Editing record security

In i2 Analyze, the server maintains a set of security dimensions whose dimension values are used to classify records. Your ability to view or edit a record is controlled by what kind of record it is, according to those values.

For example, there might be a security dimension whose values indicate the nature of the source for a record - whether it came from an informant, or from open-source intelligence, or from a call data record. There might be another security dimension whose values indicate whether the information in the record is top secret, or confidential, or restricted.

Sometimes, a dimension and its values can be as simple as a list of the teams in your organization, with the intention that the record is classified by the teams who should have access to it.

Every record in i2 Analyze has at least one value from each security dimension. To use the same examples, a record might contain confidential information that came from an informant, and be accessible only to people in Team B or Team E. (Whether it's accessible to an individual in Team B also depends on their permission to see confidential information.)

When you create an i2 Analyze record in Analyst's Notebook, it receives a default set of dimension values that allow you to upload it to the Information Store. Thereafter, anyone with permission to edit that record can add, remove, or change those values.

In some security dimensions, the values act as levels and records take a single value. For example, if a record is "Top Secret", it cannot also be "Restricted". In other dimensions such as the data source or teams list, records can take one or more values. The default setting for these dimensions is "ANY" and this means other users who have access to any of the selected values can view the record. If a security dimension is set to "ALL" it means users must have access to all the selected values to view the record. In this scenario, selecting more values means fewer users are able to view the record.