Security Module (Concept) manages user authentication, authorization, and access control for both engineering and runtime environments, ensuring compliance with FDA 21 CFR Part 11 and other regulatory requirements.

In this page:

 

Security → Tutorial | Concept | How-to Guide |  Standards Compliance | Reference


Key Concepts

  • *Users*: Individuals accessing the solution in Designer (engineering) or runtime (displays)
  • *Permissions*: Access levels determining what users can view, modify, or execute
  • *Policies*: Requirements for user identification, passwords, and session control
  • *RuntimeUsers*: Dynamic users managed in external databases or authentication servers
  • *Permission Groups*: Collections of users sharing common permission sets

What It Does

  • Manages user authentication and authorization
  • Controls access to engineering and runtime components
  • Enforces password policies and session management
  • Integrates with Active Directory and LDAP
  • Maintains audit trails for compliance
  • Supports electronic signatures
  • Enables dynamic runtime user creation

Configuration Workflow

Security Module Configuration Workflow

Step

Action

Description

Define Groups

Create user groups

Set permission levels for each group

Create Users

Add user accounts

Assign users to groups and set individual permissions

Configure Policies

Set security rules

Define password requirements and session controls

Setup External Auth

Configure AD/LDAP

Connect to enterprise authentication systems

Define RuntimeUsers

Configure database

Setup encrypted SQL storage for dynamic users


Runtime Behavior

Authentication

Users authenticate through local credentials, Active Directory, LDAP, or external databases. Session policies control timeout, concurrent logins, and automatic logoff.

Authorization

Permissions are evaluated at multiple levels:

  • Global solution access
  • Module-specific operations
  • Display and object visibility
  • Runtime actions and commands

Audit Trail

All security events are logged including logins, permission changes, and critical operations for compliance tracking.

Features Highlights

  • *Group-Based Permissions* - Define access levels by user groups
  • *Active Directory/LDAP Integration* - Enterprise authentication support
  • *Runtime User Management* - Create/modify users without project changes
  • *FDA 21 CFR Part 11 Compliance* - Electronic signatures and audit trails
  • *NERC-CIP Support* - Critical infrastructure protection features
  • *Multi-Level Security* - Global, module, display, and object-level permissions
  • *Session Management* - Timeout, concurrent login, and auto-logoff policies
  • *Encrypted Storage* - Secure credential storage in SQL databases
  • *E-Signatures* - Electronic signature requirements for critical operations
  • *.NET Security Framework* - Built on managed code security guidelines
  • *Third-Party Integration* - Connect to external authentication systems

What's Next

  • [Security Module (How-to Guide)] - Step-by-step configuration
  • [FDA 21 CFR Part 11 Compliance] - Regulatory setup
  • [Security Module (Reference)] - Detailed properties
Comprehensive user authentication and authorization with enterprise integration suppor
In this section...


  • No labels