Applications
In the context of CygNet security, the term "Application" represents one or more software components.
An Application can be (and is by default) a CygNet service, and can also be a CygNet software application such as mobile or web products. Custom security Applications can be created for other software components, such as a subset of records in a service, or an organizational element within a software application. A component-level Application can be administrative or operational in nature, depending upon the component to which it applies.
Service-Level Application
By default, each CygNet service is a security Application. A service’s security Application name is defined in its configuration file by the keyword ACS_APPLICATION. If you change the Application name of a service, you must stop and restart the service for the change to become effective, and you must define security under the new name.
Note: The ARS is the only service for which you cannot change its Application name.
You can use the same Application name for different services of the same type.
Example
The Application name for two different Blob Storage Services can be BSS. In the ACS, security defined for the BSS application would apply to both services. If you want to have different security settings for the two Blob Storage Services then each service requires a unique Application name.
Component-Level Application
Some services provide for component-level security, such as defining security for a record or group of records in a service. In such instances, you must define the name of the Application to be applied to the component(s).
Depending upon the component, the security is administrative or operational. Administrative security generally governs editing. Operational security generally governs performing tasks. For example, in the DDS you can apply administrative security to a device. This controls who can edit the configuration of the device. You can apply operational security to a UIS command. This controls who can execute the command.
Component-level security can be applied to the following:
| Service | Component | Security Type |
|---|---|---|
|
Blob Storage Service (BSS) |
Individual File (records) Group of Files (records) |
Administrative Operational (opening files) |
|
Device Definition Service (DDS) |
Device |
Administrative (Editing devices) |
|
Data Group |
Operational (Get, Send) |
|
|
UIS Command |
Operational (Send) |
|
|
Facility Service (FAC) |
Individual Facility (records) |
Administrative (Edit records) |
| Flow Measurement Service (FMS) | Node |
Administrative Operational |
|
General Notification Service (GNS) |
Individual Notification Record |
Administrative |
|
Queue |
Operational |
|
|
Group Service (GRP) |
Node |
Operational |
|
Point Service (PNT) |
Record |
Administrative |
For component-level security, you can apply an existing Application and Event or create new ones.
Configuring component-level security for each service is described in detail in the Security Reference section.
