In IBM Cúram Social Program Managementthe process of granting or refusing a user access to functional elements of an application is called authorization. The functional element can be anything to which a unique identifier can be attached, such as:
Access to the functional element is controlled by a Security Identifier (SID) that forms part of the IBM Cúram Social Program Managementauthorization data. This data is linked to a user and can be configured through the Cúram Administration screens or through the Data Manager. The Cúram Server Developer's Guide should be consulted for further details.
The security data created for authorization is central to the processing performed during every client-server call, and it is important that access be optimized for performance reasons. The Cúram Security Cache is responsible for caching authorization data for a user. Cúram Security Cache should be consulted for further details.
The following sections describe the relationship for these authorization concepts and how this works within IBM Cúram Social Program Management.