i2 Analyze security schemas

An i2 Analyze security schema defines the security dimension values that can be assigned to records, and the security permissions that you assign to users. You must develop a security schema that meets the requirements of your organization.

All deployments of i2 Analyze include an XML file that contains definitions of security dimensions and permissions for that deployment. Optionally, the file can also refer to providers that add to the schema at runtime by implementing a Java SPI:

  • The definitions of security dimensions in the file can refer to dimension values providers that can add values to a security dimension dynamically.

  • The file can also refer to a permissions provider that adds to the permissions a user has whenever they interact with the system.

The security schema that the i2 Analyze server uses is a composite of the definitions in the XML file, and the additions that any specified dimension values providers or permissions providers make.

Note: Records in the Information Store contain security dimension values. Major changes to the security schema - for example, adding or removing dimensions - can invalidate records and require you to clear and re-ingest or repopulate data. Behavior like that is not reasonable after you deploy into production, and so it's important to refine some aspects of the security schema before you do so.