Security files, users, and groups

A security file controls who is allowed to log on to iBase and, after they have logged on, what they are allowed to do in both iBase and iBase Designer. Permissions are defined by creating user groups and assigning users to those groups.

In iBase, you use a security file to control who has access to an iBase database and the type of access they have. There are two formats for this file depending on the degree of security required.

For an introduction to these formats and to the different ways of configuring an iBase system, see Configuration Options for an iBase System.

Access to data and to parts of iBase itself is controlled by creating users and assigning them to user groups. Permissions are defined for user groups and inherited by users according to their membership of one or more user groups.

There are different types of group that control:
  • Read/write access to records
  • Commands on the iBase menus
  • Access to entity types, link types, and fields
  • Access to Security Classification codes (requires an Extended Access Control license and an SQL Server database)
  • Access to named folder control objects; folder control objects include report definitions, import specifications, queries, and so on

The use of cases also determines how security works at your site. For example, in a database that is partitioned by case, a user only has access to the data in a case if they are assigned to the case, and they are prevented from updating that data if the case is closed. For more information on cases, see Creating and Managing Cases in iBase.

An extra aspect to security is the physical security of the iBase installations and the network, and permissions to iBase files and folders.