Security Overview

Ignition uses the concept of role-based security throughout. Role-based security is the concept that each user  may be assigned to various roles. Security policies are then defined in terms of these roles, rather than defined for specific users. This allows users to be reassigned, removed, and added without affecting the logic of the security policy.

The users and their roles are defined in authentication profiles. An Ignition Gateway may have many different authentication profiles defined, each governing the security of different aspects of the Gateway. For example, logging into the Gateway configuration web interface might be governed by one authentication profile, while the security for a project is governed by another.

There are many different types of authentication profiles that offer various features. For example, the Internal authentication profile offers the ultimate in ease-of-use: you simple define the users, their passwords, and the roles within the Ignition Gateway configuration web interface. In contrast, the Active-Directory authentication profile offers the power of integrating Ignition with a corporate security infrastructure. Users, passwords, and roles would be managed centrally by the IT department.

Security policies can be defined for many different parts of the system. For example: