Security Concepts
datasqill uses appropriate security procedures to secure the various access types. These are described in this section.
The following types of access are to be distinguished:
- Client access to datasqill configuration
- Client access to transformation environments
- datasqill Server access to the datasqill repository and datasqill module access to external systems
Role-Based Access Control
For controlling datasqill Client access to the configuration and transformation environments, datasqill uses role-based access control (RBAC). This includes the following mechanisms:
- Authentication
- Authorization
- Rights
- Roles
- Permissions
They are explained in the section Access Control.
Configuration
The datasqill Configuration Repository contains the information about the configured transformation environments. It is a database that a datasqill Client accesses with a technical user to read the information about the configured transformation environments when starting.
Details on datasqill Client access to the Configuration Repository and the credentials used for this are described in the chapter Configuration.
Transformation Environments
The transformation environments consist of a datasqill Server and a datasqill Repository that datasqill Clients access:
The security procedures for Client access to these services are documented in the section Transformation Environments.
Connection Data
For datasqill Server access to the datasqill repository and for datasqill module access to external systems such as databases, web services, etc., they require appropriate connection data.
datasqill does not store this sensitive data internally but uses an external program on the server to read these credentials.
The description of storage and access to this data by the datasqill Server and datasqill modules can be found in the section Connection Data.