Chapter8.Establishing Security Model Settings | Microsoft Office Project Server 2003 Unleashed

Chapter 8. Establishing Security Model Settings

IN THIS CHAPTER

Server ConfigurationFeatures
Identifying Roles
Security Templates
Security Groups
Creating Categories
Associating Groups and Categories
Assigning Resources to Proper Groups
Best Practices

Security is separated into two distinct criteria: use permissions (functionality) and data permissions (data access). Use permissions define what a user can do in the system, and data permissions define what data will populate views visible by the user. Use permissions are maintained by the Group to which a user is assigned, and data permissions are maintained by the Category or Categories associated with the Group to which a user is assigned. Hence, the user's system security, what a user can do and what data a user can see, is defined through a Group and Category.

It is important to remember that the security model in Microsoft Office Project Server 2003 is a matrix that allows a user to be assigned to multiple Groups depending on her role in the system. Also, multiple Categories can be assigned to a Group to define specific conditional data requirements for users in the Group. These combinations provide a mix of functionality and data access appropriate for the roles the user will perform using Project Server.

Project Server security is complex. A thorough understanding of and adherence to best practices will guarantee a successful configuration and enhance your ability to easily maintain the complex criteria of Project Server system security as shown in Figure 8.1.

Figure 8.1. Security model process flow diagram.