The Aras Innovator Identity Permissions security model is an Identity membership-based security scheme combined with a “need to know” object-level access list technology developed in partnership with Aras aerospace & defense industry customers. User’s are assigned to Identities (analogous to Groups) and all tasks, objects, forms etc. have a ‘need-to-know’ list of Identities that are allowed to access them for read, update, management and deletion.
Similar to ActiveDirectory, the Identity based security scheme is a membership manager. Each user is assigned membership into one of more groups (Identities). Those groups have a hierarchy of membership within other groups, inheriting the rights of the organizations of which they are members. Each business item (BOM, Drawing, Supplier, Workflow, Material Master, etc.) has a default access assigned to it upon creation. This default is then modified, as required, for each instance of the business item, throughout its lifecycle, to produce a true “need-to-know” list for each. Company business rules determine the level of security required; simple broad-brush, role based access or specific “need-to-know” lists of individuals for each Item/object. The power and flexibility of this model enables companies to include their suppliers and customers as real-time users within the PLM system with the confidence that visibility is restricted and intellectual property is protected.