Initial Read access can be defined differently for each table in a database from completely open, based on list of users and/or groups or completely closed.
Initial Update access can also be defined differently for each table in a database, independently from Read access, from completely open, based on list of users and/or groups or completely closed.
Additional Read and/or Update access can be applied across all tables in a database based on list of users and/or groups defined for each user who is a creator of records which is applied on top of table level Read/Update access.
Further security can be applied by limiting/allowing who can Create or Delete records for each table and/or for specific users.
Security is additionally enforced by Company for use in situations such as hosted environments or service providers that require fully segregated multi-company databases/applications within the same SQL server.
A number of procedures are provided which are callable from the application databases enabling easy customisation/enhancements to the security access provided by the framework for specific application requirements. i.e.. read/update access changing during approval process in a workflow application.
User and Groups are defined once in the SecSQL Directory database and are accessed by and maintained automatically across multiple application databases rather than having to create separate security user/groups for each one.
Initial setup and maintenance of security definition(s) for database/applications can be managed by allocated users using standard SQL client software and/or WebDB client access.
Application of SecSQL to an existing database is automated as far as possible by generating and running the DDL scripts required automatically to add and modify the database as required to utilise SecSQL.