devan05

CA Dataminder Tuesday Tip - New RLS model for r14.0

Discussion created by devan05 Employee on Nov 20, 2012
Latest reply on Nov 20, 2012 by Chris_Hackett
New RLS model introduced for r14.0 published by Andrew Devine, Snr Support Engineer on Tuesday 20 Novemeber 2012.

CA (DLP) DataMinder r14.0 utilizes security models to ensure that reviewers can only see events they are permitted to see when searching the CMS database.

You can choose which security models are available on your CMS. You can also have multiple security models active at the same time, though each reviewer is linked to a single model.

For example, some reviewers may only be permitted to see events linked to users in their own management group. Other reviewers may only be permitted to see specific types or categories of events.

CA DLP supports the following security models:

[list]
[*]Management Group (Standard)
[*]Management Group (Standard, Self-Exclude)
[*]Management Group (Sender)
[*]Management Group (Sender, Self-Exclude)
[*]Policy (Standard)
[*]Policy (Standard, Self-Exclude)
[*]Unrestricted
[list]

These are discussed in more detail in the CA (DLP) DataMinder Database Guide (DLP_Database_ENU.pdf) available from theCA DataMinder r14.0 bookshelfwhich is available to download from the CA Support Portal (http://Support.ca.com).

If a hybrid RLS (Row Level Security) model is employed, combining Management Group and Policy models, for example; to ensure that compliance reviewers do not see details of InfoSec policies, a reviewer assigned to this hybrid model will not be able to see events without triggers or events with triggers for policies not included in the Policy model.

While this is the correct behavior, it presents an obvious limitation, as compliance reviewers typically need access to all emails that correspond to their management group.

To address this limitation, CA DataMinder has introduced an enhancement via FIX:RO51757which add a new RLS (Row level security) model. This model is called Policy (All Events, Restricted Triggers).

This new RLS model is intended for use by compliance reviewers in conjunction with the Management Group model. This model does not filter events, but does filter the triggers attached to those events. For example; a compliance reviewer will see an event that fired an InfoSec trigger, but will not know about that trigger it will appear as an event with no triggers.

To complement the new Policy (All Events, Restricted Triggers) RLS model, some of the Standard Reports have been updated via FIX:RO51760to reflect the new functionality.

FIX:RO51757 and FIX:RO51760 are available to download from the CA Support Portal (http://support.ca.com).

Outcomes