissions) and hence pertains to
what users are permitted to do. The concept of a role fits very well into a
hierarchical organisation.
- group is a collection of users and is really a
vehicle to simplify the administration of user's
access rights.
Media attachments
Want to create your own Mind Maps for free with GoConqr? Learn more.