on 02-08-2019 12:19 PM
Hello,
I want to know if there is a possibilty to implement an SoD Matrix without any functions. I want to analyse some roles of my system just on there authority objects. I have downloaded the standard ruleset, so I Know how to write and upload the Matrix.
Is there a chance to implement this?
Hi Stefan,
If the issue is resolved then please close the thread.
Thanks
Ramesh
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Ramesh,
thanks for your answer. Yes I solved the problem.
Stefan
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
hey Madhu Babu #MJ,
thanks for your reply and your screenshots. Can you also show me your excel sheet (risk sheet and function_permissions sheet)?
Iam looking for the right linking of the different sheets. What do I need to write, so that my Matrix will proof on critical permissions? I changed the status in my risks to critical permissions but unfortunately, I received no violations.
regards,
Stefan
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Stefan,
Your requirement is quiet standard. You have to create CRITICAL PERMISSION risks using the function you have already created with only PERMISSIONS and no ACTIONS.
For example, if I want to check which users have access to DEBUG in the system then my function and risk will look as shown below:
Regards,
Madhu
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Vijayakumar,
thanks for your answer. I created functions without any actions underneath, so my Plan was to run a security check just on the permissions fields. But it seems that, there is no possibility to run a check without the correct linking of functions and actions.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Stefan,
I guess you referring to Function which has Actions underneath it. If i am correct, the Risk analysis engine in Access Control works when you have risks which is formed based on functions hence I dont think y ou can create risk without functions. In case, you come across any other option please let us know as well.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
14 | |
4 | |
2 | |
1 | |
1 | |
1 | |
1 | |
1 | |
1 | |
1 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.