Security of i2 Analyze records

i2 Analyze records are subject to the i2 Analyze security rules. The security schema defines the security model for your i2 Analyze deployment, and every i2 Analyze record must have at least one value from each security dimension in the schema.

When a user runs a query, i2 Analyze looks up which groups the user belongs to, and determines their security permissions. Then, it compares their security permissions to the security dimension values of the records in the query results. In this way, i2 Analyze calculates which records the user has access to.

If your deployment of i2 Analyze includes an Information Store that you populate through ingestion, then you must add security information to the data during that process. Each time the process runs, you can specify which security dimension values the incoming records receive:

  • If you decide that all the data from a given external source must have the same security settings, you can specify the same dimension values for records of all types.
  • Alternatively, you can dictate that all the records of a particular entity type or link type receive the same security dimension values.
  • You can also configure the process so that individual records receive security dimension values that you specify or determine programmatically.
Note: In this version of i2 Analyze, you can change the security dimension values of an ingested record only by ingesting it again with a different set of values.

All other i2 Analyze records receive dimension values when users create them in Analyst's Notebook Premium by importing them, or searching an external source, or by using an i2 Analyze palette. These records start with default values that users can edit in the same way that they can edit property values.