Permissions and Security

TariffShark permissions and security are managed through role-based access control and role-based security. Each User is assigned one or more Security Roles, and each Security Role is assigned one or more privileges (Authorized Functions) that are permitted to users in that role. Further, a user's assignment to a Security Role may apply to all Companies, to a specific Company and all Tariff Databases, or to a specific Company and Tariff Database. Security administration within TariffShark consists of determining the operations that must be executed by persons in particular jobs and assigning them to the proper security roles.

TariffShark ships with a set of predefined roles to simplify the intial security role administration process.

In addition to the role-base management, during the initial setup of the TariffShark Application Server, an organization establishes a password for registering and unregistering software clients, password policies, exception notification policies, and session timeout policy. The work is usuall done by server administrators per company policy.