1 / 27

Record Level Security

Record Level Security. From Strategy to Implementation at Museum Victoria Donna Fothergill and Lee-Anne Raymond. MV Strategy. Consider the security design currently in place. What does RLS do that is different? What do the users want? Uses for RLS at MV?

tyrone
Télécharger la présentation

Record Level Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Record Level Security From Strategy to Implementation at Museum Victoria Donna Fothergill and Lee-Anne Raymond

  2. MV Strategy • Consider the security design currently in place. • What does RLS do that is different? • What do the users want? • Uses for RLS at MV? • Is RLS for ‘Everybody’/ Every situation after-all?

  3. MV Security A range of security measures are used at Museum Victoria • User permissions • Data Partitions - Column access/default registry settings - Roles field in Parties - Repository field in MMR • Tab switching • Record Level Security

  4. Data PartitionsColumn Access – Default Settings Department Discipline User

  5. Data Partitions Parties Module Partitioned & Shared By Roles

  6. Data Partitions Partitioned By Repository and Registry security setting. Access is restricted to users and/or groups. • MMR

  7. Tab Switching • Reduce Access to sensitive information without RLS. This setting maintains a “closed” access to the record by reducing the tabs in display to one only “hiding” the rest using “Tab Switch”. Query tabs are still available. Only groups with permission will see the full record. All can still see this type of record exists. Only those with permission may see the full contents of records.

  8. MV Strategy Consider the security design currently in place. What does RLS do that is different? What do the users want? Uses for RLS at MV? Is RLS for ‘Everybody’/ Every situation after-all?

  9. What does RLS do that is different? rls can build on your existing user/group permissions by: • providing the ability to restrict a group of records within a department/discipline • allowing users to “share” ownership of records • providing users with access to collections of records they would not normally have access to

  10. MV Strategy Consider the security design currently in place. What does Record Level Security do that is different? What do the users want? Uses for RLS at MV? Is RLS for ‘Everybody’/ Every situation after-all?

  11. What do the users want? • Ability to partition data according to discipline or department • Ability to share but control the content within their own records • Ability to see and share another departments records

  12. MV Strategy Consider the security design currently in place. What does RLS do that is different? What do the users want? Uses for RLS at MV? Is RLS for ‘Everybody’/ Every situation after-all?

  13. Uses for RLS at MV? Taxonomy Transactions Exhibition Objects Restricted and Secured Groups of Records e.g. Culturally Restricted artifacts Integrating systems to share assets e.g. Digital Asset Management System ‘Relax’ a restriction

  14. Uses for rls at MV • Taxonomy module – open and with permission to do anything at all until… RLS Taxonomy is still open but security refined. Editing and Deletion locked where needed

  15. Uses for RLS at MV? Taxonomy Transactions Exhibition Objects Restricted and Secured Groups of Records e.g. Culturally Restricted artifacts Integrating systems to share assets e.g. Digital Asset Management System ‘Relax’ a restriction

  16. Uses for rls at MV Transactions Module RLS To share & control from the outset.

  17. Uses for RLS at MV? Taxonomy Transactions Exhibition Objects Restricted and Secured Groups of Records e.g. Culturally Restricted artifacts Integrating systems to share assets e.g. Digital Asset Management System ‘Relax’ a restriction

  18. Uses for rls at MV Exhibition Objects Module Triage Access Permissions

  19. Uses for RLS at MV? Taxonomy Transactions Exhibition Objects Restricted and Secured Groups of Records e.g. Culturally Restricted artifacts Integrating systems to share assets e.g. Digital Asset Management System ‘Relax’ a restriction

  20. Uses for rls at MV Culturally restricted – records hidden to all but a few Tab Switch Controlled & Shared or Hidden

  21. Uses for RLS at MV? Taxonomy Transactions Exhibition Objects Restricted and Secured Groups of Records e.g. Culturally Restricted artifacts Integrating systems to share assets e.g. Digital Asset Management System ‘Relax’ a restriction

  22. Uses for rls at MV Digital Asset Management System (DAMS)

  23. Uses for RLS at MV? Taxonomy Transactions Exhibition Objects Restricted and Secured Groups of Records e.g. Culturally Restricted artifacts Integrating systems to share assets e.g. Digital Asset Management System ‘Relax’ a restriction e.g. DNA Laboratory Data

  24. Challenges • Implementing significant change within a functioning environment • Grouping data into Departments/Disciplines in preparation of setting rls on existing records • Loosening security in order to tighten security • Ensuring that rls is set correctly when a new record is inserted • Hiding records - is this the best option?

  25. Benefits • Users evolving into more sophisticated ‘sharers’ • Cultural shift to more open attitudes towards data access • Significant user satisfaction with a more flexible and secure data model • Security significantly improved or made more robust • Ability to utilise RLS to assist with integration projects such as the MV DAMS • Promoting the sharing of data between disciplines

  26. MV Strategy Consider the security design currently in place. What does RLS do that is different? What do the users want? Where is RLS needed? Is RLS for ‘Everybody’/ Every situation after-all?

  27. Is RLS for Everybody/Every Situation After All? • RLS is not for every situation. • Each unique EMu site will have it’s own challenges. • RLS is useful and can help but not solve all your access and restriction issues. • A solid structure to begin with will support your implementation of RLS

More Related