NOTE: Original Request 16887 was created on March 15, 2012
Here is a list of DSP Security Enhancements that have been requested over the years, mostly the same features that already exist in the custom CranSoft Role Security WebApp that was incorporated into the DSP 6.0 framework, and now the revised DSP Role Security WebApp that is still in use at Target Corporation. This DSP Role Security WebApp is now installed on the ORT POC environment, and Product Management can view the functionality there, as well as use it for a testing ground if needed.
a. Prevent viewing and copying of DSP framework and WebApp designs by third parties
b. Prevent viewing of sensitive fields that may not be encrypted, such as logins/passwords
c. Prevent modification of core framework and WebApps
d. On the "Database Types" page, create the desire Database types, and specify if security for the database type will be managed via a NT User or a NT Group (AD Group)
e. On the Databases page, change a database to the desired Database Type
Enhancements to the Security of the DSP, including User Management, has been in the queue for some time. This Idea has many requirements in them and not every one will be implemented, especially with the exact detail here. But an overhaul and general enhancement to the Security has many planned features in the backlog in a 7.x release.
If you want to see exactly which features are in and which are out then the ideas will need to be split up into feature level components and not just one catch all. Breaking these into separate Ideas will allow us to better track, promote, review properly. It may turn out that these requirements get released over the course of a few different releases.
Changing this to status of Planned.
We need the security revamped, it's a pain point for all clients, all new installs, and there are security concerns that customers have as well.
Video of app functionality was created in March 2016:
https://boaunited.jiveon.com/servlet/JiveServlet/download/13575-15177/DSP%20Security%20Enhancements%20-%20Role%20Security%20walkthrough-20160314.mp4
We cannot break these up, since that will lead to an even more fragmented security model than we already have. It must all be integrated, just like it is in the existing DSP Role Security web app. Security is in need of a major redesign, and we need to devote the resources to design it right. Please include me on any design discussions to make sure requirements are communicated and understood. Thanks!
Kurt