Security Types

By default, users have full access to the objects via the access methods specified in their User Groups. If the implementation is to implement additional levels or rules, then the application service must use Service Types. The definition of a Service Type allows additional tags to be attached to service definitions and then code written to detect and take advantage of the presence of the tag to limit security access to specific object data. For example, whether data is masked or not or some limit is placed on values of data.

To define Security Types, use the Security Types menu option on the Administration menu to display the Security Types maintenance function.

On this function define the following in relation to the Security Type:

Field	Description
Security Type	Identifier for Security Code.
Description	A brief description of the use of the Security Code.
Authorization Levels	A list of codes (Authorization Level) and associated descriptions. Use the Add icon to add a new Authorization Level or use the Delete icon to remove an existing Authorization Level from the list. The Authorization Level values are free format but should be representative of the desired function. The Description is used to explain the value.
Application Service Id	A list of associated Application Services to use this Security Code. Use the Add icon to add a new Application Service or use the Delete icon to remove an existing Application Service from the list.

Note: To fully implement the rules associated with Security Types, code must be included in objects to implement security logic.