#Access control

0

This tag unites all posts related to roles (container that holds one or more privileges for access to SQL Tables), users (identity of the login when it is connected to a database) and authorization (function of specifying access rights/privileges to resources). Read more about roles, users and authorization in Documentation.

Introduction

In today's rapidly evolving threat landscape, organizations deploying mission-critical applications must implement robust security architectures that protect sensitive data while maintaining high availability and performance. This is especially crucial for enterprises utilizing advanced database management systems like InterSystems IRIS, which often powers applications handling highly sensitive healthcare, financial, or personal data.

10 3
1 277

Is it possible to audit code changes in a namespace?

Ideally what we'd like to be able to do is check which classes were compiled (or deleted) in a time period, eg in last 3 months, and which user made those changes. Even better would be an audit of what those changes were, but that's less important (for us, as we can probably find that information in other ways).

1 6
1 118

Hi all,

I’m working on a data transformation in IRIS where I need to calculate the difference in hours between two timestamps stored as %TimeStamp.

Example:

Set startTime = "2024-07-12 08:30:00"
Set endTime = "2024-07-12 15:15:00"

I’d like to calculate the number of hours (with decimals, like 6.75) between them. What's the recommended way to do this in ObjectScript? I’ve seen examples using $ZDATETIME, but I’m not sure if that’s the cleanest approach.

1 3
0 111

Hello everyone! 👋

I have a question regarding roles and resources.

To give you some context: I have a user who has been assigned only the role %HS_UsageDashboard_Access.This allows them to access the dashboards correctly (by giving the direct URL). Then, if I try to access the Management Portal with this same user, I can log in with no access to any resources within it (as expected).

1 3
0 84
Article
· Dec 3 28m read
Security in IRIS

Security is fundamental to enterprise application development. InterSystems IRIS provides a comprehensive security framework that protects data, controls access, and ensures compliance. This guide introduces essential security features for developers new to IRIS, covering authentication, authorization, encryption, and practical implementation strategies.

1 0
0 27
Article
· Dec 4 6m read
Sub-Table Security

InterSystems IRIS provides extensive configurable security options, yet many developers primarily use roles and resources to secure entire tables or routines. Today, we will delve deeper. We can also secure individual columns and rows separately, but these two mechanisms operate very differently. Let's begin with the columns.

Column Security

For testing and demonstration, we will keep our table structure concise and straightforward. We have a table called "Person" in the USER namespace that contains an ID column, a date of birth column (DOB), first name, and last name.

2 0
0 18