Managing Access to Enterprise Information
This section describes access control issues and strategies related to managing access to your enterprise information. The following characteristics of objects impact what access control rules need to be defined to manage access to your enterprise information and to define strategies for managing the information:
• Domain administered information -- includes any object that belongs to a domain. Change Domain and Create By Move permissions apply.
• Policy and ad hoc access controlled information -- includes any object to which domain-based access control rules or ad hoc access control rules can be applied. Change Permissions permission applies to ad hoc controlled information.
• Content holder information -- includes any object to which files can be attached, and for which URLs or external storage information can be specified. Download and Modify Content permissions apply.
• Foldered information -- includes any object that is contained within a folder.
• Life cycle managed information -- includes any object that is life cycle managed. Each life cycle managed object has an associated life cycle state. Set State permission applies.
• CAD document information -- includes the objects that are used when creating and working with CAD documents. For additional information, see the workgroup manager guide that describes how to administer CAD documents in your Windchill solution.
• Contained information -- includes any object that belongs to a context. Change Context permission applies.
• Identity access controlled information -- includes any object with identity attributes whose access is controlled separately from other attributes. Modify Identity permission applies.
• Versionable objects -- includes any object for which multiple versions can be created. Revise permission applies.
• View manageable objects -- includes any versionable object that can be assigned to a view. New View Version permission applies.
 |
A specific object type can have one or more of the characteristics and thus needs to have access control rules set in multiple ways. The rules and strategies you set up must take all characteristics into account.
|
The following sections describe each characteristic and identify the access control requirements necessary for operating on an object that has the characteristic.