Security

FACT’s security layer manages authentication and authorisation of user’s access. The framework provides users with Single Sign-on, relying on smartcards or public certificates. Sensitive information is encrypted at the database level and between the client and server using secure connections.

The diagram below shows one possible security configuration for FACT:

  1. FACT user logs in to domain

  2. Active directory returns Kerberos token

  3. User gains access to FACT

  4. User accesses FACT URL endpoint

  5. IIS grants access

  6. Groups are converted to roles

  7. Roles are converted to privileges
     

FACT Security Diagram

 

FACT users and roles:

  • Users: This holds information such as username, password, email, language, department and phone number. You can configure and extend the Data Dictionary to meet your needs.

  • Roles: This defines a set of rights or privileges granted to each user within your organisation. Roles are often derived from job titles, organisational hierarchy or groups of users. The administrator can fully configure the rights associated to each role. You can have one or multiple roles, each assigned to a specific scope of portfolios.

  • Portfolios: These are used to bring FACT elements together into logical access groups. Portfolios are usually organised geographically, by sector (SIC Code or NAICS) or any other specified classification. Each element is then assigned to one portfolio only. You will be assigned one or more roles for specific portfolios and you can combine different access levels across different portfolios.
     

Request a Demo

Organise a demonstration, request a call back or ask a question