Security Overview

GENESIS64™ uses a security model that is both granular and additive. As a security system administrator, you can set individual rights and access to based on users and groups, create named policy settings that get applied to users and groups, and control access to particular applications, systems, and more based on time settings. The Security Server is used to configure access to your applications. The security model evaluates the membership of users and groups and denies access to a user regardless of the group's access rights. However, if a user's access isn't defined as denied or allowed, then the group membership sets the access policy.

The security system contains two components:

The Security Server manages user credentials and login information. Refer to Logins and Passwords for additional information.
Security system clients are the GENESIS64 family of applications, such as GraphWorX™64 and TrendWorX™64. Any trigger that causes a change in security status, such as a user login or logout, is immediately sent to the affected clients.

Use Workbench to configure security settings for Global Settings, OIDC Relying Parties, Policies, Groups, and Users. View the Security menu

The security system provides restricted access based on the concept of a logged-in user and includes end-user system authentication with an external identity provider (IdP). Refer to Web Login with External Identity Providers.

The following defines the Security Server road map:

Open Security node.
Define the Administrator user account.
Define the default Account Policy. (Optional) You can override the default with more specific or a more tailored account policy.
Define Global Settings to control end-user system authorization.
Add Groups and Users security privileges. See Security Privileges and Users and Groups.