About InterSystems Authorization
Once a user has authenticated, the next security-related question to answer is what assets that person is allowed to use, view, or alter. Assets include:
Databases — Physical files containing data or code.
Services — Tools for connecting to InterSystems IRIS, for example, client-server services, telnet.
Applications — InterSystems IRIS programs, for example, Web applications.
Administrative actions — Sets of tasks, for example, starting and stopping InterSystems IRIS or creating backups.
This determination and control of access to assets is known as authorization.
Authorization manages the relationships of users and assets, which are represented within InterSystems IRIS as resources. Resources are as diverse as databases, InterSystems services (such as for controlling web access), and user-created applications. Each user has one or more roles, each of which authorizes the user to perform particular activities with particular resources. Applications can temporarily expand the roles a user has.
Resources, Permissions, and Privileges
The primary goal of security is the protection of resources — information or capabilities in one form or another. With InterSystems IRIS® data platform, resources can be databases, services, applications, tools, and even administrative actions.
The system administrator grants access to resources by assigning permissions. Granting or revoking a permission enables or disables access to the resource’s action(s). For databases, the permissions are Read and Write; for most other resource types, the relevant permission is Use.
Together, a resource and an associated permission are known as a privilege. This is often described using the following shorthand: Resource-Name:Permission. For example, a privilege granting read and write permissions on the EmployeeInfo database is represented as %DB_EmployeeInfo:Read,Write or %DB_EmployeeInfo:RW.
Users and Roles
InterSystems IRIS uses Role-Based Access Control (RBAC) for its authorization model. With this type of model, a user gains the ability to manipulate resources as follows:
Resources are associated with permissions to establish privileges.
Privileges are assigned to roles.
Roles have members, such as users.
A user connects to InterSystems IRIS to perform some set of tasks. A role describes a set of privileges that a user holds, and thus the tasks that user may perform.
Roles provide an intermediary between users and privileges. Instead of creating as many sets of privileges as there are users, roles allow you to create sets of task-specific privileges. You can grant, alter, or remove the privileges held by a role; this automatically propagates to all the users associated with that role. Instead of managing a separate set of privileges for each and every user, you instead manage a far smaller number of roles.
For example, an application for a hospital might have roles for both a doctor making rounds (RoundsDoctor) and a doctor in the emergency room (ERDoctor), where each role would have the appropriate privileges. An individual user could be a member of just one of the two roles, or of both of them.
InterSystems security provides a flexible application security model. The ability to use an application is a resource, so you can restrict the use of an application to a particular set of users, or open it to all users. For users who can use an application, the security model supports a role escalation model. This means that while using an application, users can access specific resources that they could not generally access.
See Defining Applications for more information about the multiple types of applications.