Authorization details

All security settings concerning authorization are made at the role level, where end users always receive their authorization through roles. Roles are the only security level where direct access to database objects is administrated in a Foundation1 Application.

Contents

Security Model

A model for a security and authorization approach is made by using rules that protect the database from being accessed by end-users, using external database tools (such as SQL* Plus) with their ordinary password given to the client application. The reason is to keep the database consistent, and avoid any violation against the software integrity constraints made in the business logic layer of the application.

Trusted Server

The security model is based on server authorization concepts and there is no difference between ordinary users and ”external” users from a security and authorization point of view. The server-side authorization methods will decide whether a method is available to a specific user or not.

Therefore, the application will behave in the same manner concerning security when being called from IFS Enterprise Explorer, or from external tools such as Microsoft Excel or SQL*Plus.

By solving all security and authorization mechanisms in the server, it is possible and easy to add new clients with strong security control on the business processes for all kind of clients.

Client/Server Communication

Database reads are made by using views, which are granted (SELECT) to a role. These views should be considered as application views, but may also be used from external tools such as MS-Query.

Database writes are made using database packages (PL/SQL). The end-user will in this case not need the write privileges to the database tables. However it is necessary to grant execute rights (GRANT EXECUTE) to the packaged PL/SQL that make the table manipulation through SQL.

It is also important to understand that the Oracle authorization level for procedures in packages is on the package level and not on method level (see below). If a user gets EXECUTE-privileges on a package, no other grants such as table-grants or grants to packages accessed by the first package are needed.

Oracle Security

Foundation1 is fully based upon a model of database object security where the authorizations to different objects are made in the database itself. There are no differences from the database point of view whether the application is executed from IFS Enterprise Explorer or through an external data browser. Therefore it is important not to make any solutions based upon ”application security” without knowing the consequences when using external data browsers.

There are several important concepts within the Oracle Database that are used by the Foundation1 security model. These concepts and how they are used are briefly explained below.

Concept Description
Oracle User Mandatory identity concept when using Oracle Database. A user can be connected to several roles. A user has one or more default roles.
Role Group identity. A role can be granted to several users. A role can be granted to a role.
View Ordinary view concept in the relational database model. The views are used by transferring data between the presentation layer and the business logical layer of the OLA-model developed within Foundation1.
Package The concept in Oracle Database to let several stored procedures and functions being grouped into a unit. The packages are used to encapsulate business rules in the business logic layer and giving the rules specific interfaces.
Method Security on method level (procedures & functions) cannot be implemented by using Oracle Database. In Foundation1 environments this is solved in Base Server by using system service Security_SYS.
Table Ordinary table concept in the relational database model. Table privileges to end-users are not required for Foundation1 based applications.

Base Server Security

Base Server consists of several concepts related to the technical implementation made in Oracle Database. These concepts are described below:

Concepts Description
OLA The client/server architecture which differentiates the implementation into presentation, business logic and data storage.
Logical Unit The concept to get closer to the OO-approach. Consists of OBJID, OBJVERSION, attributes and methods. One logical unit consists of none, one or several views. One logical unit consists of none, one or several packages.
Base methods Specific methods for New, Modify and Remove.
Other methods Common business logic operations for a specific logical unit.
LU-dictionary Implemented in system service Dictionary_SYS and handles all information about logical units and their relations to the database objects.

Runtime actions