Fundamental Concepts
Top
|
|
Laboratory Concepts: Security |
Content |
||||||||
|
Fundamental Concepts |
|
|
| Laboratory Concept | LabVantage Concept | Example |
| Provide a person access to LabVantage | A User is someone who is granted access to (or can be referenced in) the LabVantage application. | |
| Restrict (or allow) access to someone based on his/her responsibilities | A Role defines restrictions on which Samples (or any other entities) can be accessed, and which operations can be performed on them. These restrictions apply to LabVantage Users who are members of the Role. |
Jim and Mary belong to the Analyst Role, which allows Samples and Batches
to be edited. John belongs to the Lab Manager Role, which allows Samples, Batches, and Studies to be reviewed as well as edited. Jim and Mary can therefore edit Samples and Batches, while John can edit and review Samples, Batches, and Studies. |
| A Job Type is a group of Roles that makes it easier to assign permissions to individuals. A User can have more than one Job Type. | Jim can have multiple Job Types: Laboratory Manager and Administrator. Each Job Type provides him with specific access. In the application, he can switch back and forth between the two. | |
| Restrict (or allow) access to a group of people | Departmental Security allows a User to perform certain configurable operations (such as edit) on a Sample (or any other entity) only if that User is a member of a specific Department. |
Jim is a member of the Test Department. Mary is a member of the Quality
Department. Both Users create a Sample. Jim and Mary cannot access each other's Samples because they are in different Departments. |
| Restrict (or allow) people, responsibilities or groups to access data in a fine-grained manner | SDI Security lets administrators grant a set of Users, Job Types, or Departments (Users in the Department) permission to perform a set of configurable operations (such as edit) on selected Samples (or any other entities). | Sample-1 is associated with R&D security,
which lets Jim edit and delete Samples, while Mary can only edit them.
Sample-2 is associated with Production security, which lets Jim edit Samples, while Mary can only view them. Both security configurations define the same Users, but allow different permissions for each. |
| Use external authentication | LabVantage External Authentication uses LDAP (Lightweight Directory Access Protocol) to verify contact information from an LDAP server (Directory System Agent). | |
| LabVantage Web SSO architecture allows LabVantage to delegate User authentication to third-party SSO servlet filters or proxy Web servers. The actual authorization is handled using LabVantage application authorization framework. | ||
| Integrate with other systems | LabVantage User Types establish which accounts are permitted to make a connection to the system. This can be for the purpose of users operating the software as is discussed above. A different type of account can be established for the purpose of extracting, transforming, and/or loading data. |
The Scientific Data Management System (SDMS) has external collectors which communicate with LIMS and send data captures or other infromation to the application. The Configuration Management Tool (CMT) allows multiple installations of LabVantage to transfer data directly for the purpose of developing master data externally then promoting to production. |