Data Security
The security of data sent by Windchill content replication is ensured by a pair of keys associated with each master site server. A request sent by a master site is digitally signed using a private key, and the public key is a vehicle for authenticating that the private key used by the request is genuine. By using the master site’s public key, the replica service verifies that all the URLs from which to download originate from the master site. The same verification procedure is used during the replication process to ensure that the replicated objects came from a registered master site. The public key copied to a remote site must be genuine, and permissions should be used to protect it from being altered.
The clocks at the master and remote sites must be synchronized to ensure correct key validation. A difference of more than five minutes between the clocks may prevent validation. The URL of a replicated document expires five minutes after its creation. This five-minute period is the default setting, which you can modify on remote sites.
Content rules for replication can be defined on the basis of domain, class, and life cycle state. The targets of these rules are replica vaults located on specific remote sites.
For example, consider two remote sites named site1 and site2. The engineers at site1 are collaborating on the generation of the design models of a part, while the personnel at site2 will sell the part. The sales personnel do not need the incomplete designs for the part, so two different vaults would be appropriate:
1. WTPart, all-states,collab-domain > Vault_on_site1
2. WTPart, complete,collab-domain > Vault_on_site2
These rules provide engineers with local access to the content for all life cycle states of the part, and sales personnel with local access to complete parts.
|
Windchill domains can be created in a hierarchical fashion, with some domains being children of other domains. However, it is important to note that a domain does not inherit the replication rules of its parent domain. Replication rules must be explicitly defined at each level of a domain hierarchy.
|