Every secured element in IBM Cúram Social Program Managementis given a security identifier (SID) that is unique across the entire application.
The authorization process is built into the infrastructure and once the securable elements have been identified, the rest is handled by code generators, scripts and the Cúram Administration screens. The analysis of what elements must be securable is a manual process that must be done by the developer or security administrator. This section outlines the infrastructure available to set up authorization.
The first type of authorization to consider is that of the process method(facade) also known as function-level security . In the Cúram model, a developer may choose if security is switched on or off at the process method level. The option applies only to Business Process Objects (BPOs) since they encapsulate the calls exposed to the client. Entity object methods are not included in the authorization process.
There are a number of types of SIDs and these include: