Planning for distributed access

The Spiffy security planners need to determine how the managers can securely access employee data in a distributed environment.

About this task

To secure distributed access to employee data, the Spiffy security planners must address the following questions:

Which IDs should hold privileges on which views?
How do the central location and the remote locations divide security responsibilities for IDs?

The Spiffy security planners answer those questions with the following decisions:

IDs that are managed at the central location hold privileges on views for departments that are at remote locations. For example, the ID MGRD11 has the SELECT privilege on the view DEPTD11.
If the manager of Department D11 uses a remote system, the ID at that system must be translated to MGRD11. Then a request is sent to the central system. All other IDs are translated to CLERK before they are sent to the central system.
The communications database (CDB) manages the translated IDs, like MGRD11.
An ID from a remote system must be authenticated on any request to the central system.