June 17, 2010 at 2:20 am
We have a Data Warehouse in SQL Server 2005 (soon to be 2008) with some confidential and sensitive information.
Some users should only be allowed to see some certain Columns, e.g. Gross Profit, i.e. Column-level and some Regions should only see their data and not the other Regions, i.e. Row-level.
I've been searching for this and it seems best to use a View setup for this in the DB-layer.
Does anyone have any best-practice, example or recommendations for this?
Today, we've put some of this logic in SSAS, but some users need to omit the OLAP cube and access the DB layer directly and for this we need to create another security/permission layer in the DB itself.
June 17, 2010 at 5:15 am
Hi,
I'm not sure about the security issue but have you tried creating Perspetive in SSAS Cubes...
Perspective meet your requirements....
Raunak J
June 17, 2010 at 6:48 am
Thanks, but yes we've perspectives in the Cube. But if you want to do more detailed analyses you may want to omit the cube and access the DB layer directly. What I'm thinking about is a view solution in a semantic layer where the data can be accessible.
However, I'm not yet quite sure of the setup of such a solution.
The users will be connected to different AD (Active Directory) groups and the AD-groups can be connected to DB roles?
Viewing 3 posts - 1 through 3 (of 3 total)
You must be logged in to reply to this topic. Login to reply