 | (Die deutsche Übersetzung dieser Seite ist noch in Arbeit).
Security in LabWare LIMS can be broken down into several categories:
- Database access
- Application access
- Record / Data access control
- User rights
Users of LabWare LIMS are not required to have individual database accounts. The database is only accessed by the LIMS application and the database account information is set up in an encrypted configuration file that is not accessible to users.
In order to access LabWare LIMS, users must present credentials and be authenticated. Each user has a unique account within the system that tracks demographic information as well as which data groups and functional privileges can be accessed. User accounts can be synchronized with Windows user names so that Windows authentication can be used with a single sign-on. Smart card logon is supported with tokens for extra protection.
"Data Groups" and "Functional Privileges" manage record / data access control. Each record in the system is tagged with a specific data group. Users are given access to one or more data groups and they can only access and see records belonging to their groups. A user's right to change a record is dictated by whether the user has the functional privilege to perform the operation. Over two hundred specific function privileges provide fine-grained control over what a user can perform.
Data Groups and Functional Privileges can be associated with User Roles instead of individual users. Users can then be assigned one or more roles with which to access the system. The use of roles can simplify administration of users on systems with large numbers of accounts.
A user administration utility is provided for setting up and maintaining multiple accounts at one time.
Users who do not have the function privilege to access a system feature will have the menu and toolbar button disabled. Alternatively, the menus and toolbars of each window can be configured on a per-user, or per-role, basis.
|