Week six is Server week in Data School and we looked at Server Security system. There are two different security mechanisms: Authentication and Authorisation. While authentication refers to the mechanism of identifying the user, authorisation occurs after authentication and it is the mechanism in which the system identifies the level of access the user has to something. More precisely Authentication answers the questions below:
– Who is the user?
– Is the user who he/she says he/she is?
The first question is answered with the username while the second one is certified by a password (and dongle). Once Tableau Server is installed you can decide how the users are identified, which happens mainly through Local Authentication or Active Directory. Note that with Local Authentication when you encounter failed password attempts you cannot set a password lockout policy – if you want to allow that option chose Active Directory. Moreover, Server supports single sign-on (SSO) solutions such as OpenID, SAML and Kerberos.
Authorisation instead answers the question:
– What are you allowed to see?
This mechanism is divided into four main parts:
1) Site Roles
3) Database Security
4) Row-level Security
With Site Roles you can assign each user different permissions such as System Admin, Publisher or Interactor. Permissions occur when the user does not have the permission to access a selected site, project, workbook or dashboard. Database Security is the inaccessibility to a selected dataset uploaded to the server. Finally, Row-level security occurs on a worksheet/ dashboard level and it is when you apply a type of filter which allows you to hide data ‘rows’ to a specific user.