Voyager Security Overview

Owned by PS Development
Dec 05, 2023
2 min read

The Voyager security model is designed to provide robust and flexible control over access to data within its registry.

Core Principles of the Voyager Security Model:

  1. Security Realms and Group Associations:

    • Administrators configure "security realms," which are essentially domains or environments within which security policies are applied.

    • Users are associated with specific groups within these realms, determining their access privileges.

  2. Granular Access Control:

    • Access to data can be controlled at the level of individual indexing repositories.

    • Administrators can specify what data a user or a group of users can or cannot see, offering fine-grained control over data accessibility.

  3. Dynamic Configuration:

    • The security model allows for dynamic configuration, meaning the access rules can change based on various parameters.

    • This flexibility extends to all the features of Voyager's search capabilities, including keyword searches, faceted queries, spatial searches, and range values.

Advanced Features:

  1. Integration with External Authentication Systems:

    • A prime example is the integration with Windows authentication tokens.

    • Voyager can incorporate these tokens into its registry, understanding what content a user can access on the Windows file system.

  2. Application in Search Queries:

    • When a user queries the catalog, Voyager assesses their associated Windows groups.

    • Based on this information, the system automatically filters search results, hiding content that the user is not authorized to access.

  3. Comprehensive Redaction:

    • Any parameter used to find information in Voyager can also be used to redact items from a user's query.

    • This ensures that users only see search results that they are authorized to view.

Overall Impact:

  • Enhanced Security: Ensures sensitive or restricted data is only accessible to authorized users, maintaining data confidentiality and compliance with security policies.

  • User-Specific Data Access: Tailors the user experience by presenting only the data relevant and permitted for each user, enhancing both security and usability.

  • Operational Flexibility: Allows for both static and dynamic configurations of access controls, adaptable to various organizational needs and changes.

  • Seamless Integration: By leveraging existing authentication systems like Windows, Voyager simplifies user management and enhances the security model's effectiveness.

In summary, the Voyager security model offers a sophisticated approach to data access control, combining flexibility with robust security measures. It integrates seamlessly with existing systems and utilizes a dynamic, user-centric approach to ensure that each user has the appropriate level of access to the repository's data.