BLOG

Documents

General

Designer

Security

Role dependent / Role based

The security of each process is role based.  Many specific area of this process can be secured in a way to allow access only to a certain groups of people.

Security in E-Flow Suite is defined as a group gathering at the highest level.  These groups can contain both users and other groups. Groups are used to specify access to certain features and tasks in the E-Flow Server.

The groups are divided as follows in order to facilitate the organization of a security schema.

Roles

Roles define a class beyond various boundaries within an organization. For example, a Customer Service Representative, a Corporate Executive or a Network Administrator.  There are various built-in roles that to be described later in this section.

Departments

These type of groups are generally created based on the hierarchy or physical division of employees of an organization.  A user or employee typically belongs to only one department designated as that employee’s Principal Group.  Users can belong to more than one department, but only one of them can be assigned principally.

Users

Each user of the E-Flow Suite has a group that includes only themselves at the beginning. Other users can be added to the group if the  user (or administrator) decides to assign later.  In this way, the new user will also have the same access to tasks as the original user or can act as a proxy for that user.

User Defined

All users can create a group, add and remove users and other groups, and use the group for security purposes.  Processes regarding the User-defined groups can only be conducted by the user who is the creator of the group.

Built-in Roles

There are several built-in roles that have a particular role in E-Flow Server Security. They are explained below:

Administrator

Those in this group can access all tasks, groups and security functions of the server.  The members of this group should be limited and a special account should be created for them in order to manage the server.

Designer

Allows a user to access the E-Flow Designer app.  Users in this group are allowed to edit and create processes to be stored on the server.

Company Administrator

The users who are assigned with this role can add, remove or continue the users sharing the main group.  In this way, management based on division is ensured.

Other Pre-Defined Groups:

Everyone

Each group covers all users.   Any user cannot be added or removed from this group.

Initiator

This specific group only allows to a safe object or resource holder user for access.   In many cases, the person will be the one who initiates an operation on Web Interface manually.  Initiator group is used as  predefined, that is valid for most security settings.

My Subordinates

It allows subordinates of the owner of an object to access a resource.  Subordinates are defined as the users where “Reports to Whom” section is set to the resource owner.

My Supervisor

It gives an access to a resource owner on the condition of being the person specified in the definition “Reports to Whom”.

Access with Password

Each E-Flow Suite user has their own usernames and passwords.

A supervisor or system administrator has right to access to the account of the user who does not come to work on a particular day, in order to make their assignment invalid.