VBrick Systems ETV v3.1 manual Authentication, Authorization, VBrick Database

Page 54

functionality of the ETV Portal Server Access Control system, it is beneficial to define some of terms that will be used throughout the remainder of this document.

Authentication

Authentication is the process of identifying an individual, usually based on a username and password. In security systems, authentication is distinct from authorization (see below), which is the process of providing individuals access to resources based on their identity. Authentication merely ensures that the individual is who he or she claims to be, but says nothing about the access rights of the individual.

The ETV Portal Server Access Control system allows administrators to authenticate users against the ETV Portal Server database or authenticate users against an LDAP directory. More details on the different authentication databases are given below.

Authorization

Authorization is the process of granting or denying access to a network resource. Most computer security systems are based on a two-step process. The first stage is authentication, which ensures that a user is who he or she claims to be. The second stage is authorization, which allows the user access to various resources based on the user's identity. In the ETV Portal Server, all authorization is done directly on the ETV Portal Server, through the ETV Portal Server database.

LDAP

LDAP stands for Lightweight Directory Access Protocol which is a set of protocols for accessing information directories. The LDAP standard defines both a network protocol for accessing information from the directory and an extensible structure for defining how the information is organized in the directory. The advantage of using an LDAP directory is centralized management of users. For example, a new user needs only to be entered once into the LDAP directory and all future modifications to that user can be done in the same central location. Different applications can authenticate and/or authorize users against the LDAP directory.

There are numerous LDAP directory products on the market today, but the most popular are Microsoft Active Directory, Novell eDirectory, Sun iPlanet, and OpenLDAP. VBrick supports major LDAP vendors but only Microsoft Active Directory and Novell eDirectory are fully tested and supported.

VBrick Database

The ETV Portal Server server ships by default with the MySQL database, which is a fully ODBC-compliant database. (Open Database Connectivity is a standard database access method.) For those environments that have not migrated to an LDAP directory-based user management system, all of the authentication functionality can be done directly in the ETV Portal Server database itself. Also, for those environments that are using LDAP directories for Authentication, all of the Authorization functionality also takes place in the ETV Portal Server database. Additionally, to reduce the chance of system lockout, all Administrative Users are located in the ETV Portal Server database.

Resources and Resource Groups

In the ETV Portal Server, providing a user with Resources refers to providing them access to a particular functionality of the EtherneTV system. These include the ability to view Live

46

© 2005 VBrick Systems, Inc.

Page 53 Page 55
Image 54
Page 53 Page 55
Contents VBrick EtherneTV Portal Server Copyright About VBrick SystemsContents Access Control Auto Content Ingestion Contents Organization Font ConventionsRelated Documents Printer-FriendlyOverview Downloaded ComponentsMySQL ETV Portal ServerServer Requirements Desktop RequirementsEnd User Features Windows PCsEtherneTV Video-on-Demand Server Administrative FeaturesAdditional ETV Components EtherneTV-STB Set-Top BoxETV Network Video Recorder Additional Portal Server ComponentsVBrick Encoders/Decoders ETV Live Portal ServerPortal Server License Files Live Portal Server User InterfaceLicense File Description License Errors Administrator Login Administrator OptionsOption Description Global Settings Global AssignmentsFunction Description Only be done if advised by a VBrick technician or Network Custom Fields Customize Streams Add Link Servers Add/Modify Video On-Demand ServersAdd/Modify On-Demand Content Folders VBricks Select Add VBricks and click Submit To Configuration System Securit y IWS Server Port Advanced Settings Set Top BoxesAdministration To add a Recorder configuration RecordersSelect Add Recorders and click Submit Script Devices Scripts Select Add Scripts and click Submit URLs Add/Modify a URL for a Live Video StreamVOD Content URLNon-Video to Content PC Users Only Emergency Broadcast Administration VBrick Systems, Inc Administration Modify VOD Content Access ControlAdministration Required by ETV Portal Server. Case sensitive. Must begin Using Single Sign-On Using Ldap Servers with SSL Installing the Root CertificateClick Browse Diagnostics Resolving Other Security AlertsStatus Help LogoutAccess Control DefinitionsVBrick Database AuthenticationAuthorization Resources and Resource GroupsSTB Authentication Authentication by PINAuthentication by IP Address Setup and Configure the EtherneTV SystemChoose an Authentication Method Create User Groups on the Portal Server Create Resource Groups on the Portal ServerLdap Directory Server Users Create Users on the ETV Portal ServerAssign Resources to Users or User Groups VBrick Systems, Inc Add/Modify User Information Assigning Privileges to UsersAdd/Modify Users Resource Group Assignments Allow Access to Specific VOD ServersAdd/Modify Users Group Assignments Add/Modify Live Channel PrivilegesAllow Content Publishing Allow Access to Specific VOD ContentAllow Viewing by Content Type Allow Content RecordingUser Groups Add/Modify Group Information Add/Modify Groups User AssignmentsAdd/Modify Groups Resource Assignments Resource Groups Add/Modify Resource Group Information Add/Modify Users Resource AssignmentsVBrick Systems, Inc Configuring for SSL Generate a Certificate RequestInstall the Certificate Submit a Certificate RequestConfigure Resources for SSL VBrick Systems, Inc Auto Content Ingestion Removing Closed Captions To remove the closed captions track from MPEG-4 files VBrick Systems, Inc Index Index ETV Portal Server Administrator Guide Index Page VBrick Systems, Inc Beaumont Road Wallingford, Connecticut
Top Page Image Contents