Protecting operational resources

InfoSphere® MDM can be used to protect party and contract information by defining access to that information.

In InfoSphere MDM, resources can be protected so that only users who have authorization can operate on the resources. Resources can be any operational assets in the application, such as files, database records, and so on. A resource is protected by assigning it an access token value. A user, or the groups to which the user belongs, may be associated with zero or many access token values. When the user has an associated access token value that matches the access token value on the resource, the user is authorized to operate on the resource.

For example, contracts on the system can be assigned different access token values based on some criteria, such as the line of business to which the contracts belong. If a financial advisor servicing a particular line of business searches on the contracts on the system, the advisor can only view the contracts belonging to that line of business.

Currently, resources that can be protected include CONTACT and CONTRACT records in the database. In other words, InfoSphere MDM can be deployed to protect party and contract information.

To enable protected resources, you must:

• Implement authorization for users and groups
• Understand how resources are operated on when this feature is enabled
• Customize access to protected resources if you have created any extensions for InfoSphere MDM