Versions Compared

Old Version 6

changes.mady.by.user Alon Men

Saved on

compared with

New Version 7

changes.mady.by.user Alon Men

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

ZEN Master features a multi-tier access control mechanism that enables granular control of the access privileges down to the object level. It manages access to all system objects, including Resources (i.e. ZECs, Broadcaster Clusters, Receivers and Licenses), Sources (i.e. input streams), Channels (e.g. adaptive channels, pass-through channels), Targets, and Reports.

The access control is managed through the following entities:

  • Tags – Each object (Resource, Source, Channel, Target, Report) is assigned one or more Tags. The assignment of the Tag is performed during the creation/configuration of the object. The same Tag can be assigned to several different objects.
  • Roles – A role defines a set of privileges in the system. A role is associated with one particular Tag, enabling access to objects associated with that Tag. The role also designates what actions can be performed on each object type (i.e. Resources, Sources, Channels, Targets, and Reports). Actions include Read (the ability to view data from the object), Write (the ability to edit the object’s configuration), Notifty (the ability to receive email notifications/alerts regarding the object). A Tag can be associated with one or multiple roles.
  • Users and User Groups – A user receives privileges in the system by being assigned one or multiple roles. Users can be assigned to User Groups. A user can be assigned a role either directly or through a user group to which he is assigned.
    One or multiple users are designated as Administrators. An Administrator can access and interact with all objects without need for assignment of specific roles. He can also manage SSH Keys, transcoding profiles and users.

Summary:

A user can only access a specific object in the system if he is assigned a role that -

  • is associated with the Tag that is assigned to that particular object, and
  • has privileges that allow access to that object type.

For Example:

If a Tag 'Content 1' is assigned to all objects relating to that content (e.g. Source 1, Adaptive Channel 1 and Pass-Through Channel 1). And that Access Tag is associated with a role Channel_Viewer_1 with privileges to Read (in the ZEN Master system) both Adaptive Channels and Pass-Through Channels but no privileges to Read Sources. Then, a user with the role Channel_Viewer_1 will be able to view Adaptive Channel 1 and Pass-Through Channel 1 but not Source 1. The user will not be able to edit the configuration for these channels since the role only has viewing privileges and not editing privileges. Also, the user will not be able to view Adaptive Channel 2 since the  Tag assigned to his/her role is not associated with Adaptive Channel 2.


Child pages (Children Display)

Child pages (Children Display)
first2