Search
Topics
  Create an account Home  ·  Topics  ·  Downloads  ·  Your Account  ·  Submit News  ·  Top 10  
Modules
· Home
· Content
· FAQ
· Feedback
· Forums
· Search
· Statistics
· Surveys
· Top
· Topics
· Web Links
· Your_Account

Current Membership

Latest: KindraTea
New Today: 112
New Yesterday: 140
Overall: 79032
People Online:
Visitors: 25
Members: 4
Total: 29 .

Languages
Select Interface Language:


Major ITIL Portals
For general information and resources, ITIL and ITSM World is the most well known for both ITIL and ITIL Books. A shorter snapshot approach can be found at ITIL Zone

Related Resources
Service related resources
Service Level Agreement
Outsourcing

Note: ® ITIL is a registered trademark of OGC. This portal is totally independent and is in no way related to them. See our Feedback Page for more information.


The Itil Community Forum: Forums

ITIL :: View topic - CMDB Security
 Forum FAQForum FAQ   SearchSearch   UsergroupsUsergroups   ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

CMDB Security

 
Post new topic   Reply to topic    ITIL Forum Index -> Configuration Management
View previous topic :: View next topic  
Author Message
thirumaran
Newbie
Newbie


Joined: Mar 21, 2006
Posts: 7
PostPosted: Fri Mar 24, 2006 5:13 am    Post subject: CMDB Security Reply with quote
Hi,

As per ITIL -> see quote below

" The CMDB security model should be flexible enough to define permissions on each instance of CI data, down to the individual attributes of those instances "

can any one please eloborate and clarify this with an example

thanks
Thirumaran
Back to top
View user's profile
rjp
Senior Itiler


Joined: Mar 12, 2005
Posts: 255
Location: Melbourne, Australia
PostPosted: Fri Mar 24, 2006 9:39 am    Post subject: Reply with quote
This is just a reference to standard information security models provided by most relational databases.

It simply means that you can establish two mechanisms for controlling access to information.

1) Row level access - a user has access only to certain records in a DB table. This is usually set by a condition on one or more fields (attributes) in the record. Say 'Where department is "Finance"' Which would mean if the Dpeartment field in a record has the value "Finance" the user will see the record - but not see records for any other department.

1)Attribute level access is setting permissions for users for particular fields in a record and covers every record regardless of whether they have row level access or not. So you could specify that one user can see the social security number in an employee record, another user could see it and update it, and another user could be denied access - in which case they won't ever see that field in a representation of the employee records. (And if the databases interface - form - doesn't actually hide the field, it will would be blank - even though there is actually information in the underlying record.)
Back to top
View user's profile Send e-mail AIM Address Yahoo Messenger
Display posts from previous:   
Post new topic   Reply to topic    ITIL Forum Index -> Configuration Management All times are GMT + 10 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Powered by phpBB 2.0.8 © 2001 phpBB Group
phpBB port v2.1 based on Tom Nitzschner's phpbb2.0.6 upgraded to phpBB 2.0.4 standalone was developed and tested by:
ArtificialIntel, ChatServ, mikem, sixonetonoffun and Paul Laudanski (aka Zhen-Xjell).

Version 2.1 by Nuke Cops © 2003 http://www.nukecops.com

Forums ©

 

Logos/trademarks property of respective owner. Comments property of poster. Rest © 2004 Itil Community for Service Management & Foundation Certification. SV
Site source copyright (c)2003, and is Free Software under the GNU / GPL licence. All Rights Are Reserved.