Security > Security Reference - Services > DDS Security

Device Definition Service (DDS) Security

Security for the DDS is administered by the Access Control Service (ACS). As with other CygNet services, security is set on an application and event basis. The application name of the DDS is defined in the service configuration file using the keyword ACS_APPLICATION. The default is “DDS.” The security events are listed in the DDS Events table below.

The following tables provide details about DDS security settings. See also Security.

Service Application Name Main Security Event Component-Level Security Subject to Application Override

DDS (name defined in service configuration file)

ACCESS (name defined in service configuration file)

Yes (remote devices, data groups, UIS commands, and text import devices)

See Component-Level Security.

No

DDS Events

When you create a new remote device, the Application and Event specified for the device’s administrative security when the device record is committed to the DDS will be applied as the default Application and Event for all operational security.

The following table lists DDS security event types and the minimum authorization level (permission) required to perform many DDS tasks.

Event Event Description Authorization Tasks

ACCESS

Service content management and data group/UIS command operations

0-None

Administrative:

  • View list of devices in the service

Operational:

  • No tasks

1-Read

Administrative:

  • View device properties
  • View data group properties
  • View UIS command properties

Operational:

  • View data group transaction history data
  • View text import transaction history

2-Update

Administrative:

  • Update device properties
  • Add and delete data groups and edit data group properties in remote devices
  • Map UDCs to data group elements in remote devices
  • Add and delete UIS commands and edit command properties in remote devices

Operational:

  • Request data group data from a remote device
  • Execute UIS command for a remote device
  • Execute an import for a text import device

3-Add

Administrative:

  • Add devices

Operational:

  • Inclusive

4-Delete

Administrative:

  • Delete devices

Operational:

  • Send data group to a remote device

5-Admin

Administrative:

  • Export devices
  • Import devices
  • Full permission for all service Events (except ODBC), regardless of specific Event authorization level

Operational:

  • Inclusive

Note: Some data groups require you to request the current data before sending the group back to the device.

ODBC

Access service records from an ODBC-compliant application

0-None

None

1-Read

View records in the service.

2-Update

Edit existing records.

3-Add

Add records.

4-Delete

Delete records.

5-Admin

Inclusive

SVCINFO

Miscellaneous GenServe security management

Note: The SVCINFO event allows changes to log settings and use of the GlobalFunctions method SetGenserveInfo without requiring higher privileges on other actions. Other tasks are listed at right.

0-None

None

1-Read

Change queue translations

This event is used by DBS services to avoid full replication resyncs after failovers.

5-Admin

Permission level required to perform the following tasks:

  • Give ConfigFileManager remote access to service configuration files
  • Change log settings
  • Change audit levels
  • Perform on-demand backups
  • Change DBS and VHS disk cache minimum and maximum sizes
  • Request an activation check

TEMPLATE

Device template file (.dtf) management

0-None

None

1-Read

Extract template files from the DDS

2-Update

Inclusive

3-Add

Inclusive

4-Delete

Load template files to the DDS

Delete template files from the DDS

5-Admin

Inclusive

More:

ArrowDDS Component-Level Security

Back to top

Let us know how we can improve this topic.

CygNet at weatherford.com

© 2020 Weatherford. All rights reserved.