Manualshelf

User's Manual

ManualsBrandsSilver Spring Networks ManualsElectronicsGateway/Telco
10111213141516171819
14
Permissions
Access control permissions (or just permissions) in the ENICS system apply to all applications (including both Java
applications and applets) that may be initiated outside of the server environment. Applications that are initiated by
and run under the control of the ENICS server environment (such as the network health monitor) do not require access
permissions. Access permissions are assigned out of the available options on a user by user basis. Each application
has three sets of permissions. The firstset” determines whether a user is allowed to access the ENICS server while
running a particular application. For example, a user may be granted permission to run the Interactive Meter Reader,
but not the Network Configuration Manager. This is not a security measure, since the only way the ENICS server has
to know what application is being run is for the application to tell it. Thus, this sort of permission won’t be able to
deter a cracker who writes his or her own application, but it will give the system administrator control over who can
run applications under normal circumstances.
The second set controls access to the various database tables in the system. An application may have read, modify
and append permission for a table. Append is a restricted type of write access that allows an application to add new
records to a table, but not to either modify or read records that already exist. Modify access implies both read and
append access. For databases that contain information that is associated with particular users, users may be granted
permission to read or modify data for themselves only or for all users.
The third set of permissions controls access to the communications network. The first access permission is “network
use”. This allows an application to interact with the communications network. If it is not set, then the application is
not allowed to interact with the communications server. The second network access permission is IMU read/modify,
which determine which types of messages that can get or set IMU information are allowed to be sent. The third
network access permission is network read/modify, which determines which messages can be sent that may read
information from or modify gateways and relays. Please note that even an application that has no explicit network
access may invoke an operation that will cause the ENICS server to access the network.
COM Access
In order to support miscellaneous analysis and data gathering capabilities, a COM interface to the ENICS business
objects shall be implemented. This will allow programs to be written in Visual Basic that can retrieve information
from the ENICS system. The COM interface shall be design in such a way that it shall not be possible to compromise
ENICS server or Innovatec network communications using the interface. A set of standard Visual Basic applications
should be implemented for common operations such as gathering reads from a predefined group of meters and
gathering time of use information. These standard applications will serve to get Innovatec customer’s started using the
more exotic functions of the system quickly and also server as examples for Innovatec customer IT departments that
wish to implement their own data analysis programs.
Required Requirements
All application requirements documents shall include the following:
1.
Startup
2.
Shutdown
3.
I/O interfaces, if any.
4.
Required services.
5.
Behavior in the event of errors, including but not limited to internal program errors, communications errors,
database access errors and server access errors.
6.
Mechanism for notifying users when a problem is detected (e.g., dialog box, logged event).
7.
Which events should be logged (e.g., significant user actions)