A brief look at Data Archive security

Computer security has two parts: authentication (who is the user, and how do we confirm that the user is really who he or she says?) and authorization (once we know who the user is, what is that user allowed to do?).

The Windows integrated security model relies on Windows security for authentication, but provides its own authorization to PI objects. This is accomplished through two structures: PI identities for which you define PI permissions, and PI mappings which provide the mapping from Windows users and groups to PI identities.