This section is intended for use by those responsible for the day-to-day running of a UNICOM Intelligence Question Repository.

The security provider hosts the directory that is used to authenticate UNICOM Intelligence Question Repository users. IBM SPSS Collaboration and Deployment Services supports both a native security provider and external security providers such as Microsoft Active Directory and OpenLDAP. For more information about using these security providers, see the IBM SPSS Collaboration and Deployment Services Administrator's Guide.

Control access to a UNICOM Intelligence Question Repository by creating users and groups in IBM SPSS Collaboration and Deployment Services. The way in which you create users and groups depends on whether you are using the native security provider for IBM SPSS Collaboration and Deployment Services or an external security provider: see Security provider.

Use roles to control the access of users and groups (see Users and groups) to the features of IBM SPSS Collaboration and Deployment Services. A role consists of one or more actions, which are predefined and cannot be changed. Some examples of the standard actions in IBM SPSS Collaboration and Deployment Services are Access Contents and Folders and Define Topics.

A user or group can have more than one role assigned to them. For example a user/group can be authorized to submit files and generate questionnaires.

For more information about assigning roles to users and groups, see Chapter 5 of the IBM SPSS Collaboration and Deployment Services Administrator's Guide.

After assigning roles to users and groups, you must also give those users and groups the appropriate level of access to the relevant folders in the repository. For more information, see Object-level security.

Object-level security is a standard feature of IBM SPSS Collaboration and Deployment Services that is used to control access to folders (see Folders in a UNICOM Intelligence Question Repository) and files (see Survey assets in a UNICOM Intelligence Question Repository) in the repository. For each folder or file, you can provide users and groups one of the following levels of access: None; Read; Write; Delete; Modify Permissions. Note that each level of access includes the previous level (Write includes Read, for example). By default, all users and groups have read access to all objects.

When deploying a UNICOM Intelligence Question Repository, there are typically two tasks you must perform that involve changing object-level security:

For more information about setting object-level security, see “Editing Object Properties” in the IBM SPSS Deployment Manager User's Guide.

After you have assigned your repository-specific roles to users and groups, you must give those users and groups access to the relevant folders. This table describes the level of access you should provide for each of the roles suggested in Roles and actions.