FlowRunner -
Security and Authentication |
FlowRunner uses an industry
standard set of security-related
technologies to implement robust
security and authentication.Authentication
Different authentication
options can be configured with a
standard installation
- Username / password
combination
- Client certificate
provided by the web browser
- Seamless logon for
accounts configured on
Microsoft Active Directory
(NTLM)
|
|
FlowRunner access
control model is among the most
flexible in the industry. Access can be
given or restricted to any
functional area of the system
based on user's identity or
roles. The
functionality is implemented
using access control lists
- a flexible paradigm similar to
the security model of Windows®
operating system.
|
|
One of the ways to control
access to individual functional
areas or processes is by
setting up custom roles. Roles
are entities external to user
directory. They are virtual
sets of users responsible for a
common task. For example, a role
may be defined as "IT manager"
to permit access to IT specific
procedures. People that have
this role do not have to be in
any special location in the
directory nor they have to share
common attributes.
|
Summary
-
Very granular access
control
-
Individual procedures can have their own access control lists
-
Custom roles can be
created
-
Roles can be assigned to users
regardless of their
location in hierarchy
|
Security Audit
FlowRunner also supports
security auditing. These are special logging
facilities to identify users trying to gain unauthorized access.
All relevant pieces of information
are logged and made available to
administrators so that appropriate measures can be taken.
|
Data security
-
Secure Socket Layer (SSL)
can be used for all data passing
between web browser and web server
-
No data is stored on the client
-
Single sign-on can be
configured for Intranet
use
-
Client certificates can
be configured
|
Next section:
Auditing »
|
Want to evaluate our software? Complete the information request form.
