File Level Security
Because configuration management is a critical component of your overall security, you should consider how you can best implement it to give your site the maximum protection at the archive level.
|
An important consideration is using the security of your server to establish file level security.
|
No matter how stringently you manage the change history of your source files and the relationships between them, the effort is wasted if unauthorized users can—inadvertently or maliciously—damage or delete files.
In a network environment, you can take steps to improve your overall security:
• Ensure your Windchill RV&S server is properly configured so that only the administrator is allowed to log on to the server machine.
• Administrators running the Windchill RV&S server must have read and write access to project and archive directories.
• Do not export file systems containing Windchill RV&S data.
• Make your Windchill RV&S server a dedicated machine.
Windchill RV&S uses client/server architecture to provide enhanced security in managing the software development process. The client/server structure improves security because all project information can be kept on a single server and only accessed from a common client application. Client access is controlled through ACL settings and users cannot directly access or modify any files on the Windchill RV&S server.
Client/server architecture allows you to directly control the type of access granted to users. For example, you can set up a structure:
• to run the Windchill RV&S server as the administrator
• to change the permissions on all directories, archives and projects under Windchill RV&S control so that read/write access is granted to the administrator, but not to any other user
In this example, files can only be manipulated by the Windchill RV&S server and the administrator. Other users are not permitted to manipulate files under the control of Windchill RV&S.