How Rational BI secures your data¶
Rational BI takes security seriously and has a multi-layered approach to ensuring that your account and data remains private both in the server and in the user interface. Data and reports are always subject to access controls through a policy-based authentication framework that defaults to denying access unless explicitly configured otherwise. Use **custom policy statement**s to apply fine-grained controls to your account and organization.
Reports within Rational BI run in a sandboxed environment without direct access to data or server resources. Before a report is loaded, the sandbox environment is completely recycled to ensure that no data from any previous reports views remain accessible. The embedded SQLite database is reloaded and any data requested is re-acquired and attached to the database instance.
When a report accesses data supplied through Rational BI, it does so by asking for a ticket that provides time-limited data access to a specific resource. The system controls access to ensure that data access is not granted when intent cannot be shown. For example, a public Rational BI report would not be granted access to private data within an account.
The report sandbox does not have access to any Rational BI cookies or resources, and the server has been configured to ensure that the risk of XSS or related issues is greatly reduced and any impact mitigated. Cookies are set to be secure, HTTP only and with cross-site access disabled.
Security in Rational BI is policy-based. Account administrators define a set of policies that govern what users can and cannot do. Policies are attached to user groups and users are members of one or more groups.
The system comes pre configured with a set of built-in groups and policies that group the permissions required to perform various tasks in the system. It’s also possible to create custom security policies if you need additional control.
You probably won’t need to define custom security policies unless you have a large organization.
Some security-related functionality is limited to enterprise subscription plans.
You cannot change or remove built-in security policies or groups.
Policy-based access control¶
Rational BI uses a policy-based access control mechanism. When a principal (a user) makes a request in Rational BI, the Rational BI enforcement code checks whether the principal is authenticated (signed in) and authorized (has permissions). You manage access in Rational BI by creating policies and attaching them to groups to which users can be added. Policies are JSON documents in Rational BI that, when attached to a user through a transitive relationship with a group, define their permissions.
During authorization, the Rational BI enforcement code takes the data in the request into consideration for matching policies and to determine whether to allow or deny the request.
Rational BI checks each policy that applies to the context of the request. If a single policy denies the request, the system denies the entire request and stops evaluating policies. This is called an explicit deny. Because requests are denied by default, Rational BI authorizes your request only if every part of your request is allowed by the applicable policies. The evaluation logic for a request within a single account follows these rules:
By default, all requests are implicitly denied.
An explicit allow in an policy overrides this default.
An explicit deny in any policy overrides any allows.
After your request has been authenticated and authorized, Rational BI approves the request. If you need to make a request in a different account, a policy in the other account must allow you to access the resource.